x-kom hosting

run32dll.exe problem

Razer93
utworzono
utworzono (edytowane)

Witam mam problem gdy uruchomię komputer wszystko jest ok lecz po czasie komputer zaczyna się zawieszać i jak wchodzę w menedżera zadań Windows potem w procesy i mam po 800 procesów run32dll.exe . Myślę że jest to problem związany z tym proszę o szybką pomoc :) o to jak to wygląda : http://img94.imageshack.us/img94/313/beztytuukcu.png

  • Dobra wypowiedź 1

RainG3
komentarz
komentarz

Hmm... Sam nie wiem ,ale powiem Ci ,że dzieje się tak dlatego ,że mało ,który CPU wytrzyma tyle procesów i się zwiesza :D

[color="#FF0000"]// Co ten post wnosi do tematu? Nie spamuj. Następnym razem polecą ostrzeżenia.
// Cyp[/color]

Razer93
komentarz
komentarz

To co jedyna rada format ?

Mateusz J.
komentarz
komentarz

Na początek log z OTL: http://www.forumpc.pl/index.php?showtopic=104338
Sprawdzimy komputer pod względem obecności szkodliwego oprogramowania(wirusów).

Format to ostateczność walczymy do końca.

Razer93
komentarz
komentarz

[log]OTL logfile created on: 2010-06-23 21:47:45 - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Kimak\Moje dokumenty\Pobieranie
Windows XP Home Edition Dodatek Service Pack 4 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 73,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,55 Gb Total Space | 19,69 Gb Free Space | 26,42% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KIMAK
Current User Name: Kimak
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-06-23 21:29:09 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kimak\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2010-06-20 13:06:42 | 000,339,503 | ---- | M] (Trend Micro Inc) -- C:\WINDOWS\ne__H_ck.exe
PRC - [2010-06-20 12:47:34 | 000,002,560 | ---- | M] () -- C:\WINDOWS\system\run32dll.exe
PRC - [2010-05-04 16:05:48 | 011,981,408 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2010-04-12 11:43:47 | 000,215,128 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe
PRC - [2010-03-30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2010-01-14 16:02:55 | 000,604,416 | ---- | M] (TuneUp Software) -- C:\WINDOWS\system32\TUProgSt.exe
PRC - [2009-12-22 01:57:28 | 000,035,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
PRC - [2009-12-14 21:50:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009-10-20 19:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
PRC - [2009-10-06 16:34:04 | 018,750,976 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2009-08-17 03:03:00 | 000,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2009-08-16 09:37:35 | 000,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
PRC - [2009-08-06 20:24:06 | 000,068,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
PRC - [2009-07-01 18:37:06 | 000,037,888 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2009-04-23 15:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2009-02-09 12:10:45 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-10-25 11:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation) -- C:\word\Office12\GrooveMonitor.exe
PRC - [2008-01-29 11:16:28 | 002,150,400 | ---- | M] () -- C:\Program Files\Vtune\TBPANEL.exe
PRC - [2006-03-02 14:00:00 | 000,975,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2006-03-02 14:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2006-03-02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2006-03-02 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2006-03-02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2006-03-02 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2005-11-16 12:57:55 | 002,207,744 | ---- | M] (Gadu-Gadu Sp. z oo) -- C:\Program Files\Gadu-Gadu\gg.exe
PRC - [2005-03-14 13:05:02 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-06-23 21:29:09 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kimak\Moje dokumenty\Pobieranie\OTL.exe
MOD - [2009-11-28 03:05:31 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2009-09-25 07:58:06 | 000,498,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 10:48:08 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 17:18:19 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-03-21 16:21:24 | 001,014,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 12:22:08 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 12:22:06 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 15:01:37 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-07-03 15:16:27 | 012,897,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2006-05-03 23:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll
MOD - [2006-03-02 14:00:00 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2006-03-02 14:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2006-03-02 14:00:00 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2006-03-02 14:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2006-03-02 14:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2006-03-02 14:00:00 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2006-03-02 14:00:00 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2006-03-02 14:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2006-03-02 14:00:00 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2006-03-02 14:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2006-03-02 14:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2006-03-02 14:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2006-03-02 14:00:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2006-03-02 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2006-03-02 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2006-03-02 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- -- (appdrvrem01) Application Driver Auto Removal Service (01)
SRV - [2010-03-30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010-03-26 18:17:57 | 000,361,216 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010-01-14 16:02:55 | 000,604,416 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2009-10-20 19:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP)
SRV - [2008-10-25 11:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\word\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2005-03-14 13:05:02 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-06-23 21:20:20 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2010-04-12 11:43:56 | 000,139,128 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010-01-23 13:25:17 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010-01-03 00:15:08 | 003,059,824 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01)
DRV - [2009-12-18 14:56:47 | 000,040,320 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\steth.sys -- (STETH)
DRV - [2009-12-18 14:56:47 | 000,030,464 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\st330.sys -- (ST330)
DRV - [2009-12-18 14:56:47 | 000,012,672 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\stbus.sys -- (STBUS)
DRV - [2009-12-10 16:56:16 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009-10-14 20:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg)
DRV - [2009-10-10 09:04:15 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009-10-10 09:04:15 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009-10-06 18:54:16 | 005,922,816 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009-10-02 18:39:44 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009-09-14 13:42:46 | 000,032,272 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2009-09-01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2009-08-17 00:57:00 | 007,729,568 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009-08-15 19:48:37 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008-08-05 20:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008-06-20 11:52:06 | 000,225,920 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008-01-03 16:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007-08-02 18:32:26 | 000,022,784 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dadder.sys -- (DAdderFltr)
DRV - [2007-04-03 13:57:54 | 000,099,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116unic.sys -- (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM)
DRV - [2007-04-03 13:57:52 | 000,098,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116obex.sys -- (s116obex)
DRV - [2007-04-03 13:57:52 | 000,023,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116nd5.sys -- (s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS)
DRV - [2007-04-03 13:57:50 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mgmt.sys -- (s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM)
DRV - [2007-04-03 13:57:48 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mdm.sys -- (s116mdm)
DRV - [2007-04-03 13:57:48 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mdfl.sys -- (s116mdfl)
DRV - [2007-04-03 13:57:42 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116bus.sys -- (s116bus) Sony Ericsson Device 116 driver (WDM)
DRV - [2007-03-16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007-03-16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2006-01-04 15:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005-01-07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2003-12-08 12:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2003-12-08 12:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
DRV - [2002-10-15 15:48:46 | 000,012,964 | ---- | M] (WayTech Development, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbfilter.sys -- (kbfilter)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-329068152-1229272821-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-329068152-1229272821-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15510&l=dis
IE - HKU\S-1-5-21-329068152-1229272821-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-329068152-1229272821-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/"
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20100314
FF - prefs.js..extensions.enabledItems: {e2c58150-9d72-11dd-ad8b-0800200c9a66}:1.3.1

FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010-06-23 21:21:27 | 000,000,000 | ---D | M]

