x-kom hosting

Błędy na jednym z kont użytkowników - proszę o spr. loga

Seba1990
utworzono
utworzono (edytowane)

Witam. Przy uruchomieniu konta użytkownika wyskakują mi te błędy:

1. http://i47.tinypic.com/k2fyv5.jpg

2. http://i47.tinypic.com/2r23b46.jpg

Wzięło się to chyba z tego, że na jednym z piłkarskich forum wyskoczył mi wirus, oczywiście od razu został usunięty, ale chyba zdążył namehrać.

Aktualizacje mam zainstalowane (SP3) wiec ten motyw odpada. Porty potrzebne do rozwiązania tego problemu też pozamykane i też nic to nie dało. Skanowałem również programem od robaków (znalazł jednego i usunął). Błędy rejestru też zostały przeskanowane i naprawione. Skończyły mi się już pomysły.

Podkreślam że błędy wyskakują tylko na jednym z kont użytkownika.

[log]OTL logfile created on: 2010-05-23 00:05:46 - Run 6
OTL by OldTimer - Version 3.2.1.3 Folder = C:\Program Files
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 170,65 Gb Free Space | 73,28% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SEBA-YOT1CPDJF4
Current User Name: Seba
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-04-21 00:51:05 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe
PRC - [2010-04-03 19:23:16 | 000,154,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2010-01-11 16:21:52 | 000,246,504 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2009-12-17 18:14:11 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2008-12-03 13:47:34 | 001,205,760 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2008-11-11 10:38:06 | 000,620,544 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2008-10-23 22:44:00 | 000,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
PRC - [2008-10-23 22:43:56 | 000,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
PRC - [2008-09-19 09:52:04 | 000,130,560 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2008-07-17 21:55:38 | 000,266,497 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
PRC - [2008-06-03 09:02:34 | 000,119,808 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2008-04-14 22:51:52 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2008-04-14 22:51:52 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:50 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 22:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2006-01-30 21:13:32 | 000,035,328 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-04-21 00:51:05 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe
MOD - [2008-11-04 00:03:36 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 22:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 22:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2008-11-21 00:12:38 | 000,361,728 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2008-11-11 10:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008-10-23 22:44:00 | 000,068,865 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler)
SRV - [2008-10-23 22:43:56 | 000,151,297 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService)
SRV - [2008-07-18 16:05:40 | 000,028,416 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-04-04 00:55:31 | 010,232,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009-05-27 23:37:18 | 000,022,360 | ---- | M] (Avira GmbH) [File_System | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgntmgr.sys -- (avgntmgr)
DRV - [2009-05-27 23:37:17 | 000,075,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009-05-27 23:37:17 | 000,045,400 | ---- | M] (Avira GmbH) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgntdd.sys -- (avgntdd)
DRV - [2009-01-11 16:29:54 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008-09-15 08:56:34 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008-09-15 08:56:24 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008-09-15 08:56:24 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008-09-15 08:56:24 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008-02-01 16:17:12 | 000,138,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2008-02-01 16:17:06 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2008-01-23 23:25:32 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tapvpn.sys -- (tapvpn)
DRV - [2007-04-03 17:22:12 | 000,260,224 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbvm323.sys -- (ZSMC326) Vimicro USB2.0 PC Camera(VC0323)
DRV - [2007-03-01 11:34:36 | 000,028,352 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2007-02-06 18:43:26 | 000,090,880 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007-01-30 12:57:00 | 004,474,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-10-01 20:37:02 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tap0801.sys -- (tap0801)
DRV - [2006-08-08 12:25:40 | 000,476,672 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vmfilter323.sys -- (vmfilter323)
DRV - [2005-08-30 22:02:26 | 000,019,034 | R--- | M] (Kingsun Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KS-959.sys -- (KS-959)
DRV - [2004-08-22 16:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\d347prt.sys -- (d347prt)
DRV - [2004-08-22 16:31:10 | 000,155,136 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\d347bus.sys -- (d347bus)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = http://www.google.pl/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-725345543-1645522239-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-725345543-1645522239-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "BearShare Web Search"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..browser.search.selectedEngine: "BearShare Web Search"
FF - prefs.js..browser.startup.homepage: "http://google.pl/"
FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.0
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.685
FF - prefs.js..keyword.URL: "http://search.bearshare.com/webResults.html?src=ffb&q="
FF - prefs.js..network.proxy.type: 4


FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009-03-07 02:31:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-04-03 13:31:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-04-03 13:31:08 | 000,000,000 | ---D | M]