[2010-04-02 20:52:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Mozilla\Extensions
[2010-06-23 15:51:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\extensions
[2010-04-02 21:03:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Kimak\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-04-02 21:05:42 | 000,000,000 | ---D | M] (Black Steel) -- C:\Documents and Settings\Kimak\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\extensions\{e2c58150-9d72-11dd-ad8b-0800200c9a66}
[2010-04-02 21:03:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\extensions\nasanightlaunch@example.com
[2010-06-23 15:51:47 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-07-17 10:40:12 | 000,704,512 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2009-08-29 17:51:18 | 000,024,684 | ---- | M] (MyWebSearch.com) -- C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll
[2009-01-28 20:46:54 | 000,307,200 | ---- | M] (ESKA) -- C:\Program Files\Mozilla Firefox\plugins\npOggX.dll
[2010-04-01 19:33:11 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-04-01 19:33:11 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-04-01 19:33:11 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-04-01 19:33:11 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-04-01 19:33:11 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-04-01 19:33:11 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-06-15 10:29:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\word\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-329068152-1229272821-839522115-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-329068152-1229272821-839522115-1004\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [GrooveMonitor] C:\word\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Hijack This] C:\WINDOWS\ne__H_ck.exe (Trend Micro Inc)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [run32d] C:\WINDOWS\system\run32dll.exe ()
O4 - HKLM..\Run: [TBPanel] C:\Program Files\Vtune\TBPanel.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKU\S-1-5-21-329068152-1229272821-839522115-1004..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-329068152-1229272821-839522115-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-329068152-1229272821-839522115-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-329068152-1229272821-839522115-1004..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu Sp. z oo)
O4 - HKU\S-1-5-21-329068152-1229272821-839522115-1004..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-329068152-1229272821-839522115-1004..\Run: [IPLA!] C:\Program Files\ipla\ipla.exe ()
O4 - HKU\S-1-5-21-329068152-1229272821-839522115-1004..\Run: [Steam] c:\program files\steam\steam.exe ()
O4 - HKU\S-1-5-21-329068152-1229272821-839522115-1004..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\Kimak\Menu Start\Programy\Autostart\RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-329068152-1229272821-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-329068152-1229272821-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-329068152-1229272821-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-329068152-1229272821-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ()
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\word\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll (Google Inc.)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\word\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\word\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\word\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe ()
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\word\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\word\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-08-15 16:25:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{74de429a-544c-11df-81a0-001fd00d9f59}\Shell\AutoRun\command - "" = H:\Launcher.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-06-23 21:04:00 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010-06-23 20:06:01 | 000,000,000 | ---D | C] -- C:\Program Files\RegCleaner
[2010-06-23 09:55:26 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-06-23 09:55:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-06-22 11:48:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Pulpit\Pcsx2
[2010-06-20 12:47:34 | 000,339,503 | ---- | C] (Trend Micro Inc) -- C:\WINDOWS\ne__H_ck.exe
[2010-06-19 20:13:22 | 000,000,000 | ---D | C] -- C:\wbu
[2010-06-19 12:14:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Pulpit\Achmed The Dead Terrorist
[2010-06-19 12:07:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Pulpit\play 4 fun not 4 life_by Kolba515
[2010-06-19 09:46:24 | 000,000,000 | ---D | C] -- C:\PCSX2 24.12.2009
[2010-06-18 13:54:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Moje dokumenty\pcsx2
[2010-06-18 13:54:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Pulpit\PCSX2 24.12.2009
[2010-06-18 13:47:06 | 000,000,000 | ---D | C] -- C:\plugins
[2010-06-18 13:47:06 | 000,000,000 | ---D | C] -- C:\bios
[2010-06-16 23:04:30 | 000,000,000 | ---D | C] -- C:\Program Files\KeyLogger
[2010-06-15 10:30:12 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010-06-15 10:11:21 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010-06-14 21:17:44 | 000,000,000 | ---D | C] -- C:\Program Files\Valve
[2010-06-11 21:52:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010-06-01 15:00:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Dane aplikacji\bizarre creations
[2010-05-30 00:04:02 | 000,000,000 | ---D | C] -- C:\ezio
[2010-05-28 21:21:53 | 000,000,000 | ---D | C] -- C:\Sys
[2010-05-26 13:07:16 | 000,000,000 | ---D | C] -- C:\Program Files\THQ
[2010-05-24 16:58:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Moje dokumenty\Hitman Blood Money
[2010-05-24 16:27:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Dane aplikacji\BlackBean
[2010-05-17 20:05:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2010-05-17 20:05:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2010-05-17 20:05:17 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2010-05-12 20:22:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Moje dokumenty\KONAMI
[2010-05-10 19:17:54 | 000,000,000 | ---D | C] -- C:\zc
[2010-05-10 15:54:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Moje dokumenty\4A Games
[2010-05-10 15:42:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\4A Games
[2010-05-09 13:23:22 | 000,000,000 | ---D | C] -- C:\Documents and Set
[2010-05-09 13:10:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Moje dokumenty\Tunngle
[2010-05-08 20:40:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Dane aplikacji\Tunngle
[2010-05-08 20:40:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Tunngle
[2010-05-08 20:40:10 | 000,027,136 | ---- | C] (Tunngle.net) -- C:\WINDOWS\System32\drivers\tap0901t.sys
[2010-05-07 23:57:21 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady
[2010-05-07 23:55:22 | 000,000,000 | ---D | C] -- C:\Program Files\ipla
[2010-05-05 17:25:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\storage
[2010-04-29 20:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010-04-29 20:43:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010-04-29 20:43:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010-04-29 20:41:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010-04-29 20:40:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010-04-29 20:39:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010-04-29 20:38:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\Microsoft Help
[2010-04-29 20:38:31 | 000,000,000 | ---D | C] -- C:\word
[2010-04-29 20:38:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
[2010-04-29 20:37:58 | 000,000,000 | R--D | C] -- C:\MSOCache
[2010-04-25 12:01:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Moje dokumenty\Command and Conquer 4
[2010-04-25 12:00:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Dane aplikacji\Command and Conquer 4
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-06-23 21:47:58 | 000,000,559 | ---- | M] () -- C:\WINDOWS\DFC.INI
[2010-06-23 21:46:41 | 000,249,502 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010-06-23 21:46:39 | 000,013,722 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-06-23 21:46:39 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-06-23 21:46:39 | 000,000,538 | ---- | M] () -- C:\WINDOWS\tasks\Automatic maintenance.job
[2010-06-23 21:46:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-06-23 21:46:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-06-23 21:37:11 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-06-23 21:22:14 | 000,108,059 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010-06-23 21:22:13 | 000,095,259 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010-06-23 21:20:20 | 000,315,408 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010-06-23 20:06:03 | 000,000,645 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\RegCleaner.lnk
[2010-06-23 20:00:28 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-06-23 19:44:19 | 007,340,032 | ---- | M] () -- C:\Documents and Settings\Kimak\NTUSER.DAT
[2010-06-23 19:44:15 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Kimak\ntuser.ini
[2010-06-23 13:30:44 | 003,686,454 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\bez tytułu.bmp
[2010-06-22 20:47:17 | 000,000,640 | ---- | M] () -- C:\Documents and Settings\Kimak\Dane aplikacji\rcx.dat
[2010-06-20 13:17:42 | 000,025,955 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\1a.jpg
[2010-06-20 13:08:45 | 000,029,440 | ---- | M] () -- C:\WINDOWS\trdl
[2010-06-20 13:08:45 | 000,015,360 | ---- | M] () -- C:\WINDOWS\wsc.p1
[2010-06-20 13:08:45 | 000,015,360 | ---- | M] () -- C:\WINDOWS\trdl.p1
[2010-06-20 13:08:45 | 000,014,080 | ---- | M] () -- C:\WINDOWS\trdl.p2
[2010-06-20 13:08:45 | 000,010,240 | ---- | M] () -- C:\WINDOWS\linkinfo.p1
[2010-06-20 13:08:45 | 000,008,981 | ---- | M] () -- C:\WINDOWS\wsc.p2
[2010-06-20 13:08:45 | 000,005,285 | ---- | M] () -- C:\WINDOWS\linkinfo.p2
[2010-06-20 13:08:45 | 000,001,536 | ---- | M] () -- C:\WINDOWS\System\run32dll.p2
[2010-06-20 13:08:45 | 000,000,640 | ---- | M] () -- C:\WINDOWS\rcx.dat
[2010-06-20 13:08:45 | 000,000,084 | ---- | M] () -- C:\WINDOWS\rcx.ini
[2010-06-20 13:08:45 | 000,000,084 | ---- | M] () -- C:\Documents and Settings\Kimak\Dane aplikacji\rcx.ini
[2010-06-20 13:06:42 | 000,339,503 | ---- | M] (Trend Micro Inc) -- C:\WINDOWS\ne__H_ck.exe
[2010-06-20 13:06:37 | 000,001,024 | ---- | M] () -- C:\WINDOWS\System\run32dll.p1
[2010-06-20 12:57:08 | 000,024,341 | ---- | M] () -- C:\wsock32.dll
[2010-06-20 12:57:08 | 000,024,341 | ---- | M] () -- C:\Program Files\wsock32.dll
[2010-06-20 12:57:08 | 000,024,341 | ---- | M] () -- C:\Program Files\Common Files\wsock32.dll
[2010-06-20 12:47:34 | 000,002,560 | ---- | M] () -- C:\WINDOWS\System\run32dll.exe
[2010-06-19 23:18:41 | 000,319,945 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\1274816994_o.jpg