[2008-09-30 15:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Extensions
[2010-04-20 19:53:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\t9qbj4hv.default\extensions
[2009-11-30 02:51:38 | 000,000,000 | ---D | M] (MediaBar) -- C:\Documents and Settings\Seba\Dane aplikacji\Mozilla\Firefox\Profiles\t9qbj4hv.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
[2010-04-24 18:37:47 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008-11-11 09:38:54 | 000,663,552 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2009-07-26 20:51:31 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-05-06 22:56:55 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-05-06 22:56:55 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-05-06 22:56:55 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-05-06 22:56:55 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-05-06 22:56:55 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009-11-30 03:19:23 | 000,161,317 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 abcsearch.com
O1 - Hosts: 127.0.0.1 admin.abcsearch.com
O1 - Hosts: 127.0.0.1 www3.abcsearch.com #[Browseraid]
O1 - Hosts: 127.0.0.1 www.abcsearch.com
O1 - Hosts: 127.0.0.1 abc517.net #[Trojan.Mitglieder.H]
O1 - Hosts: 127.0.0.1 acestats.com
O1 - Hosts: 127.0.0.1 www.acestats.com
O1 - Hosts: 127.0.0.1 actualnames.com #[Parasite.ActualNames]
O1 - Hosts: 127.0.0.1 www.actualnames.com
O1 - Hosts: 127.0.0.1 ad-up.com
O1 - Hosts: 127.0.0.1 www.ad-up.com
O1 - Hosts: 127.0.0.1 adatom.com
O1 - Hosts: 127.0.0.1 aesp.adatom.com
O1 - Hosts: 127.0.0.1 adbest.com
O1 - Hosts: 127.0.0.1 adserv.adbonus.com
O1 - Hosts: 127.0.0.1 www.adbonus.com
O1 - Hosts: 127.0.0.1 www.adblaster2.info #[Restricted Zone site]
O1 - Hosts: 127.0.0.1 ad2.adcept.net
O1 - Hosts: 127.0.0.1 ad3.adcept.net
O1 - Hosts: 127.0.0.1 www.adcept.net
O1 - Hosts: 127.0.0.1 adcomplete.com
O1 - Hosts: 127.0.0.1 www.adcomplete.com
O1 - Hosts: 127.0.0.1 www.adcopy.info
O1 - Hosts: 127.0.0.1 ads.adcorps.com
O1 - Hosts: 4671 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Tłumaczenie) - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll (Techland)
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-725345543-1645522239-839522115-1003\..\Toolbar\WebBrowser: (no name) - {0388BA0C-C7F1-4E6A-BD7A-B59623F33363} - No CLSID value found.
O3 - HKU\S-1-5-21-725345543-1645522239-839522115-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKU\S-1-5-21-725345543-1645522239-839522115-1003..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - Startup: C:\Documents and Settings\Seba\Menu Start\Programy\Autostart\wwwzuc32.exe (Moore Computer Consultants, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-725345543-1645522239-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-725345543-1645522239-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-725345543-1645522239-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 01 00 00 00 [binary data]
O7 - HKU\S-1-5-21-725345543-1645522239-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-725345543-1645522239-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O9 - Extra 'Tools' menuitem : @C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll (Techland)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.228.7.226 217.172.224.92
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-12-08 19:24:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2007-12-08 20:13:44 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-05-23 00:05:21 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Seba\Recent
[2010-05-14 16:25:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google
[2010-05-14 16:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
[2010-05-14 16:19:54 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010-05-06 00:01:20 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010-05-06 00:00:52 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010-05-06 00:00:40 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010-04-21 00:51:02 | 000,562,176 | ---- | C] (OldTimer Tools) -- C:\Program Files\OTL.exe
[2010-04-18 21:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Tibia
[2010-04-02 00:34:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Moje dokumenty\Updater
[2009-01-07 22:13:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Mozilla
[2009-01-07 22:08:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Mozilla
[2008-09-02 20:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2008-05-23 20:27:06 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2008-05-23 20:27:06 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
[2007-12-08 19:26:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2007-12-08 19:23:53 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2007-12-08 19:23:53 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2004-11-24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-05-23 01:25:01 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-05-23 00:53:05 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010-05-23 00:52:58 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-05-23 00:52:51 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-05-23 00:52:48 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-05-23 00:52:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-05-23 00:51:44 | 007,077,888 | ---- | M] () -- C:\Documents and Settings\Seba\NTUSER.DAT
[2010-05-23 00:51:44 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Seba\ntuser.ini
[2010-05-22 23:59:00 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1645522239-839522115-1003UA.job
[2010-05-22 01:41:31 | 007,077,888 | ---- | M] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_72481
[2010-05-22 01:41:27 | 003,180,446 | -H-- | M] () -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-05-21 22:49:00 | 000,000,012 | ---- | M] () -- C:\Documents and Settings\Seba\Dane aplikacji\qvjsge.dat
[2010-05-21 22:48:55 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Seba\Dane aplikacji\avdrn.dat
[2010-05-21 21:59:00 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1645522239-839522115-1003Core.job
[2010-05-18 12:33:52 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2010-05-07 19:28:52 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Microsoft Office Word 2003.lnk
[2010-05-07 14:24:04 | 000,000,781 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-05-07 00:07:16 | 002,823,776 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\fifa 9.db
[2010-05-06 00:28:52 | 007,077,888 | ---- | M] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_54697
[2010-04-29 20:00:25 | 000,002,295 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Google Chrome.lnk
[2010-04-21 00:51:05 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Program Files\OTL.exe
[2010-04-19 18:59:19 | 000,000,012 | ---- | M] () -- C:\Documents and Settings\Seba\Dane aplikacji\kcmdte.dat
[2010-04-13 01:29:16 | 000,000,665 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Gadu-Gadu.lnk
[2010-04-11 16:32:56 | 000,002,513 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Microsoft Office PowerPoint 2003.lnk
[2010-04-05 20:24:33 | 000,054,272 | ---- | M] () -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-04-05 20:23:29 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-04-05 15:44:58 | 000,000,320 | ---- | M] () -- C:\WINDOWS\mafosav.INI
[2010-04-05 15:44:46 | 000,000,100 | ---- | M] () -- C:\WINDOWS\forevermopt.INI
[2010-04-04 00:55:31 | 002,183,470 | ---- | M] () -- C:\WINDOWS\System32\nvdata.bin
[2010-04-04 00:55:31 | 000,061,440 | ---- | M] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010-04-04 00:55:31 | 000,009,046 | ---- | M] () -- C:\WINDOWS\System32\nvinfo.pb
[2010-04-03 19:22:32 | 000,066,714 | ---- | M] () -- C:\WINDOWS\System32\NvwsApps.xml
[2010-03-31 12:32:49 | 007,077,888 | ---- | M] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_72092
[2010-03-31 11:45:44 | 001,083,208 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-03-31 11:45:44 | 000,488,326 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-03-31 11:45:44 | 000,430,632 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-03-31 11:45:44 | 000,083,486 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-03-31 11:45:44 | 000,067,356 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-05-23 01:42:50 | 000,055,296 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\Seconfig XP.exe
[2010-05-22 01:41:26 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_72481.LOG
[2010-05-22 00:17:36 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\NetworkService\Dane aplikacji\qvjsge.dat
[2010-05-21 22:49:00 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\Seba\Dane aplikacji\qvjsge.dat
[2010-05-21 22:48:55 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Seba\Dane aplikacji\avdrn.dat
[2010-05-18 12:33:52 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2010-05-14 16:20:03 | 000,001,032 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-05-14 16:20:02 | 000,001,028 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-05-06 00:28:46 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_54697.LOG
[2010-05-06 00:00:49 | 002,183,470 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010-04-19 18:59:19 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\Seba\Dane aplikacji\kcmdte.dat
[2010-04-13 01:29:16 | 000,000,665 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\Gadu-Gadu.lnk
[2010-04-03 19:22:32 | 000,276,202 | ---- | C] () -- C:\WINDOWS\System32\NvApps.xml
[2010-04-03 19:22:32 | 000,066,714 | ---- | C] () -- C:\WINDOWS\System32\NvwsApps.xml
[2010-03-31 12:32:43 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_72092.LOG
[2010-03-04 01:33:11 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_96273.LOG
[2010-02-11 03:33:31 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_39213.LOG
[2010-02-05 21:31:47 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\sknc.dll
[2010-01-14 02:43:09 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_34942.LOG
[2010-01-12 23:53:41 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2009-11-30 03:56:35 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_40035.LOG
[2009-11-09 03:55:20 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_23475.LOG
[2009-10-03 13:28:39 | 005,955,584 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_49504
[2009-10-02 02:09:47 | 000,076,407 | ---- | C] () -- C:\Documents and Settings\Seba\Dane aplikacji\Smiley.ico
[2009-09-15 23:06:37 | 000,000,162 | ---- | C] () -- C:\WINDOWS\JZK.INI
[2009-05-09 01:46:32 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_42813.LOG
[2009-03-30 20:21:13 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_78090.LOG
[2009-02-26 02:55:54 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_14040.LOG
[2009-02-07 23:33:21 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_12471.LOG
[2009-02-02 00:06:36 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_75741.LOG
[2009-02-01 01:01:06 | 002,448,800 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2009-01-22 03:08:07 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_86142.LOG
[2009-01-15 03:07:21 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_83488.LOG
[2009-01-11 14:12:17 | 000,000,992 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009-01-08 22:31:19 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_57407.LOG
[2008-12-28 03:56:41 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_78347.LOG
[2008-12-14 02:33:13 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_54235.LOG
[2008-12-13 03:19:40 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\Seba\ntuser.pol
[2008-12-12 00:38:06 | 000,000,978 | ---- | C] () -- C:\WINDOWS\EnglishTranslator.INI
[2008-12-08 00:01:58 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_55629.LOG
[2008-12-07 17:21:02 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2008-12-05 20:21:58 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_44470.LOG
[2008-12-05 03:31:19 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\KGyGaAvL.sys
[2008-12-03 21:15:25 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_33872.LOG
[2008-12-01 02:30:42 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_30549.LOG
[2008-11-26 23:56:36 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_77350.LOG
[2008-11-26 19:00:07 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_66335.LOG
[2008-11-21 00:28:36 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_TU_70078.LOG
[2008-10-07 10:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008-08-22 23:31:11 | 000,000,414 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2008-06-05 08:58:26 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-03-27 10:28:52 | 000,126,464 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2008-02-25 13:13:17 | 000,000,776 | ---- | C] () -- C:\Documents and Settings\All Users\Nokia Connectivity Cable Driver 1.00.150.2.LOG
[2008-02-16 16:16:52 | 000,000,736 | ---- | C] () -- C:\WINDOWS\DigimaxMaster.INI
[2008-01-29 15:26:58 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\.zreglib
[2008-01-08 20:25:01 | 000,000,057 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007-12-24 22:55:22 | 000,000,254 | ---- | C] () -- C:\WINDOWS\naglos.INI
[2007-12-10 16:44:12 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007-12-09 21:09:05 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007-12-09 00:54:05 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2007-12-09 00:01:16 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007-12-08 22:35:54 | 000,054,272 | ---- | C] () -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007-12-08 21:39:00 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\addr_file.html
[2007-12-08 19:26:56 | 007,077,888 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_96273
[2007-12-08 19:26:56 | 007,077,888 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_72481
[2007-12-08 19:26:56 | 007,077,888 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_72092
[2007-12-08 19:26:56 | 007,077,888 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_54697
[2007-12-08 19:26:56 | 007,077,888 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT
[2007-12-08 19:26:56 | 006,815,744 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_39213
[2007-12-08 19:26:56 | 006,815,744 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_34942
[2007-12-08 19:26:56 | 006,291,456 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_40035
[2007-12-08 19:26:56 | 006,291,456 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_23475
[2007-12-08 19:26:56 | 006,029,312 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_78090
[2007-12-08 19:26:56 | 006,029,312 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_42813
[2007-12-08 19:26:56 | 005,767,168 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_14040
[2007-12-08 19:26:56 | 005,767,168 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_12471
[2007-12-08 19:26:56 | 005,505,024 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_86142
[2007-12-08 19:26:56 | 005,505,024 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_83488
[2007-12-08 19:26:56 | 005,505,024 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_75741
[2007-12-08 19:26:56 | 005,242,880 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_57407
[2007-12-08 19:26:56 | 004,980,736 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_78347
[2007-12-08 19:26:56 | 004,980,736 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_55629
[2007-12-08 19:26:56 | 004,980,736 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_54235
[2007-12-08 19:26:56 | 004,980,736 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_44470
[2007-12-08 19:26:56 | 004,718,592 | -H-- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_70078
[2007-12-08 19:26:56 | 004,718,592 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_77350
[2007-12-08 19:26:56 | 004,718,592 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_66335
[2007-12-08 19:26:56 | 004,718,592 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_33872
[2007-12-08 19:26:56 | 004,718,592 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT_BAK_30549
[2007-12-08 19:26:56 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Seba\ntuser.dat.LOG
[2007-12-08 19:26:56 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\Seba\ntuser.ini
[2007-07-01 13:12:14 | 003,145,728 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2007-07-01 12:59:22 | 000,517,632 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2007-06-17 13:43:56 | 000,405,504 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2007-06-12 13:21:26 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2007-03-29 23:00:40 | 000,203,264 | ---- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2007-01-09 19:05:50 | 000,026,112 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2004-10-03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004-08-22 17:04:56 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2004-01-02 01:28:29 | 000,000,100 | ---- | C] () -- C:\WINDOWS\forevermopt.INI
[2004-01-02 01:28:13 | 000,000,320 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2004-01-02 00:05:12 | 000,092,400 | ---- | C] () -- C:\WINDOWS\ktkm7.dll
[2004-01-02 00:05:12 | 000,058,192 | ---- | C] () -- C:\WINDOWS\ktkm6.dll
[2004-01-02 00:05:12 | 000,055,186 | ---- | C] () -- C:\WINDOWS\ktkm5.dll
[2004-01-02 00:05:12 | 000,030,166 | ---- | C] () -- C:\WINDOWS\ktkm9.dll
[2004-01-02 00:05:12 | 000,023,364 | ---- | C] () -- C:\WINDOWS\ktkm8.dll
[2004-01-02 00:05:12 | 000,022,926 | ---- | C] () -- C:\WINDOWS\ktkm4.dll
[2004-01-02 00:05:11 | 000,268,621 | ---- | C] () -- C:\WINDOWS\ktkm33.dll
[2004-01-02 00:05:11 | 000,098,442 | ---- | C] () -- C:\WINDOWS\ktkm35.dll
[2004-01-02 00:05:11 | 000,082,542 | ---- | C] () -- C:\WINDOWS\ktkm37.dll
[2004-01-02 00:05:11 | 000,020,926 | ---- | C] () -- C:\WINDOWS\ktkm36.dll
[2004-01-02 00:05:11 | 000,010,240 | ---- | C] () -- C:\WINDOWS\ktkm34.dll
[2004-01-02 00:05:10 | 000,326,441 | ---- | C] () -- C:\WINDOWS\ktkm32.dll
[2004-01-02 00:05:10 | 000,197,408 | ---- | C] () -- C:\WINDOWS\ktkm29.dll
[2004-01-02 00:05:10 | 000,128,042 | ---- | C] () -- C:\WINDOWS\ktkm30.dll
[2004-01-02 00:05:10 | 000,116,841 | ---- | C] () -- C:\WINDOWS\ktkm26.dll
[2004-01-02 00:05:10 | 000,100,786 | ---- | C] () -- C:\WINDOWS\ktkm28.dll
[2004-01-02 00:05:10 | 000,081,427 | ---- | C] () -- C:\WINDOWS\ktkm31.dll
[2004-01-02 00:05:10 | 000,065,092 | ---- | C] () -- C:\WINDOWS\ktkm27.dll
[2004-01-02 00:05:10 | 000,022,657 | ---- | C] () -- C:\WINDOWS\ktkm3.dll
[2004-01-02 00:05:09 | 000,538,410 | ---- | C] () -- C:\WINDOWS\ktkm20.dll
[2004-01-02 00:05:09 | 000,524,537 | ---- | C] () -- C:\WINDOWS\ktkm18.dll
[2004-01-02 00:05:09 | 000,370,880 | ---- | C] () -- C:\WINDOWS\ktkm22.dll
[2004-01-02 00:05:09 | 000,126,720 | ---- | C] () -- C:\WINDOWS\ktkm23.dll
[2004-01-02 00:05:09 | 000,070,888 | ---- | C] () -- C:\WINDOWS\ktkm19.dll
[2004-01-02 00:05:09 | 000,066,908 | ---- | C] () -- C:\WINDOWS\ktkm17.dll
[2004-01-02 00:05:09 | 000,064,070 | ---- | C] () -- C:\WINDOWS\ktkm21.dll
[2004-01-02 00:05:09 | 000,056,992 | ---- | C] () -- C:\WINDOWS\ktkm24.dll
[2004-01-02 00:05:09 | 000,049,094 | ---- | C] () -- C:\WINDOWS\ktkm25.dll
[2004-01-02 00:05:09 | 000,020,974 | ---- | C] () -- C:\WINDOWS\ktkm2.dll
[2004-01-02 00:05:08 | 000,803,601 | ---- | C] () -- C:\WINDOWS\ktkm16.dll
[2004-01-02 00:05:08 | 000,524,164 | ---- | C] () -- C:\WINDOWS\ktkm12.dll
[2004-01-02 00:05:08 | 000,307,617 | ---- | C] () -- C:\WINDOWS\ktkm15.dll
[2004-01-02 00:05:08 | 000,209,936 | ---- | C] () -- C:\WINDOWS\ktkm14.dll
[2004-01-02 00:05:08 | 000,099,867 | ---- | C] () -- C:\WINDOWS\ktkm13.dll
[2004-01-02 00:05:08 | 000,096,166 | ---- | C] () -- C:\WINDOWS\ktkm1.dll
[2004-01-02 00:05:08 | 000,062,631 | ---- | C] () -- C:\WINDOWS\ktkm11.dll
[2004-01-02 00:05:08 | 000,058,015 | ---- | C] () -- C:\WINDOWS\ktkm10.dll