[2010-06-19 23:07:47 | 000,000,153 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\noavatar.png
[2010-06-19 12:00:03 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\xx.jpeg
[2010-06-19 09:46:41 | 000,000,578 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\PSCX2.lnk
[2010-06-15 19:05:46 | 000,000,738 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\JDownloader.lnk
[2010-06-15 18:18:03 | 000,069,904 | ---- | M] () -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-06-15 18:13:58 | 000,273,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-06-15 11:01:24 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2010-06-15 10:30:16 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-06-15 10:29:53 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010-06-15 10:02:47 | 000,503,536 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-06-15 10:02:47 | 000,444,032 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-06-15 10:02:47 | 000,090,408 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-06-15 10:02:46 | 001,124,360 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-06-15 10:02:46 | 000,072,098 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-06-14 21:20:14 | 000,001,607 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Counter Strike 1.6 Non Steam.lnk
[2010-06-14 21:20:14 | 000,001,587 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Dedicated Server.lnk
[2010-06-14 16:24:45 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-06-13 23:27:00 | 000,044,631 | ---- | M] () -- C:\Documents and Settings\Kimak\Moje dokumenty\Biceps_(PSF).jpg
[2010-06-07 10:51:11 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Garena.lnk
[2010-06-07 10:41:54 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Access.dat
[2010-06-06 20:27:09 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Zero Gear.lnk
[2010-06-06 20:27:09 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Call of Duty Modern Warfare 2.lnk
[2010-06-06 20:27:09 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Call of Duty Modern Warfare 2 - Multiplayer.lnk
[2010-06-06 20:27:09 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\DAEMON Tools Lite.lnk
[2010-06-06 20:27:09 | 000,001,572 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Half-Life.lnk
[2010-06-06 20:27:09 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\PhotoFiltre.lnk
[2010-06-06 20:27:09 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\PhotoScape.lnk
[2010-06-06 20:27:09 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\OpenFM.lnk
[2010-06-06 20:27:09 | 000,000,674 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Gadu-Gadu 10.lnk
[2010-06-06 20:27:09 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Winamp.lnk
[2010-06-06 20:27:09 | 000,000,662 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\NapiProjekt.lnk
[2010-06-06 20:27:09 | 000,000,657 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Pro Evolution Soccer 2010.lnk
[2010-06-06 20:27:09 | 000,000,653 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Gadu-Gadu.lnk
[2010-06-06 20:27:09 | 000,000,651 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\DSJ3.lnk
[2010-06-06 20:27:09 | 000,000,504 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\KATARZYNA KIMAK.lnk
[2010-06-06 20:27:09 | 000,000,355 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Progamy.lnk
[2010-06-06 20:27:09 | 000,000,351 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Moje dokumenty.lnk
[2010-06-01 22:40:03 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-05-30 13:06:36 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Kimak\Pulpit\~$chemia.docx
[2010-05-26 20:02:15 | 000,057,344 | ---- | M] () -- C:\WINDOWS\System32\apache.dll
[2010-05-17 21:44:32 | 000,034,816 | ---- | M] () -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-05-09 13:23:22 | 000,001,751 | ---- | M] () -- C:\Documents and Set.key
[2010-05-09 13:23:22 | 000,000,426 | ---- | M] () -- C:\Documents and Set.pub
[2010-05-09 03:26:31 | 003,171,364 | -H-- | M] () -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-05-09 03:04:59 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-05-04 19:12:43 | 000,006,688 | ---- | M] () -- C:\WINDOWS\movexe.exe
[2010-05-04 18:13:15 | 000,000,203 | ---- | M] () -- C:\Documents and Settings\Kimak\default.pls
[2010-04-28 21:05:51 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\SI.bin
[2010-04-26 22:48:47 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2010-04-26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINDOWS\PEV.exe
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-06-23 21:22:14 | 000,108,059 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010-06-23 21:22:13 | 000,095,259 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010-06-23 20:06:03 | 000,000,645 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\RegCleaner.lnk
[2010-06-23 13:30:44 | 003,686,454 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\bez tytułu.bmp
[2010-06-20 13:17:42 | 000,025,955 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\1a.jpg
[2010-06-20 12:46:04 | 000,024,341 | ---- | C] () -- C:\wsock32.dll
[2010-06-20 12:46:03 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System\run32dll.exe
[2010-06-20 12:46:03 | 000,000,640 | ---- | C] () -- C:\WINDOWS\rcx.dat
[2010-06-20 12:46:03 | 000,000,084 | ---- | C] () -- C:\Documents and Settings\Kimak\Dane aplikacji\rcx.ini
[2010-06-19 23:18:40 | 000,319,945 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\1274816994_o.jpg
[2010-06-19 23:07:47 | 000,000,153 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\noavatar.png
[2010-06-19 12:00:03 | 000,001,919 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\xx.jpeg
[2010-06-19 09:46:41 | 000,000,578 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\PSCX2.lnk
[2010-06-15 19:05:46 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\JDownloader.lnk
[2010-06-15 11:01:24 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2010-06-14 21:20:14 | 000,001,607 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Counter Strike 1.6 Non Steam.lnk
[2010-06-14 21:20:14 | 000,001,587 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Dedicated Server.lnk
[2010-06-14 16:24:45 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-06-13 23:26:59 | 000,044,631 | ---- | C] () -- C:\Documents and Settings\Kimak\Moje dokumenty\Biceps_(PSF).jpg
[2010-06-07 10:51:11 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Garena.lnk
[2010-06-06 20:27:09 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Zero Gear.lnk
[2010-06-06 20:27:09 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Call of Duty Modern Warfare 2.lnk
[2010-06-06 20:27:09 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Call of Duty Modern Warfare 2 - Multiplayer.lnk
[2010-06-06 20:27:09 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\DAEMON Tools Lite.lnk
[2010-06-06 20:27:09 | 000,001,572 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Half-Life.lnk
[2010-06-06 20:27:09 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\PhotoFiltre.lnk
[2010-06-06 20:27:09 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\PhotoScape.lnk
[2010-06-06 20:27:09 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\OpenFM.lnk
[2010-06-06 20:27:09 | 000,000,674 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Gadu-Gadu 10.lnk
[2010-06-06 20:27:09 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Winamp.lnk
[2010-06-06 20:27:09 | 000,000,662 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\NapiProjekt.lnk
[2010-06-06 20:27:09 | 000,000,657 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Pro Evolution Soccer 2010.lnk
[2010-06-06 20:27:09 | 000,000,653 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Gadu-Gadu.lnk
[2010-06-06 20:27:09 | 000,000,651 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\DSJ3.lnk
[2010-06-06 20:27:09 | 000,000,504 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\KATARZYNA KIMAK.lnk
[2010-06-06 20:27:09 | 000,000,355 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Progamy.lnk
[2010-06-06 20:27:09 | 000,000,351 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Moje dokumenty.lnk
[2010-05-30 13:06:36 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Kimak\Pulpit\~$chemia.docx
[2010-05-26 16:51:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\apache.dll
[2010-05-09 13:23:22 | 000,001,751 | ---- | C] () -- C:\Documents and Set.key
[2010-05-09 13:23:22 | 000,000,426 | ---- | C] () -- C:\Documents and Set.pub
[2010-05-08 20:40:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat
[2010-05-04 19:12:43 | 000,006,688 | ---- | C] () -- C:\WINDOWS\movexe.exe
[2010-04-28 21:05:51 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\SI.bin
[2010-04-26 22:48:25 | 000,007,432 | ---- | C] () -- C:\Documents and Settings\Kimak\sss.txt
[2010-04-26 22:46:45 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010-03-24 19:09:04 | 000,024,064 | ---- | C] () -- C:\WINDOWS\trdl.dll
[2010-03-24 19:09:04 | 000,000,084 | ---- | C] () -- C:\WINDOWS\rcx.ini
[2010-03-16 17:44:27 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010-02-19 09:42:45 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2009-12-29 10:48:45 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009-12-23 21:10:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iplayer.INI
[2009-12-16 22:46:47 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\H@tKeysH@@k.DLL
[2009-12-10 16:38:59 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009-11-12 16:05:12 | 000,000,134 | ---- | C] () -- C:\WINDOWS\w5win.ini
[2009-11-12 09:10:07 | 000,035,005 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009-11-02 19:56:00 | 000,000,147 | ---- | C] () -- C:\WINDOWS\l33td.ini
[2009-11-01 17:33:07 | 000,000,036 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2009-10-28 23:21:31 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll
[2009-10-23 18:21:43 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009-10-23 18:21:42 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-10-23 18:21:42 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-10-23 18:21:41 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-10-23 18:21:41 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-10-10 09:04:15 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009-10-10 09:04:15 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009-09-10 18:48:19 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2009-08-22 20:28:48 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-08-18 16:31:25 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-08-16 09:38:16 | 000,139,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-08-15 19:48:36 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-08-15 16:38:03 | 000,000,559 | ---- | C] () -- C:\WINDOWS\DFC.INI
[2009-08-07 20:51:34 | 000,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat

[color=#E56717]========== LOP Check ==========[/color]

[2009-12-29 13:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper
[2010-06-23 09:55:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2009-10-15 15:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BC
[2009-10-31 02:47:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Cabela's Outdoor Adventures Saves
[2010-01-12 18:22:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters
[2009-08-15 19:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2009-09-26 09:00:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2009-12-27 02:22:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Farm Frenzy
[2010-03-17 20:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-05-22 16:23:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2009-08-18 02:00:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe
[2010-06-19 22:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-01-20 22:46:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-01-14 15:51:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software
[2010-05-08 20:40:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tunngle
[2010-05-24 14:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft
[2009-08-27 15:33:53 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{55A29068-F2CE-456C-9148-C869879E2357}
[2010-01-14 15:51:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2009-09-14 18:30:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\.ZMatrix
[2009-12-23 17:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Atari
[2010-06-01 15:00:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\bizarre creations
[2010-05-24 16:27:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\BlackBean
[2010-04-03 08:43:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Capcom
[2010-04-17 10:38:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Command & Conquer 3 Wojny o tyberium
[2010-04-25 21:15:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Command and Conquer 4
[2009-08-15 19:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\DAEMON Tools Lite
[2010-01-03 00:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\DAEMON Tools Pro
[2009-10-14 13:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Dark Sector
[2010-03-20 21:03:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Gadu-Gadu 10
[2010-01-26 19:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Imperium Romanum
[2010-06-15 10:30:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\ipla
[2009-08-17 00:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Mount&Blade
[2010-01-17 11:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Nowe Gadu-Gadu
[2009-08-18 13:23:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\OpenFM
[2010-02-19 10:03:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\PhotoFiltre
[2010-03-22 22:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Prison Break
[2010-01-03 15:30:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Razer
[2009-12-10 21:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Samsung
[2009-11-30 15:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\SPORE
[2009-08-27 15:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\TuneUp Software
[2010-05-17 20:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Tunngle
[2010-03-14 00:46:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Ubisoft
[2009-09-27 22:27:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Utherverse
[2010-06-13 10:48:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\uTorrent
[2009-12-27 17:59:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\vghd
[2010-01-05 21:37:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Vso
[2010-01-16 03:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\TuneUp Software
[2010-03-25 19:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\TuneUp Software
[2010-06-23 21:46:39 | 000,000,538 | ---- | M] () -- C:\WINDOWS\Tasks\Automatic maintenance.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:671329E4
< End of report >[/log]

[color="#FF0000"]
// Przenoszę
// Cyp[/color]

Mateusz J.
komentarz
komentarz

Infekcja.
Uruchom OTL i w oknie Custom Scans/Fixes wklej[code]
:Processes
explorer.exe

:OTL
PRC - [2010-06-20 12:47:34 | 000,002,560 | ---- | M] () -- C:\WINDOWS\system\run32dll.exe
SRV - File not found [Auto | Stopped] -- -- (appdrvrem01) Application Driver Auto Removal Service (01)
O4 - HKLM..\Run: [run32d] C:\WINDOWS\system\run32dll.exe ()

:Files
C:\WINDOWS\system\run32dll.exe
C:\WINDOWS\System\run32dll.p1
C:\wsock32.dll
C:\Program Files\wsock32.dll
C:\Program Files\Common Files\wsock32.dll
C:\WINDOWS\wsc.p1
C:\WINDOWS\trdl.p1
C:\WINDOWS\trdl.p2
C:\WINDOWS\linkinfo.p1
C:\WINDOWS\wsc.p2
C:\WINDOWS\linkinfo.p2
C:\WINDOWS\System\run32dll.p2
C:\WINDOWS\rcx.dat
C:\WINDOWS\rcx.ini
C:\Documents and Settings\Kimak\Dane aplikacji\rcx.ini
C:\WINDOWS\ne__H_ck.exe

:Commands
[emptytemp]
[Reboot][/code]Kliknij Run Fix. Zatwierdź restart komputera.
Po ponownym uruchomieniu komputera tworzysz nowy log i pokazujesz do kontroli.

Razer93
komentarz
komentarz

[log]All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== OTL ==========
Process run32dll.exe killed successfully!
Error: No service named appdrvrem01) Application Driver Auto Removal Service (01 was found to stop!
Service\Driver key appdrvrem01) Application Driver Auto Removal Service (01 not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\run32d deleted successfully.
C:\WINDOWS\system\run32dll.exe moved successfully.
========== FILES ==========
File\Folder C:\WINDOWS\system\run32dll.exe not found.
C:\WINDOWS\System\run32dll.p1 moved successfully.
C:\wsock32.dll moved successfully.
C:\Program Files\wsock32.dll moved successfully.
C:\Program Files\Common Files\wsock32.dll moved successfully.
C:\WINDOWS\wsc.p1 moved successfully.
C:\WINDOWS\trdl.p1 moved successfully.
C:\WINDOWS\trdl.p2 moved successfully.
C:\WINDOWS\linkinfo.p1 moved successfully.
C:\WINDOWS\wsc.p2 moved successfully.
C:\WINDOWS\linkinfo.p2 moved successfully.
C:\WINDOWS\System\run32dll.p2 moved successfully.
C:\WINDOWS\rcx.dat moved successfully.
C:\WINDOWS\rcx.ini moved successfully.
C:\Documents and Settings\Kimak\Dane aplikacji\rcx.ini moved successfully.
C:\WINDOWS\ne__H_ck.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Kimak
->Temp folder emptied: 45352851 bytes
->Temporary Internet Files folder emptied: 3726269 bytes
->Java cache emptied: 16049286 bytes
->FireFox cache emptied: 71266571 bytes
->Flash cache emptied: 102028 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2866202 bytes
%systemroot%\System32 .tmp files removed: 6444756 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 266742 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 139,00 mb


OTL by OldTimer - Version 3.2.7.0 log created on 06232010_223301

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\Cache\42CDFD51d01 not found!
C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\Cache\58861B70d01 moved successfully.
File\Folder C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\Cache\CBB0EA65d01 not found!
C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\XUL.mfl moved successfully.

Registry entries deleted on Reboot...[/log]

Już CHYBA wszystko jest dobrze ;) mam jeden proces run32dll.exe. Jesiona jak nauczyłeś się to tak przerabiać i odczytywać wirusy z tego OTL ?

Mateusz J.
komentarz
komentarz

Dodałeś log usuwania, potrzeby jest nowy log taki jak tworzyłeś za pierwszym razem.
Nauczyłem się tego przez google i jeszcze raz google.