[color=#E56717]========== LOP Check ==========[/color]

[2009-10-02 02:09:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\379C
[2008-10-22 00:12:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ashampoo
[2009-07-04 22:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2010-02-22 23:14:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2009-03-08 01:45:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2009-11-30 03:19:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Kazaa Lite
[2009-02-25 20:20:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2010-01-13 20:08:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2009-02-05 21:18:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2008-11-23 02:55:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2008-11-21 00:12:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software
[2010-02-17 04:24:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Dane aplikacji\Chrome
[2008-11-02 15:46:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Dane aplikacji\Gadu-Gadu
[2010-02-23 00:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Dane aplikacji\Gadu-Gadu 10
[2009-07-05 18:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Dane aplikacji\Nokia
[2008-07-21 23:11:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Dane aplikacji\Nokia Multimedia Player
[2009-07-05 18:40:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Dane aplikacji\PC Suite
[2008-09-04 17:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Dane aplikacji\Tlen.pl
[2008-12-02 19:21:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Dane aplikacji\TuneUp Software
[2009-10-29 04:25:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\aMule
[2008-11-19 15:43:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\BitSpirit
[2010-03-15 23:19:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\FDRLab
[2008-06-09 23:14:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\Gadu-Gadu
[2010-03-04 00:59:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\Gadu-Gadu 10
[2008-10-23 14:46:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\Leadertech
[2009-03-07 02:32:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\Nokia
[2009-05-16 01:01:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\Nowe Gadu-Gadu
[2008-10-24 16:39:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\Nugget Software
[2010-01-13 15:56:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\OpenFM
[2009-02-11 18:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\OpenOffice.org
[2009-03-07 02:33:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\PC Suite
[2010-04-18 21:42:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\Tibia
[2007-12-09 00:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\Tlen.pl
[2008-02-28 17:11:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\TuneUp Software
[2010-05-06 00:17:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\uTorrent