Razer93
komentarz
komentarz

[log]OTL logfile created on: 2010-06-23 22:53:59 - Run 2
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Kimak\Moje dokumenty\Pobieranie
Windows XP Home Edition Dodatek Service Pack 4 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 80,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,55 Gb Total Space | 22,53 Gb Free Space | 30,22% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KIMAK
Current User Name: Kimak
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010-06-23 21:29:09 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kimak\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2010-06-23 19:37:59 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-06-23 19:37:52 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-05-04 16:05:48 | 011,981,408 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2010-03-30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2010-01-14 16:02:55 | 000,604,416 | ---- | M] (TuneUp Software) -- C:\WINDOWS\system32\TUProgSt.exe
PRC - [2009-07-01 18:37:06 | 000,037,888 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2009-04-23 15:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2008-10-25 11:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation) -- C:\word\Office12\GrooveMonitor.exe
PRC - [2008-01-29 11:16:28 | 002,150,400 | ---- | M] () -- C:\Program Files\Vtune\TBPANEL.exe
PRC - [2006-03-02 14:00:00 | 000,975,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005-03-14 13:05:02 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010-06-23 21:29:09 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kimak\Moje dokumenty\Pobieranie\OTL.exe
MOD - [2006-05-03 23:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll
MOD - [2006-03-02 14:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2006-03-02 14:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


[color=#E56717]========== Win32 Services (All) ==========[/color]

SRV - File not found [Auto | Stopped] -- -- (appdrvrem01) Application Driver Auto Removal Service (01)
SRV - [2010-04-12 11:43:47 | 000,215,128 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PnkBstrB.exe -- (PnkBstrB)
SRV - [2010-03-30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010-03-26 18:17:57 | 000,361,216 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010-02-07 20:09:24 | 000,170,992 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Usługa Google Update (gupdate)
SRV - [2010-01-14 16:02:55 | 000,604,416 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2009-12-14 21:50:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009-11-11 20:35:51 | 000,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009-08-17 03:03:00 | 000,168,004 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2009-08-16 09:37:35 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009-06-10 08:31:55 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
SRV - [2009-02-09 12:22:08 | 000,399,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs) Zdalne wywoływanie procedur (RPC)
SRV - [2009-02-09 12:22:08 | 000,399,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch)
SRV - [2009-02-09 12:10:45 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2009-02-09 12:10:45 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008-11-04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008-10-25 11:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\word\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008-07-29 21:10:04 | 000,046,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008-07-29 19:24:50 | 000,881,664 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008-07-29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008-07-25 11:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-07-25 11:16:40 | 000,034,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2008-07-07 22:33:22 | 000,253,952 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\es.dll -- (EventSystem)
SRV - [2008-06-20 19:42:21 | 000,246,784 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla) Rozpoznawanie lokalizacji w sieci (NLA)
SRV - [2007-11-28 10:27:24 | 000,800,040 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2007-06-27 18:04:00 | 000,279,848 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006-08-24 23:30:20 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mspmsnsv.dll -- (WmdmPmSN)
SRV - [2006-03-02 14:00:00 | 000,435,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2006-03-02 14:00:00 | 000,382,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2006-03-02 14:00:00 | 000,359,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2006-03-02 14:00:00 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Windows Image Acquisition (WIA)
SRV - [2006-03-02 14:00:00 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2006-03-02 14:00:00 | 000,296,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2006-03-02 14:00:00 | 000,291,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2006-03-02 14:00:00 | 000,246,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2006-03-02 14:00:00 | 000,225,280 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2006-03-02 14:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2006-03-02 14:00:00 | 000,192,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2006-03-02 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost)
SRV - [2006-03-02 14:00:00 | 000,175,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\w32time.dll -- (W32Time)
SRV - [2006-03-02 14:00:00 | 000,174,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2006-03-02 14:00:00 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2006-03-02 14:00:00 | 000,150,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2006-03-02 14:00:00 | 000,145,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2006-03-02 14:00:00 | 000,141,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)
SRV - [2006-03-02 14:00:00 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2006-03-02 14:00:00 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2006-03-02 14:00:00 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2006-03-02 14:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP)
SRV - [2006-03-02 14:00:00 | 000,129,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov)
SRV - [2006-03-02 14:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv)
SRV - [2006-03-02 14:00:00 | 000,114,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2006-03-02 14:00:00 | 000,114,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2006-03-02 14:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2006-03-02 14:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)
SRV - [2006-03-02 14:00:00 | 000,096,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2006-03-02 14:00:00 | 000,091,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)
SRV - [2006-03-02 14:00:00 | 000,090,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks)
SRV - [2006-03-02 14:00:00 | 000,089,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2006-03-02 14:00:00 | 000,081,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2006-03-02 14:00:00 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2006-03-02 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator) Lokalizator usługi zdalnego wywołania procedury (RPC)
SRV - [2006-03-02 14:00:00 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2006-03-02 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient)
SRV - [2006-03-02 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2006-03-02 14:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2006-03-02 14:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2006-03-02 14:00:00 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2006-03-02 14:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2006-03-02 14:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2006-03-02 14:00:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\sens.dll -- (SENS)
SRV - [2006-03-02 14:00:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2006-03-02 14:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2006-03-02 14:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2006-03-02 14:00:00 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc)
SRV - [2006-03-02 14:00:00 | 000,024,064 | ---- | M] (Microsoft Corp.) [On_Demand | Stopped] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2006-03-02 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2006-03-02 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2006-03-02 14:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ups.exe -- (UPS) Zasilacz awaryjny (UPS)
SRV - [2006-03-02 14:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2006-03-02 14:00:00 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\svchost.exe -- (AppMgmt)
SRV - [2006-03-02 14:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2006-03-02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2006-03-02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2006-03-02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2006-03-02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp)
SRV - [2006-03-02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2006-03-02 14:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2006-03-02 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC)
SRV - [2006-03-02 14:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc)
SRV - [2006-03-02 14:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2006-03-02 14:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp)
SRV - [2005-05-03 12:58:36 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2005-03-14 13:05:02 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2004-08-04 00:44:00 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)