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2007-12-08 19:24:07 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2008-09-26 14:10:32 | 000,000,211 | -HS- | M] () -- C:\BOOT.BXP
[2009-01-07 23:45:49 | 000,000,194 | -HS- | M] () -- C:\boot.ini
[2001-07-22 00:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2007-12-08 19:24:07 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2007-12-08 19:24:07 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2007-12-08 19:24:07 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008-09-26 14:05:08 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-09-26 14:05:08 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-05-23 00:52:34 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2001-08-17 21:58:00 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2002-09-20 19:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2002-08-29 02:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2002-09-20 19:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2002-08-29 02:27:56 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=6506E033AD04CFEC9EE56DBEFD1083DD -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2002-09-20 19:03:48 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=29B2476DBB81A31473F76DD2E0B9360C -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2002-08-29 03:09:26 | 000,167,552 | ---- | M] (Microsoft Corporation) MD5=3B350E5A2A5E951453F3993275A4523A -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe
[2002-09-20 19:05:50 | 000,519,168 | ---- | M] (Microsoft Corporation) MD5=8B6E6BB5D451F8BBC0621203B687D993 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 498 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:3B71D0B4[/log]

Z góry dziękuje za pomoc.

Sohei
komentarz
komentarz (edytowane)

Bardzo poważna infekcja. Proszę o pobranie programu combofix oraz wykonanie z niego loga:)

PAMIETAJ !!!zainstaluj konsole odzyskiwania gdyż bedziemy musieli podmienic zarazony plik.

http://forum.pcformat.pl/thread-9395-post-86939.html#pid86939

Zapoznaj sie z tym. Po przejsciu do konsoli wpisujesz w niej
expand X:\i386\WS2_32.DL_ C:\Windows\system32\ws2_32.dl
expand X:\i386\WS2_32.DL_ C:\Windows\system32\dllcache\ws2_32.dl

###UWAGI
X - litera Twojego napędu.

C - litera partycji, na której znajduje się system operacyjny.

UWAGA JEŚLI masz zainstalowanego SP3 to plytke z winda tez musisz miec z SP3 aby podmieniony plik zgadzal sie z wersja obecnego pliku

Seba1990
komentarz
komentarz (edytowane)

Teraz to już całkiem namieszane. Zacząłem robić scan, bez połączenia z netem i konsoli odzyskiwania. Po chwili combofix znalazł jakiegoś roota i zresetował mi komputer. Po ponownym uruchomieniu combofix znowu zaczął robić scan i usuwać pliki rejestru (beckup) programu Error Repair Professional, wyrzucił także wwwzuc32.exe oraz jakieś pliki dll, po czym znowu zresetował komputer. Po tym restarcie i oknie ładowania systemu, system zamiast wchodzić w okno logowania samoczynnie się restartuje. Co najgorsze tryb awaryjny również się restartuje. Próbowałem także, uruchomić system przez ostatnia znana dobra konfigurację, ale także nie pomogło. Da radę jakoś to wszystko cofnąć przez bootowanie i naprawę? Nie znam tam za bardzo komend w tej naprawie więc proszę o pomoc. Mam tylko jedną partycje C, więc nie widzi mi się format bo utracę wszystkie dane. Mogłem nic nie ruszać i żyć sobie z tym walonym wirusem.

PS EDIT: A teraz po ładowaniu systemu zaczął wyskakiwać niebieski ekranik :|

STOP: c0000135 {Nie mozna znalezc skladnika}
Uruchomienie tej aplikacji nie powiodlo sie, ponieważ nie znaleziono KERNEL32.dll. Ponowne zainstalowanie aplikacji może naprawić ten problem.

Sohei
komentarz
komentarz (edytowane)

PISAŁEM ZE KONSOLA OBOWIAZKOWO!!!

Jakbys zainstalowal konsole nie bylo by problemu.

wkładasz do komputera płytkę z systemem i wykonujesz [url=http://www.searchengines.pl/index.php?showtopic=24500&view=findpost&p=109540]instalację nakładkową Windows[/url].




Do podmiany wciąż będa pliki .To że usuwał dll to bylo jasne bo bylo duzo dll zainfekowanych.
Bedziemy musieli podmienic 2 pliki. Instalacja nakladkowa windowsa odbywa się bez utraty danych.

Seba1990
komentarz
komentarz

Instalacja nakładowa to ostatni sposób? Nie da się jakoś po przywracać tych plików przez naprawę w bootowaniu? Nakładka ma dużo wad. Wszystkie wpisy rejestru kasuje i żadna z zainstalowanych aplikacji raczej nie będzie mi chodziła. A poza tym "Moje Dokumenty" też kasuje więc i tak danych nie odzyskam. Chyba lepszym rozwiązaniem będzie format... Wszystko od nowa i komp będzie czysty. Jak radzisz? Najbardziej wkurza to, że system chodził dwa lata i był zadbany. Jeden wirus i wszystko idzie się walić :(

Tomek01
komentarz
komentarz (edytowane)

A kto tu mówił że utracisz jakies dane ? :co:
Po prostu miałeś podmienić dwa pliki.
Masz infekcję sknc.dll która infekuje te biblioteki i trzeba je podmienić.
A konsola odzyskiwania to tylko dla Twojego bezpieczeństwa żeby w razie czego zrobić buckup.
A ty zrobiłeś po swojemu.

Sohei
komentarz
komentarz

[quote name='Seba1990' date='28 maj 2010 - 16:19' timestamp='1275060084' post='1028933']
Instalacja nakładowa to ostatni sposób? Nie da się jakoś po przywracać tych plików przez naprawę w bootowaniu? Nakładka ma dużo wad. Wszystkie wpisy rejestru kasuje i żadna z zainstalowanych aplikacji raczej nie będzie mi chodziła. A poza tym "Moje Dokumenty" też kasuje więc i tak danych nie odzyskam. Chyba lepszym rozwiązaniem będzie format... Wszystko od nowa i komp będzie czysty. Jak radzisz? Najbardziej wkurza to, że system chodził dwa lata i był zadbany. Jeden wirus i wszystko idzie się walić :(
[/quote]


Powiem tak zbootuj winde z plytki i wykonaj opcje repair jak nie pomoze to tylko instlacja nakladkowa. Pisałem bardzo wyraznie ze konsola to obowiazek w takim wlasnei przypadku dokonal bym podmiany konsola i wszystko by smigalo bez wirkow. A jak robisz swoje to tak sie wlasnei dzieje

  • Dobra wypowiedź 1
Seba1990
komentarz
komentarz

Dobra. Zrobiłem nakładke. Zabrałem z dysku (partycji c) 50 GB i zrobiłem z tego druga partycje. Poprzenosiłem ważniejsze pliki na nowa partycje, żeby ich nie utracić, po czym sformatowalem dysk C i zainstalowałem system od nowa. Innej opcji już chyba nie było, bo nakładka narobiła tylko syfu w rejestrze. Dzięki za porady. Pozostaje mieć nadzieję, że nowy system będzie działał tak długo jak stary :D

Sohei
komentarz
komentarz

Jeśli przenosilec pliki daj nowy zestaw logow.
OTL , RSIT ORAZ GMER

Seba1990
komentarz
komentarz (edytowane)

Zrobiłem loga OTL, logi z pozostałych dwóch programów wrzucę potem. Proszę o sprawdzenie czy wszystko jest już w porządku. :)

W nowo zainstalowanym systemie mam tylko problem na naprawą połączenia ponieważ wyskakuje mi ten komunikat:
http://i45.tinypic.com/5dp54m.jpg