[color=#E56717]========== Driver Services (All) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ViaIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ultra)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (TosIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc8xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc810)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_u3)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_hi)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Sparrow)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Simbad)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1280)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1240)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql12160)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Ql10wnt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1080)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2hib)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (mraid35x)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | Disabled | Running] -- -- (klmouflt)
DRV - File not found [File_System | Disabled | Running] -- -- (KLIF)
DRV - File not found [Kernel | Disabled | Running] -- -- (klbg)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (IntelIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ini910u)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (i2omp)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (hpn)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (GarenaPEngine)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (dpti2o)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (dac960nt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Cpqarray)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (CmdIde)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (cd20xrnt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Atdisk)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3550)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3350p)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (amsint)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (AliIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78u2)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Aha154x)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (adpu160m)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (abp480n5)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Abiosdsk)
DRV - [2010-04-12 11:43:56 | 000,139,128 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010-01-23 13:25:17 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010-01-05 21:31:08 | 000,047,360 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pcouffin.sys -- (pcouffin)
DRV - [2010-01-03 00:15:08 | 003,059,824 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01)
DRV - [2009-12-24 12:19:13 | 000,163,644 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2009-12-18 14:56:47 | 000,040,320 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\steth.sys -- (STETH)
DRV - [2009-12-18 14:56:47 | 000,030,464 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\st330.sys -- (ST330)
DRV - [2009-12-18 14:56:47 | 000,012,672 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\stbus.sys -- (STBUS)
DRV - [2009-12-10 16:56:16 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009-10-20 16:58:48 | 000,263,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2009-10-10 09:04:15 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009-10-10 09:04:15 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009-10-06 18:54:16 | 005,922,816 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009-09-01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | Disabled | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2009-08-17 00:57:00 | 007,729,568 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009-08-15 19:48:37 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-06-22 13:34:52 | 000,092,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2009-04-28 22:20:06 | 000,044,944 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008-12-11 13:57:21 | 000,333,184 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2008-10-24 13:10:42 | 000,453,632 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2008-08-14 11:51:43 | 000,138,368 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2008-08-05 20:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008-06-20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2008-06-20 11:52:06 | 000,225,920 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008-01-03 16:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007-08-02 18:32:26 | 000,022,784 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dadder.sys -- (DAdderFltr)
DRV - [2007-04-03 13:57:54 | 000,099,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116unic.sys -- (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM)
DRV - [2007-04-03 13:57:52 | 000,098,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116obex.sys -- (s116obex)
DRV - [2007-04-03 13:57:52 | 000,023,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116nd5.sys -- (s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS)
DRV - [2007-04-03 13:57:50 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mgmt.sys -- (s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM)
DRV - [2007-04-03 13:57:48 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mdm.sys -- (s116mdm)
DRV - [2007-04-03 13:57:48 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mdfl.sys -- (s116mdfl)
DRV - [2007-04-03 13:57:42 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116bus.sys -- (s116bus) Sony Ericsson Device 116 driver (WDM)
DRV - [2007-03-16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007-03-16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2006-08-24 21:26:02 | 000,038,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wpdusb.sys -- (WpdUsb)
DRV - [2006-03-02 14:00:00 | 000,800,000 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2006-03-02 14:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\ntfs.sys -- (Ntfs)
DRV - [2006-03-02 14:00:00 | 000,209,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2006-03-02 14:00:00 | 000,188,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ACPI.sys -- (ACPI)
DRV - [2006-03-02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ndis.sys -- (NDIS)
DRV - [2006-03-02 14:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2006-03-02 14:00:00 | 000,176,512 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2006-03-02 14:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2006-03-02 14:00:00 | 000,153,856 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2006-03-02 14:00:00 | 000,143,360 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\fastfat.sys -- (Fastfat)
DRV - [2006-03-02 14:00:00 | 000,139,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2006-03-02 14:00:00 | 000,134,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2006-03-02 14:00:00 | 000,125,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ftdisk.sys -- (Ftdisk)
DRV - [2006-03-02 14:00:00 | 000,124,800 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\fltMgr.sys -- (FltMgr)
DRV - [2006-03-02 14:00:00 | 000,120,064 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2006-03-02 14:00:00 | 000,107,904 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\mup.sys -- (Mup)
DRV - [2006-03-02 14:00:00 | 000,091,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2006-03-02 14:00:00 | 000,080,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport)
DRV - [2006-03-02 14:00:00 | 000,074,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2006-03-02 14:00:00 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sr.sys -- (sr)
DRV - [2006-03-02 14:00:00 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2006-03-02 14:00:00 | 000,066,176 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\udfs.sys -- (Udfs)
DRV - [2006-03-02 14:00:00 | 000,065,664 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\serial.sys -- (Serial)
DRV - [2006-03-02 14:00:00 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\cdfs.sys -- (Cdfs)
DRV - [2006-03-02 14:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2006-03-02 14:00:00 | 000,053,504 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2006-03-02 14:00:00 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\volsnap.sys -- (VolSnap)
DRV - [2006-03-02 14:00:00 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV - [2006-03-02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2006-03-02 14:00:00 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV - [2006-03-02 14:00:00 | 000,042,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2006-03-02 14:00:00 | 000,041,856 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2006-03-02 14:00:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2006-03-02 14:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm)
DRV - [2006-03-02 14:00:00 | 000,038,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2006-03-02 14:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\disk.sys -- (Disk)
DRV - [2006-03-02 14:00:00 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2006-03-02 14:00:00 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fips.sys -- (Fips)
DRV - [2006-03-02 14:00:00 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2006-03-02 14:00:00 | 000,034,560 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2006-03-02 14:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2006-03-02 14:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2006-03-02 14:00:00 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\npfs.sys -- (Npfs)
DRV - [2006-03-02 14:00:00 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\modem.sys -- (Modem)
DRV - [2006-03-02 14:00:00 | 000,029,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)
DRV - [2006-03-02 14:00:00 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fdc.sys -- (Fdc)
DRV - [2006-03-02 14:00:00 | 000,024,960 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2006-03-02 14:00:00 | 000,023,296 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2006-03-02 14:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2006-03-02 14:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2006-03-02 14:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2006-03-02 14:00:00 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2006-03-02 14:00:00 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\msfs.sys -- (Msfs)
DRV - [2006-03-02 14:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\partmgr.sys -- (PartMgr)
DRV - [2006-03-02 14:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2006-03-02 14:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV - [2006-03-02 14:00:00 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\serenum.sys -- (serenum)
DRV - [2006-03-02 14:00:00 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2006-03-02 14:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2006-03-02 14:00:00 | 000,012,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2006-03-02 14:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tunmp.sys -- (tunmp)
DRV - [2006-03-02 14:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2006-03-02 14:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2006-03-02 14:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2006-03-02 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2006-03-02 14:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2006-03-02 14:00:00 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2006-03-02 14:00:00 | 000,009,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2006-03-02 14:00:00 | 000,009,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (hidusb)
DRV - [2006-03-02 14:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2006-03-02 14:00:00 | 000,006,912 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\parvdm.sys -- (ParVdm)
DRV - [2006-03-02 14:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2006-03-02 14:00:00 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\beep.sys -- (Beep)
DRV - [2006-03-02 14:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\null.sys -- (Null)
DRV - [2006-01-04 15:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005-10-28 03:24:30 | 000,021,568 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2005-10-28 03:24:29 | 000,016,496 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2005-10-28 03:24:28 | 000,049,664 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2005-01-07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004-08-04 02:35:34 | 000,058,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2004-08-04 00:44:40 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2004-08-04 00:38:02 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2004-08-04 00:34:12 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\pci.sys -- (PCI)
DRV - [2004-08-03 23:15:56 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2004-08-03 23:15:06 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2004-08-03 23:08:48 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2004-08-03 23:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2004-08-03 23:08:44 | 000,057,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2004-08-03 23:08:38 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2004-08-03 23:08:38 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2004-08-03 23:07:58 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2004-08-03 23:07:50 | 000,171,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2004-08-03 23:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2004-08-03 23:07:40 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DMusic.sys -- (DMusic)
DRV - [2004-08-03 23:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi)
DRV - [2004-08-03 22:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2004-08-03 22:58:42 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSKSSRV.sys -- (MSKSSRV)
DRV - [2004-08-03 22:58:42 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSPQM.sys -- (MSPQM)
DRV - [2004-08-03 22:58:40 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSPCLOCK.sys -- (MSPCLOCK)
DRV - [2004-08-03 22:39:38 | 000,142,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2003-12-08 12:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2003-12-08 12:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
DRV - [2002-10-15 15:48:46 | 000,012,964 | ---- | M] (WayTech Development, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbfilter.sys -- (kbfilter)
DRV - [2001-10-26 16:56:44 | 000,003,456 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\pciide.sys -- (PCIIde)
DRV - [2001-10-26 16:47:28 | 000,036,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\isapnp.sys -- (isapnp)
DRV - [2001-08-17 23:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
DRV - [2001-08-17 22:00:52 | 000,054,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2001-08-17 21:52:30 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\cdaudio.sys -- (Cdaudio)


[color=#E56717]========== Standard Registry (All) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15510&l=dis
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.4
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20100314
FF - prefs.js..extensions.enabledItems: {e2c58150-9d72-11dd-ad8b-0800200c9a66}:1.3.1


[2010-04-02 20:52:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Mozilla\Extensions
[2010-04-02 20:52:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kimak\Dane aplikacji\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010-06-23 15:51:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\extensions
[2010-04-02 21:03:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Kimak\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-04-02 21:05:42 | 000,000,000 | ---D | M] (Black Steel) -- C:\Documents and Settings\Kimak\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\extensions\{e2c58150-9d72-11dd-ad8b-0800200c9a66}
[2010-04-02 21:03:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Mozilla\Firefox\Profiles\2z0nkzl2.default\extensions\nasanightlaunch@example.com
[2010-06-23 15:51:47 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-06-23 19:37:59 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-12-14 21:50:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2010-06-23 19:37:51 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010-06-23 19:37:51 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2007-04-10 18:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2009-07-17 10:40:12 | 000,704,512 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2009-12-14 21:50:23 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009-08-29 17:51:18 | 000,024,684 | ---- | M] (MyWebSearch.com) -- C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll
[2010-06-23 19:37:53 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2006-10-26 20:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
[2009-01-28 20:46:54 | 000,307,200 | ---- | M] (ESKA) -- C:\Program Files\Mozilla Firefox\plugins\npOggX.dll
[2009-12-21 18:34:06 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2010-04-01 19:33:11 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-04-01 19:33:11 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-04-01 19:33:11 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010-04-01 19:33:11 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-04-01 19:33:11 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-04-01 19:33:11 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-04-01 19:33:11 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-06-15 10:29:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\word\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Adres) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Łącza) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [GrooveMonitor] C:\word\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Hijack This] C:\WINDOWS\ne__H_ck.exe File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [TBPanel] C:\Program Files\Vtune\TBPanel.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKCU..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu Sp. z oo)
O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKCU..\Run: [IPLA!] C:\Program Files\ipla\ipla.exe ()
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\Kimak\Menu Start\Programy\Autostart\RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\word\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll (Google Inc.)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\word\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\word\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\word\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe ()
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\word\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (LogonUI.EXE) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Moduł wstępnego ładowania interfejsu Browseui - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Demon buforu kategorii składników - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\word\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-08-15 16:25:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{74de429a-544c-11df-81a0-001fd00d9f59}\Shell\AutoRun\command - "" = H:\Launcher.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-06-23 22:53:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010-06-23 22:49:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Pulpit\asd
[2010-06-23 22:33:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-06-23 20:06:01 | 000,000,000 | ---D | C] -- C:\Program Files\RegCleaner
[2010-06-23 09:55:26 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-06-23 09:55:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-06-19 20:13:22 | 000,000,000 | ---D | C] -- C:\wbu
[2010-06-19 12:14:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Pulpit\Achmed The Dead Terrorist
[2010-06-19 09:46:24 | 000,000,000 | ---D | C] -- C:\PCSX2 24.12.2009
[2010-06-18 13:54:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Moje dokumenty\pcsx2
[2010-06-18 13:54:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Pulpit\PCSX2 24.12.2009
[2010-06-18 13:47:06 | 000,000,000 | ---D | C] -- C:\plugins
[2010-06-18 13:47:06 | 000,000,000 | ---D | C] -- C:\bios
[2010-06-16 23:04:30 | 000,000,000 | ---D | C] -- C:\Program Files\KeyLogger
[2010-06-15 10:30:12 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010-06-15 10:11:21 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010-06-14 21:17:44 | 000,000,000 | ---D | C] -- C:\Program Files\Valve
[2010-06-11 21:52:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010-06-01 15:00:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Dane aplikacji\bizarre creations
[2010-05-30 00:04:02 | 000,000,000 | ---D | C] -- C:\ezio
[2010-05-28 21:21:53 | 000,000,000 | ---D | C] -- C:\Sys
[2010-05-26 13:07:16 | 000,000,000 | ---D | C] -- C:\Program Files\THQ
[2010-05-24 16:58:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Moje dokumenty\Hitman Blood Money
[2010-05-24 16:27:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Dane aplikacji\BlackBean
[2010-05-17 20:05:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2010-05-17 20:05:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2010-05-17 20:05:17 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2010-05-12 20:22:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Moje dokumenty\KONAMI
[2010-05-10 19:17:54 | 000,000,000 | ---D | C] -- C:\zc
[2010-05-10 15:54:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Moje dokumenty\4A Games
[2010-05-10 15:42:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\4A Games
[2010-05-09 13:23:22 | 000,000,000 | ---D | C] -- C:\Documents and Set
[2010-05-09 13:10:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Moje dokumenty\Tunngle
[2010-05-08 20:40:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Dane aplikacji\Tunngle
[2010-05-08 20:40:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Tunngle
[2010-05-08 20:40:10 | 000,027,136 | ---- | C] (Tunngle.net) -- C:\WINDOWS\System32\drivers\tap0901t.sys
[2010-05-07 23:57:21 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady
[2010-05-07 23:55:22 | 000,000,000 | ---D | C] -- C:\Program Files\ipla
[2010-05-05 17:25:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\storage
[2010-04-29 20:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010-04-29 20:43:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010-04-29 20:43:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010-04-29 20:41:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010-04-29 20:40:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010-04-29 20:39:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010-04-29 20:38:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\Microsoft Help
[2010-04-29 20:38:31 | 000,000,000 | ---D | C] -- C:\word
[2010-04-29 20:38:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
[2010-04-29 20:37:58 | 000,000,000 | R--D | C] -- C:\MSOCache
[2010-04-25 12:01:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Moje dokumenty\Command and Conquer 4
[2010-04-25 12:00:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kimak\Dane aplikacji\Command and Conquer 4