[log]OTL logfile created on: 2010-06-01 00:48:18 - Run 2
OTL by OldTimer - Version 3.2.1.3 Folder = C:\Documents and Settings\Seba\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 92,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 182,78 Gb Total Space | 151,97 Gb Free Space | 83,15% Space Free | Partition Type: NTFS
Drive D: | 50,09 Gb Total Space | 35,95 Gb Free Space | 71,77% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SPECIAL-XP
Current User Name: Seba
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-05-30 02:58:20 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-05-30 01:56:16 | 000,604,416 | ---- | M] (TuneUp Software) -- C:\WINDOWS\system32\TUProgSt.exe
PRC - [2010-05-25 18:08:42 | 000,037,888 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2010-04-21 00:51:05 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Seba\Pulpit\OTL.exe
PRC - [2010-04-03 19:23:16 | 000,154,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2010-04-01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010-03-30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2010-03-02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-02-24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-01-14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009-11-11 10:57:36 | 001,451,520 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009-10-27 09:26:36 | 000,657,408 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009-10-27 09:15:44 | 000,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009-10-27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2008-04-14 22:51:52 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2008-04-14 22:51:52 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:50 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 22:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-01-30 12:54:00 | 016,116,224 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2001-10-15 14:30:29 | 000,196,608 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-04-21 00:51:05 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Seba\Pulpit\OTL.exe
MOD - [2008-05-02 08:48:16 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 22:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 22:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 22:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 22:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2008-04-14 22:29:10 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-05-30 01:56:16 | 000,604,416 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2010-05-30 01:56:14 | 000,361,216 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010-04-01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010-03-30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010-02-24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009-10-27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009-04-27 14:21:36 | 000,028,928 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-05-30 02:39:47 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-04-04 00:55:31 | 010,232,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010-03-01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010-02-16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009-05-11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009-05-11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-05-02 08:48:55 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\si3112.sys -- (Si3112)
DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007-02-06 18:43:26 | 000,090,880 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007-01-30 12:57:00 | 004,474,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-21-1960408961-1202660629-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-1960408961-1202660629-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2001-10-26 17:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (&Tłumaczenie) - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll (Techland)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-1960408961-1202660629-1177238915-1003..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1960408961-1202660629-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll (Techland)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-05-29 02:26:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{7cda0dc7-6bfc-11df-885e-0019dbe06d9d}\Shell\AutoRun\command - "" = ba.exe
O33 - MountPoints2\{7cda0dc7-6bfc-11df-885e-0019dbe06d9d}\Shell\open\Command - "" = ba.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010-06-01 00:42:03 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-06-01 00:48:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Seba\Recent
[2010-06-01 00:40:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2010-06-01 00:35:09 | 000,562,176 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Seba\Pulpit\OTL.exe
[2010-05-31 23:39:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Gadu-Gadu
[2010-05-31 23:36:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Gadu-Gadu
[2010-05-31 23:36:19 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu
[2010-05-31 01:57:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Symantec
[2010-05-31 00:50:57 | 000,000,000 | ---D | C] -- C:\Program Files\f1 2010 one-league.xaa.pl
[2010-05-30 23:53:31 | 000,000,000 | ---D | C] -- C:\Program Files\F1 Challenge 2007
[2010-05-30 22:28:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2010-05-30 22:27:59 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2010-05-30 18:49:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\.xmoto
[2010-05-30 18:49:31 | 000,000,000 | ---D | C] -- C:\Program Files\XMoto
[2010-05-30 18:41:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Moje dokumenty\GTA Vice City User Files
[2010-05-30 16:41:30 | 000,000,000 | ---D | C] -- C:\Program Files\EA Sports
[2010-05-30 16:41:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2010-05-30 16:31:02 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2010-05-30 16:20:21 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2010-05-30 03:11:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2010-05-30 03:09:45 | 000,106,496 | ---- | C] (Pegasus Software) -- C:\WINDOWS\System32\TwnLib20.dll
[2010-05-30 03:09:44 | 001,568,768 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagX7.dll
[2010-05-30 03:09:44 | 000,476,320 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXpr7.dll
[2010-05-30 03:09:44 | 000,471,040 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXRA7.dll
[2010-05-30 03:09:44 | 000,262,144 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXR7.dll
[2010-05-30 03:09:44 | 000,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe
[2010-05-30 03:09:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2010-05-30 03:09:43 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead
[2010-05-30 02:58:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2010-05-30 02:58:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010-05-30 02:58:17 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010-05-30 02:58:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Sun
[2010-05-30 02:44:11 | 000,000,000 | ---D | C] -- C:\Program Files\Euro Truck Simulator
[2010-05-30 02:39:41 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010-05-30 02:38:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\DAEMON Tools Lite
[2010-05-30 02:38:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-05-30 02:21:38 | 000,000,000 | ---D | C] -- C:\Program Files\Skijumping 2007
[2010-05-30 02:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\Deluxe Ski Jump 3
[2010-05-30 02:05:01 | 000,000,000 | ---D | C] -- C:\Program Files\Screamer Radio
[2010-05-30 02:01:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Hamachi
[2010-05-30 02:00:52 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\hamachi.sys
[2010-05-30 01:58:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Media Player Classic
[2010-05-30 01:56:16 | 000,604,416 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TUProgSt.exe
[2010-05-30 01:56:15 | 000,028,928 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2010-05-30 01:56:14 | 000,361,216 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TuneUpDefragService.exe
[2010-05-30 01:55:55 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2009
[2010-05-30 01:55:47 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{55A29068-F2CE-456C-9148-C869879E2357}
[2010-05-30 01:47:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\TuneUp Software
[2010-05-30 01:46:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software
[2010-05-30 01:46:47 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010-05-30 01:44:12 | 000,000,000 | ---D | C] -- C:\Program Files\Error Repair Professional
[2010-05-30 01:31:53 | 000,000,000 | ---D | C] -- C:\Program Files\Samochodowa Mapa Polski 2008
[2010-05-30 01:07:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Moje dokumenty\GTA San Andreas User Files
[2010-05-30 01:07:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Moje dokumenty\FIFA 10
[2010-05-30 01:06:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Moje dokumenty\FIFA 08
[2010-05-30 01:06:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Moje dokumenty\Euro Truck Simulator
[2010-05-30 01:06:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Moje dokumenty\Deluxe Ski Jump 3
[2010-05-30 01:06:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Seba\Moje dokumenty\Szkolne
[2010-05-30 00:59:15 | 000,000,000 | ---D | C] -- C:\Program Files\PES 2010
[2010-05-30 00:54:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Moje dokumenty\Konami
[2010-05-30 00:49:12 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2010-05-30 00:48:18 | 000,000,000 | ---D | C] -- C:\Program Files\MP3Gain
[2010-05-30 00:45:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Seba\Pulpit\Gry
[2010-05-30 00:43:13 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2010-05-30 00:21:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files
[2010-05-30 00:21:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Seba\Moje dokumenty\Moje wideo
[2010-05-30 00:19:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Avira
[2010-05-30 00:16:59 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010-05-30 00:16:58 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010-05-30 00:16:58 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010-05-30 00:16:58 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010-05-30 00:16:58 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010-05-30 00:16:58 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010-05-30 00:16:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Avira
[2010-05-30 00:15:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\skypePM
[2010-05-30 00:14:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Skype
[2010-05-30 00:14:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010-05-30 00:14:22 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010-05-30 00:14:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype
[2010-05-30 00:10:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Nokia
[2010-05-30 00:10:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\PC Suite
[2010-05-30 00:10:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2010-05-30 00:09:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite
[2010-05-30 00:08:55 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010-05-30 00:08:54 | 000,018,816 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys
[2010-05-30 00:08:50 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010-05-29 21:54:08 | 000,000,000 | ---D | C] -- C:\Program Files\SopCast
[2010-05-29 19:04:48 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-05-29 19:04:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2010-05-29 19:02:46 | 000,091,136 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcls.dll
[2010-05-29 19:02:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010-05-29 19:02:33 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2010-05-29 19:02:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2010-05-29 19:02:27 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2010-05-29 19:02:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2010-05-29 19:01:57 | 000,000,000 | ---D | C] -- C:\Program Files\Norton WinDoctor 2007
[2010-05-29 19:00:46 | 000,000,000 | ---D | C] -- C:\Program Files\3B Software
[2010-05-29 18:55:56 | 000,000,000 | ---D | C] -- C:\Program Files\hp deskjet 845c series
[2010-05-29 18:55:43 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2010-05-29 18:54:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\WinRAR
[2010-05-29 18:52:48 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010-05-29 18:10:49 | 000,000,000 | ---D | C] -- C:\Program Files\SubEdit-Player
[2010-05-29 18:10:26 | 000,000,000 | ---D | C] -- C:\Program Files\XP Codec Pack
[2010-05-29 17:59:10 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2010-05-29 17:59:01 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010-05-29 17:59:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Winamp
[2010-05-29 17:55:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\cache
[2010-05-29 17:54:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Gadu-Gadu 10
[2010-05-29 17:54:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-05-29 17:54:30 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10
[2010-05-29 17:52:38 | 000,000,000 | ---D | C] -- C:\Program Files\Skoki 2000
[2010-05-29 17:52:38 | 000,000,000 | ---D | C] -- C:\Program Files\PES Editor 10
[2010-05-29 17:52:38 | 000,000,000 | ---D | C] -- C:\Program Files\ML Settings Tool by MxSonic
[2010-05-29 16:53:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Moje dokumenty\Updater
[2010-05-29 16:51:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe Systems Shared
[2010-05-29 16:41:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010-05-29 16:41:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010-05-29 16:41:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010-05-29 16:39:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010-05-29 16:39:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\Microsoft Help
[2010-05-29 16:39:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010-05-29 16:39:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
[2010-05-29 16:38:40 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010-05-29 16:36:30 | 000,000,000 | ---D | C] -- C:\Program Files\Techland
[2010-05-29 16:27:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\Adobe
[2010-05-29 16:26:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
[2010-05-29 16:26:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010-05-29 16:26:46 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010-05-29 16:18:20 | 000,000,000 | ---D | C] -- C:\Program Files\ToniArts
[2010-05-29 16:16:08 | 000,000,000 | ---D | C] -- C:\Program Files\Odkurzacz
[2010-05-29 15:36:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2010-05-29 15:34:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2010-05-29 15:33:45 | 002,808,832 | R--- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2010-05-29 15:33:43 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010-05-29 15:33:40 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010-05-29 15:33:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010-05-29 15:30:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Moje dokumenty\Downloads
[2010-05-29 15:30:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Macromedia
[2010-05-29 15:30:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Adobe
[2010-05-29 15:27:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\Temp
[2010-05-29 15:27:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\Google
[2010-05-29 15:25:44 | 000,090,880 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtenicxp.sys
[2010-05-29 04:16:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka
[2010-05-29 04:16:05 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010-05-29 04:16:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010-05-29 04:15:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2010-05-29 04:15:58 | 000,000,000 | R--D | C] -- C:\Program Files
[2010-05-29 04:15:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2010-05-29 04:15:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2010-05-29 04:15:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start
[2010-05-29 04:15:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty
[2010-05-29 04:15:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony
[2010-05-29 04:15:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione
[2010-05-29 04:15:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit
[2010-05-29 04:14:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010-05-29 04:14:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010-05-29 04:14:46 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
[2010-05-29 04:14:46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji
[2010-05-29 04:14:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010-05-29 04:14:06 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010-05-29 04:03:54 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010-05-29 04:03:54 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010-05-29 04:03:54 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010-05-29 04:03:54 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Offline Web Pages
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\NLDRV
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1045
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010-05-29 04:03:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2010-05-29 02:50:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010-05-29 02:49:59 | 000,000,000 | ---D | C] -- C:\Program Files\DirectX
[2010-05-29 02:48:46 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010-05-29 02:41:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation
[2010-05-29 02:41:27 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010-05-29 02:41:05 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010-05-29 02:40:54 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010-05-29 02:29:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Identities
[2010-05-29 02:28:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Seba\Moje dokumenty\Moje obrazy
[2010-05-29 02:28:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Seba\Moje dokumenty\Moja muzyka
[2010-05-29 02:28:57 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010-05-29 02:28:53 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Seba\Dane aplikacji\Microsoft
[2010-05-29 02:28:53 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Seba\Dane aplikacji
[2010-05-29 02:28:53 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Seba\Cookies
[2010-05-29 02:28:52 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-05-29 02:28:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Seba\SendTo
[2010-05-29 02:28:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Seba\Ulubione
[2010-05-29 02:28:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Seba\Moje dokumenty
[2010-05-29 02:28:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Seba\Menu Start
[2010-05-29 02:28:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Seba\Ustawienia lokalne
[2010-05-29 02:28:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Seba\Szablony
[2010-05-29 02:28:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Seba\PrintHood
[2010-05-29 02:28:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Seba\NetHood
[2010-05-29 02:28:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Seba\Pulpit
[2010-05-29 02:28:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010-05-29 02:28:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010-05-29 02:28:10 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010-05-29 02:26:32 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010-05-29 02:26:04 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-05-29 02:26:04 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2010-05-29 02:26:04 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2010-05-29 02:25:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache
[2010-05-29 02:25:18 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010-05-29 02:25:04 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010-05-29 02:25:00 | 000,000,000 | ---D | C] -- C:\Program Files\Usługi online
[2010-05-29 02:24:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010-05-29 02:23:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2010-05-29 02:23:50 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010-05-29 02:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010-05-29 02:23:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010-05-29 02:23:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010-05-29 02:23:22 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010-05-29 02:22:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010-05-29 02:22:33 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010-05-29 02:22:26 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010-05-29 02:22:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2010-05-29 02:22:12 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010-05-29 02:22:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy
[2010-05-29 02:21:36 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010-05-29 02:21:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010-05-29 02:21:13 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2010-05-29 02:21:11 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010-05-29 02:21:09 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2010-05-29 02:21:00 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010-05-29 02:20:16 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010-05-29 02:20:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010-05-29 02:20:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010-05-29 02:19:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo
[2004-11-24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-06-01 00:43:53 | 002,359,296 | ---- | M] () -- C:\Documents and Settings\Seba\NTUSER.DAT
[2010-06-01 00:42:07 | 000,001,510 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Regulacja Głośności.lnk
[2010-06-01 00:42:07 | 000,001,503 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Paint.lnk
[2010-06-01 00:41:40 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010-06-01 00:41:38 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-06-01 00:41:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-06-01 00:40:45 | 004,239,010 | -H-- | M] () -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-06-01 00:35:45 | 000,075,095 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\62637547.jpg
[2010-06-01 00:32:00 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1202660629-1177238915-1003UA.job
[2010-05-31 23:36:23 | 000,000,653 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Gadu-Gadu.lnk
[2010-05-31 23:09:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-05-31 22:56:17 | 000,000,439 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2010-05-31 15:32:00 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1202660629-1177238915-1003Core.job
[2010-05-30 22:47:28 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\DT.doc
[2010-05-30 22:28:00 | 000,000,685 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Hamachi.lnk
[2010-05-30 16:54:44 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-05-30 16:47:44 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Seba\Moje dokumenty\FIFA08.exe
[2010-05-30 16:43:17 | 000,002,513 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Microsoft Office Word 2007.lnk
[2010-05-30 16:31:02 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2010-05-30 03:15:05 | 000,001,824 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Nero Express.lnk
[2010-05-30 03:11:27 | 000,001,239 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk
[2010-05-30 03:02:49 | 000,000,709 | ---- | M] () -- C:\WINDOWS\unins000.dat
[2010-05-30 03:01:26 | 000,044,528 | ---- | M] () -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-05-30 03:00:46 | 000,000,752 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Screamer Radio.lnk
[2010-05-30 02:49:58 | 000,004,608 | ---- | M] () -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-05-30 02:39:47 | 000,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-05-30 02:39:47 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Demon Tools.lnk
[2010-05-30 01:56:16 | 000,604,416 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TUProgSt.exe
[2010-05-30 01:56:14 | 000,361,216 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TuneUpDefragService.exe
[2010-05-30 01:56:09 | 000,001,545 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TuneUp Utilities 2009.lnk
[2010-05-30 01:45:47 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Error Repair Professional.lnk
[2010-05-30 01:35:25 | 000,000,810 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Samochodowa Mapa Polski.lnk
[2010-05-30 01:05:22 | 000,000,870 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Instaluj Aplikacje.lnk
[2010-05-30 00:49:16 | 000,000,787 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\EVEREST Ultimate.lnk
[2010-05-30 00:48:32 | 000,000,695 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\MP3Gain.lnk
[2010-05-30 00:43:40 | 000,001,553 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\IrfanView.lnk
[2010-05-30 00:41:42 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Windows Media Player.lnk
[2010-05-30 00:20:30 | 000,000,761 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\WinDoctor.lnk
[2010-05-30 00:15:28 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010-05-30 00:14:23 | 000,001,880 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-05-30 00:09:04 | 000,001,763 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia PC Suite.lnk
[2010-05-29 21:54:08 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\SopCast.lnk
[2010-05-29 19:04:48 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010-05-29 19:03:50 | 000,190,592 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-05-29 19:00:47 | 000,000,934 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Registry Repair Pro.lnk
[2010-05-29 18:57:50 | 000,000,800 | ---- | M] () -- C:\WINDOWS\hpinfo.lnk
[2010-05-29 18:57:48 | 000,000,750 | ---- | M] () -- C:\WINDOWS\reg.prm
[2010-05-29 18:56:28 | 000,000,376 | ---- | M] () -- C:\WINDOWS\mozregistry.dat
[2010-05-29 18:11:55 | 000,000,561 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\EasyCleaner.lnk
[2010-05-29 18:10:50 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\SubEdit-Player.lnk
[2010-05-29 18:10:31 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Media Player Classic.lnk
[2010-05-29 17:59:10 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk
[2010-05-29 17:54:46 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2010-05-29 16:50:51 | 000,001,776 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Adobe Photoshop CS2.lnk
[2010-05-29 16:42:14 | 000,002,595 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Microsoft Office Excel 2007.lnk
[2010-05-29 16:42:07 | 000,002,583 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Microsoft Office PowerPoint 2007.lnk
[2010-05-29 16:36:34 | 000,001,923 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\English Translator XT.lnk
[2010-05-29 16:36:34 | 000,001,828 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Słownik Podręczny.lnk
[2010-05-29 16:26:55 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader.lnk
[2010-05-29 16:16:25 | 000,000,856 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Szybkie Czyszczenie Dysku.lnk
[2010-05-29 16:16:25 | 000,000,760 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Odkurzacz.lnk
[2010-05-29 15:36:18 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2010-05-29 15:36:18 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2010-05-29 15:29:19 | 000,002,295 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Google Chrome.lnk
[2010-05-29 15:28:10 | 000,000,124 | ---- | M] () -- C:\Documents and Settings\Seba\Pulpit\Panel sterowania.lnk
[2010-05-29 04:16:09 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2010-05-29 04:15:57 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-05-29 02:29:55 | 000,763,990 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-05-29 02:29:55 | 000,355,830 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-05-29 02:29:55 | 000,311,740 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-05-29 02:29:55 | 000,049,712 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-05-29 02:29:55 | 000,040,128 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-05-29 02:28:54 | 000,000,020 | -HS- | M] () -- C:\Documents and Settings\Seba\ntuser.ini
[2010-05-29 02:27:11 | 000,000,927 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010-05-29 02:26:09 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-05-29 02:26:09 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010-05-29 02:26:09 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-05-29 02:26:09 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010-05-29 02:26:09 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-05-29 02:26:09 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-05-29 02:26:07 | 000,000,507 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-05-29 02:26:03 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010-05-29 02:26:03 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010-05-29 02:26:01 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010-05-29 02:25:54 | 000,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010-05-29 02:25:11 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010-05-29 02:25:11 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010-05-29 02:25:08 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010-05-29 02:25:08 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010-05-29 02:25:08 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010-05-29 02:25:08 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010-05-29 02:25:08 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010-05-29 02:25:08 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010-05-29 02:21:44 | 000,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010-05-29 02:21:34 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010-05-29 02:21:34 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010-05-29 02:18:59 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010-04-21 00:51:05 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Seba\Pulpit\OTL.exe
[2010-04-04 00:55:31 | 002,183,470 | ---- | M] () -- C:\WINDOWS\System32\nvdata.bin
[2010-04-04 00:55:31 | 000,061,440 | ---- | M] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010-04-04 00:55:31 | 000,009,046 | ---- | M] () -- C:\WINDOWS\System32\nvinfo.pb
[2010-04-03 19:22:32 | 000,066,714 | ---- | M] () -- C:\WINDOWS\System32\NvwsApps.xml
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-06-01 00:35:45 | 000,075,095 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\62637547.jpg
[2010-05-31 23:36:23 | 000,000,653 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\Gadu-Gadu.lnk
[2010-05-31 01:48:25 | 000,001,510 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\Regulacja Głośności.lnk
[2010-05-30 22:44:23 | 000,000,439 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2010-05-30 22:28:00 | 000,000,685 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Hamachi.lnk
[2010-05-30 16:54:43 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010-05-30 16:47:44 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Seba\Moje dokumenty\FIFA08.exe
[2010-05-30 16:40:45 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010-05-30 16:40:45 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2010-05-30 16:40:45 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2010-05-30 16:40:43 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
[2010-05-30 16:40:43 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax
[2010-05-30 16:40:43 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll
[2010-05-30 16:40:43 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
[2010-05-30 16:40:43 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll
[2010-05-30 03:15:05 | 000,001,824 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\Nero Express.lnk
[2010-05-30 03:11:27 | 000,001,239 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk
[2010-05-30 03:02:48 | 000,000,709 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2010-05-30 03:00:46 | 000,000,752 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\Screamer Radio.lnk
[2010-05-30 02:49:57 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Seba\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-05-30 02:39:47 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Demon Tools.lnk
[2010-05-30 02:39:46 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-05-30 01:56:09 | 000,001,545 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TuneUp Utilities 2009.lnk
[2010-05-30 01:45:47 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\Error Repair Professional.lnk
[2010-05-30 01:35:25 | 000,000,810 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\Samochodowa Mapa Polski.lnk
[2010-05-30 01:28:38 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\DT.doc
[2010-05-30 01:05:22 | 000,000,870 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\Instaluj Aplikacje.lnk
[2010-05-30 00:55:28 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\zlibocx2.dll
[2010-05-30 00:55:28 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\ZlibTool.ocx
[2010-05-30 00:49:16 | 000,000,787 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\EVEREST Ultimate.lnk
[2010-05-30 00:48:32 | 000,000,695 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\MP3Gain.lnk
[2010-05-30 00:43:13 | 000,001,553 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\IrfanView.lnk
[2010-05-30 00:41:42 | 000,000,766 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\Windows Media Player.lnk
[2010-05-30 00:20:30 | 000,000,761 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\WinDoctor.lnk
[2010-05-30 00:15:28 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010-05-30 00:14:23 | 000,001,880 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-05-30 00:09:04 | 000,001,763 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia PC Suite.lnk
[2010-05-29 21:54:08 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\SopCast.lnk
[2010-05-29 19:04:48 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010-05-29 19:00:47 | 000,000,934 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\Registry Repair Pro.lnk
[2010-05-29 18:57:50 | 000,000,800 | ---- | C] () -- C:\WINDOWS\hpinfo.lnk
[2010-05-29 18:57:46 | 000,000,750 | ---- | C] () -- C:\WINDOWS\reg.prm
[2010-05-29 18:56:28 | 000,000,376 | ---- | C] () -- C:\WINDOWS\mozregistry.dat
[2010-05-29 18:11:55 | 000,000,561 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\EasyCleaner.lnk
[2010-05-29 18:10:50 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\SubEdit-Player.lnk
[2010-05-29 18:10:31 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\Media Player Classic.lnk
[2010-05-29 18:10:30 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.acm
[2010-05-29 17:59:10 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk
[2010-05-29 17:54:46 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2010-05-29 16:50:51 | 000,001,776 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\Adobe Photoshop CS2.lnk
[2010-05-29 16:42:22 | 000,001,503 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\Paint.lnk
[2010-05-29 16:42:14 | 000,002,595 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\Microsoft Office Excel 2007.lnk
[2010-05-29 16:42:10 | 000,002,513 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\Microsoft Office Word 2007.lnk
[2010-05-29 16:42:07 | 000,002,583 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\Microsoft Office PowerPoint 2007.lnk
[2010-05-29 16:36:34 | 000,001,923 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\English Translator XT.lnk
[2010-05-29 16:36:34 | 000,001,828 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Słownik Podręczny.lnk
[2010-05-29 16:26:55 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader.lnk
[2010-05-29 16:16:25 | 000,000,856 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\Szybkie Czyszczenie Dysku.lnk
[2010-05-29 16:16:25 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\Odkurzacz.lnk
[2010-05-29 15:36:18 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2010-05-29 15:36:18 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2010-05-29 15:35:04 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010-05-29 15:29:19 | 000,002,295 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\Google Chrome.lnk
[2010-05-29 15:28:10 | 000,000,124 | ---- | C] () -- C:\Documents and Settings\Seba\Pulpit\Panel sterowania.lnk
[2010-05-29 15:27:48 | 000,001,128 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1202660629-1177238915-1003UA.job
[2010-05-29 15:27:47 | 000,001,076 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1202660629-1177238915-1003Core.job
[2010-05-29 04:16:09 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2010-05-29 04:15:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010-05-29 04:15:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010-05-29 04:15:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010-05-29 04:15:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010-05-29 04:15:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010-05-29 04:15:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010-05-29 04:15:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010-05-29 04:15:38 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010-05-29 04:15:38 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010-05-29 04:15:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010-05-29 04:15:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010-05-29 04:15:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010-05-29 04:15:35 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010-05-29 04:15:35 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010-05-29 04:15:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010-05-29 04:15:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010-05-29 04:15:25 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010-05-29 04:15:25 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010-05-29 04:15:25 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010-05-29 04:15:16 | 000,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010-05-29 04:14:06 | 000,190,592 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-05-29 04:13:24 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2010-05-29 04:13:21 | 000,000,927 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2010-05-29 02:41:05 | 000,009,046 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2010-05-29 02:41:02 | 002,183,470 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010-05-29 02:28:54 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\Seba\ntuser.ini
[2010-05-29 02:28:53 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Seba\ntuser.dat.LOG
[2010-05-29 02:28:52 | 002,359,296 | ---- | C] () -- C:\Documents and Settings\Seba\NTUSER.DAT
[2010-05-29 02:27:06 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010-05-29 02:26:16 | 000,050,105 | ---- | C] () -- C:\WINDOWS\activ.exe
[2010-05-29 02:26:09 | 000,002,596 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-05-29 02:26:09 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010-05-29 02:26:09 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010-05-29 02:26:09 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010-05-29 02:26:09 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010-05-29 02:26:03 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010-05-29 02:26:03 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010-05-29 02:26:01 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010-05-29 02:25:11 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010-05-29 02:25:11 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010-05-29 02:25:08 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010-05-29 02:25:08 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010-05-29 02:25:08 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010-05-29 02:25:08 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010-05-29 02:25:08 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010-05-29 02:25:08 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010-05-29 02:24:17 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010-05-29 02:24:17 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010-05-29 02:21:44 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010-05-29 02:20:37 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Pod mikroskopem.bmp
[2010-05-29 02:20:37 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Wachlarze.bmp
[2010-05-29 02:20:37 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp
[2010-05-29 02:20:36 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Bąbelki.bmp
[2010-05-29 02:20:36 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Nefryt.bmp
[2010-05-29 02:20:36 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybkach.bmp
[2010-05-29 02:20:36 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kawa.bmp
[2010-05-29 02:20:36 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Puch.bmp
[2010-05-29 02:20:35 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010-05-29 02:20:35 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010-05-29 02:20:35 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010-05-29 02:20:34 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010-05-29 02:20:34 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010-05-29 02:20:34 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010-05-29 02:20:34 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010-05-29 02:20:34 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010-05-29 02:20:31 | 000,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010-05-29 02:20:30 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010-05-29 02:20:29 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010-05-29 02:20:20 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010-04-03 19:22:32 | 000,276,202 | ---- | C] () -- C:\WINDOWS\System32\NvApps.xml
[2010-04-03 19:22:32 | 000,066,714 | ---- | C] () -- C:\WINDOWS\System32\NvwsApps.xml
[2008-12-19 17:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008-12-17 19:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008-12-17 19:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008-12-17 19:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008-12-17 19:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008-12-17 18:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008-12-11 13:27:02 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008-05-03 09:24:01 | 000,000,082 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004-10-03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-05-30 02:39:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-05-29 17:54:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-05-30 00:08:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2010-05-29 19:04:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2010-05-30 00:10:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2010-05-30 01:50:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software
[2010-05-30 01:55:47 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{55A29068-F2CE-456C-9148-C869879E2357}
[2010-05-30 01:46:47 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010-05-30 02:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\DAEMON Tools Lite
[2010-05-31 23:39:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\Gadu-Gadu
[2010-05-29 17:57:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\Gadu-Gadu 10
[2010-05-30 00:10:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\Nokia
[2010-05-30 00:10:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\PC Suite
[2010-05-30 01:47:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Seba\Dane aplikacji\TuneUp Software

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-05-29 02:26:09 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-05-29 02:18:59 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2001-07-22 00:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010-05-29 02:26:09 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-05-29 02:26:09 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-05-29 02:26:09 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008-04-13 22:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-04-14 00:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-06-01 00:41:31 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 02:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-14 22:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe[/log]

Sohei
komentarz
komentarz

Widzę już zdazyles zainfekowac system wirkiem z pendrive; )
Uzyj narzedzia flash desinfector najlepeij z podpieta pamiecia

do OTL i run fix.
[code]:Processes
Explorer.exe

:OTL
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] File not found
O33 - MountPoints2\{7cda0dc7-6bfc-11df-885e-0019dbe06d9d}\Shell\AutoRun\command - "" = ba.exe
O33 - MountPoints2\{7cda0dc7-6bfc-11df-885e-0019dbe06d9d}\Shell\open\Command - "" = ba.exe

:Commands
[reboot][/code]






C:\WINDOWS\System32\zlibocx2.dll----> przeskanuj na virustotal
Wykonaj pełny skan [url=http://dobreprogramy.pl/index.php?dz=2&id=1998][b]DR WEB CureIt[/b][/url]
Wykonaj pełny skan[url=http://www.dobreprogramy.pl/Malwarebytes-AntiMalware,Program,Windows,13117.html][b]MBAM[/b][/url]
Co znajda usun po czym daj logi z usuwania + nowy log OTL

Seba1990
komentarz
komentarz

Log z RUN-a (sprawdz czy wszystko dobrze wykonałem :P)

[log]========== PROCESSES ==========
Process Explorer.exe killed successfully!
========== OTL ==========
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7cda0dc7-6bfc-11df-885e-0019dbe06d9d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7cda0dc7-6bfc-11df-885e-0019dbe06d9d}\ not found.
File ba.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7cda0dc7-6bfc-11df-885e-0019dbe06d9d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7cda0dc7-6bfc-11df-885e-0019dbe06d9d}\ not found.
File ba.exe not found.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.1.3 log created on 06022010_020015

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...[/log]

Scan z virustotal:
http://www.virustotal.com/pl/reanalisis.html?a134f6c7c407924dd8ca73dfd47f1869b439d06a0026dd615e4a7621855e89e4-1275436483

Malwarebytes nic nie wykrył...

Sohei
komentarz
komentarz (edytowane)

czy z kompem cos sie dzieje ?

Seba1990
komentarz
komentarz

W nowo zainstalowanym systemie mam tylko problem na naprawą połączenia ponieważ wyskakuje mi ten komunikat:
http://i45.tinypic.com/5dp54m.jpg

A tak po za tym to narazie chodzi jak należy :) Jak by coś się działo to będę pisał już w nowym poście. Dzięki za pomoc.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.