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-06-23 22:54:04 | 000,000,559 | ---- | M] () -- C:\WINDOWS\DFC.INI
[2010-06-23 22:39:34 | 000,249,502 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010-06-23 22:38:43 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-06-23 22:38:43 | 000,000,538 | ---- | M] () -- C:\WINDOWS\tasks\Automatic maintenance.job
[2010-06-23 22:38:39 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-06-23 22:38:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-06-23 22:37:30 | 007,340,032 | ---- | M] () -- C:\Documents and Settings\Kimak\NTUSER.DAT
[2010-06-23 22:37:30 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Kimak\ntuser.ini
[2010-06-23 22:37:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-06-23 21:46:39 | 000,013,722 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-06-23 21:22:03 | 000,000,977 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Kaspersky Internet Security 2010.lnk
[2010-06-23 20:00:28 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-06-22 20:47:17 | 000,000,640 | ---- | M] () -- C:\Documents and Settings\Kimak\Dane aplikacji\rcx.dat
[2010-06-20 13:08:45 | 000,029,440 | ---- | M] () -- C:\WINDOWS\trdl
[2010-06-15 19:05:46 | 000,000,738 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\JDownloader.lnk
[2010-06-15 18:18:03 | 000,069,904 | ---- | M] () -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-06-15 18:13:58 | 000,273,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-06-15 11:01:24 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2010-06-15 10:30:16 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-06-15 10:29:53 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010-06-15 10:02:47 | 000,503,536 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-06-15 10:02:47 | 000,444,032 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-06-15 10:02:47 | 000,090,408 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-06-15 10:02:46 | 001,124,360 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-06-15 10:02:46 | 000,072,098 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-06-14 21:20:14 | 000,001,607 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Counter Strike 1.6 Non Steam.lnk
[2010-06-14 16:24:45 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-06-13 23:27:00 | 000,044,631 | ---- | M] () -- C:\Documents and Settings\Kimak\Moje dokumenty\Biceps_(PSF).jpg
[2010-06-07 10:41:54 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Access.dat
[2010-06-06 20:27:09 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Zero Gear.lnk
[2010-06-06 20:27:09 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Call of Duty Modern Warfare 2.lnk
[2010-06-06 20:27:09 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Call of Duty Modern Warfare 2 - Multiplayer.lnk
[2010-06-06 20:27:09 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\DAEMON Tools Lite.lnk
[2010-06-06 20:27:09 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\PhotoFiltre.lnk
[2010-06-06 20:27:09 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\PhotoScape.lnk
[2010-06-06 20:27:09 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\OpenFM.lnk
[2010-06-06 20:27:09 | 000,000,674 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Gadu-Gadu 10.lnk
[2010-06-06 20:27:09 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Winamp.lnk
[2010-06-06 20:27:09 | 000,000,662 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\NapiProjekt.lnk
[2010-06-06 20:27:09 | 000,000,653 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Gadu-Gadu.lnk
[2010-06-06 20:27:09 | 000,000,651 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\DSJ3.lnk
[2010-06-06 20:27:09 | 000,000,504 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\KATARZYNA KIMAK.lnk
[2010-06-06 20:27:09 | 000,000,351 | ---- | M] () -- C:\Documents and Settings\Kimak\Pulpit\Moje dokumenty.lnk
[2010-06-01 22:40:03 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-05-30 13:06:36 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Kimak\Pulpit\~$chemia.docx
[2010-05-26 20:02:15 | 000,057,344 | ---- | M] () -- C:\WINDOWS\System32\apache.dll
[2010-05-17 21:44:32 | 000,034,816 | ---- | M] () -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-05-09 13:23:22 | 000,001,751 | ---- | M] () -- C:\Documents and Set.key
[2010-05-09 13:23:22 | 000,000,426 | ---- | M] () -- C:\Documents and Set.pub
[2010-05-09 03:26:31 | 003,171,364 | -H-- | M] () -- C:\Documents and Settings\Kimak\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-05-09 03:04:59 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-05-04 19:12:43 | 000,006,688 | ---- | M] () -- C:\WINDOWS\movexe.exe
[2010-05-04 18:13:15 | 000,000,203 | ---- | M] () -- C:\Documents and Settings\Kimak\default.pls
[2010-04-28 21:05:51 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\SI.bin
[2010-04-26 22:48:47 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2010-04-26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINDOWS\PEV.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-06-23 21:22:03 | 000,000,977 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Kaspersky Internet Security 2010.lnk
[2010-06-15 19:05:46 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\JDownloader.lnk
[2010-06-15 11:01:24 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2010-06-14 21:20:14 | 000,001,607 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Counter Strike 1.6 Non Steam.lnk
[2010-06-14 16:24:45 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-06-13 23:26:59 | 000,044,631 | ---- | C] () -- C:\Documents and Settings\Kimak\Moje dokumenty\Biceps_(PSF).jpg
[2010-06-06 20:27:09 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Zero Gear.lnk
[2010-06-06 20:27:09 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Call of Duty Modern Warfare 2.lnk
[2010-06-06 20:27:09 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Call of Duty Modern Warfare 2 - Multiplayer.lnk
[2010-06-06 20:27:09 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\DAEMON Tools Lite.lnk
[2010-06-06 20:27:09 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\PhotoFiltre.lnk
[2010-06-06 20:27:09 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\PhotoScape.lnk
[2010-06-06 20:27:09 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\OpenFM.lnk
[2010-06-06 20:27:09 | 000,000,674 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Gadu-Gadu 10.lnk
[2010-06-06 20:27:09 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Winamp.lnk
[2010-06-06 20:27:09 | 000,000,662 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\NapiProjekt.lnk
[2010-06-06 20:27:09 | 000,000,653 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Gadu-Gadu.lnk
[2010-06-06 20:27:09 | 000,000,651 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\DSJ3.lnk
[2010-06-06 20:27:09 | 000,000,504 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\KATARZYNA KIMAK.lnk
[2010-06-06 20:27:09 | 000,000,351 | ---- | C] () -- C:\Documents and Settings\Kimak\Pulpit\Moje dokumenty.lnk
[2010-05-30 13:06:36 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Kimak\Pulpit\~$chemia.docx
[2010-05-26 16:51:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\apache.dll
[2010-05-09 13:23:22 | 000,001,751 | ---- | C] () -- C:\Documents and Set.key
[2010-05-09 13:23:22 | 000,000,426 | ---- | C] () -- C:\Documents and Set.pub
[2010-05-08 20:40:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat
[2010-05-04 19:12:43 | 000,006,688 | ---- | C] () -- C:\WINDOWS\movexe.exe
[2010-04-28 21:05:51 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\SI.bin
[2010-04-26 22:48:25 | 000,007,432 | ---- | C] () -- C:\Documents and Settings\Kimak\sss.txt
[2010-04-26 22:46:45 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010-03-24 19:09:04 | 000,024,064 | ---- | C] () -- C:\WINDOWS\trdl.dll
[2010-03-16 17:44:27 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010-02-19 09:42:45 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2009-12-29 10:48:45 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009-12-23 21:10:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iplayer.INI
[2009-12-16 22:46:47 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\H@tKeysH@@k.DLL
[2009-12-10 16:38:59 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009-11-12 16:05:12 | 000,000,134 | ---- | C] () -- C:\WINDOWS\w5win.ini
[2009-11-12 09:10:07 | 000,035,005 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009-11-02 19:56:00 | 000,000,147 | ---- | C] () -- C:\WINDOWS\l33td.ini
[2009-11-01 17:33:07 | 000,000,036 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2009-10-28 23:21:31 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll
[2009-10-23 18:21:43 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009-10-23 18:21:42 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-10-23 18:21:42 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-10-23 18:21:41 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-10-23 18:21:41 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-10-10 09:04:15 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009-10-10 09:04:15 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009-09-10 18:48:19 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2009-08-22 20:28:48 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-08-18 16:31:25 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-08-16 09:38:16 | 000,139,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-08-15 19:48:36 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-08-15 16:38:03 | 000,000,559 | ---- | C] () -- C:\WINDOWS\DFC.INI
[2009-08-07 20:51:34 | 000,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat

[color=#E56717]========== LOP Check ==========[/color]

[2009-12-29 13:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper
[2010-06-23 09:55:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2009-10-15 15:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BC
[2009-10-31 02:47:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Cabela's Outdoor Adventures Saves
[2010-01-12 18:22:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters
[2009-08-15 19:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2009-09-26 09:00:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2009-12-27 02:22:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Farm Frenzy
[2010-03-17 20:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-05-22 16:23:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2009-08-18 02:00:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe
[2010-06-19 22:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-01-20 22:46:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-01-14 15:51:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software
[2010-05-08 20:40:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tunngle
[2010-05-24 14:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft
[2009-08-27 15:33:53 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{55A29068-F2CE-456C-9148-C869879E2357}
[2010-01-14 15:51:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2009-09-14 18:30:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\.ZMatrix
[2009-12-23 17:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Atari
[2010-06-01 15:00:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\bizarre creations
[2010-05-24 16:27:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\BlackBean
[2010-04-03 08:43:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Capcom
[2010-04-17 10:38:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Command & Conquer 3 Wojny o tyberium
[2010-04-25 21:15:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Command and Conquer 4
[2009-08-15 19:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\DAEMON Tools Lite
[2010-01-03 00:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\DAEMON Tools Pro
[2009-10-14 13:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Dark Sector
[2010-03-20 21:03:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Gadu-Gadu 10
[2010-01-26 19:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Imperium Romanum
[2010-06-15 10:30:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\ipla
[2009-08-17 00:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Mount&Blade
[2010-01-17 11:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Nowe Gadu-Gadu
[2009-08-18 13:23:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\OpenFM
[2010-02-19 10:03:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\PhotoFiltre
[2010-03-22 22:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Prison Break
[2010-01-03 15:30:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Razer
[2009-12-10 21:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Samsung
[2009-11-30 15:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\SPORE
[2009-08-27 15:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\TuneUp Software
[2010-05-17 20:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Tunngle
[2010-03-14 00:46:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Ubisoft
[2009-09-27 22:27:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Utherverse
[2010-06-13 10:48:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\uTorrent
[2009-12-27 17:59:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\vghd
[2010-01-05 21:37:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kimak\Dane aplikacji\Vso
[2010-06-23 22:38:43 | 000,000,538 | ---- | M] () -- C:\WINDOWS\Tasks\Automatic maintenance.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:671329E4
< End of report >[/log]

Mateusz J.
komentarz
komentarz

Wykonaj: http://www.forumpc.pl/index.php?showtopic=107753
Usuwasz wszystko co znajdzie program, a raport pokazuje na forum.

Razer93
komentarz
komentarz

[log]Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Wersja bazy: 4239

Windows 5.1.2600 Dodatek Service Pack 4
Internet Explorer 6.0.2900.2180

2010-06-25 22:45:49
mbam-log-2010-06-25 (22-45-49).txt

Typ skanowania: Pełne skanowanie (C:\|)
Przeskanowano obiektów: 266932
Upłynęło: 1 godzin(y), 23 minut(y), 12 sekund(y)

Zainfekowanych procesów w pamięci: 0
Zainfekowanych modułów w pamięci: 0
Zainfekowanych kluczy rejestru: 2
Zainfekowanych wartości rejestru: 1
Zainfekowane informacje rejestru systemowego: 0
Zainfekowanych folderów: 0
Zainfekowanych plików: 38

Zainfekowanych procesów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych modułów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych kluczy rejestru:
HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Zainfekowanych wartości rejestru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3popularscreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Zainfekowane informacje rejestru systemowego:
(Nie znaleziono zagrożeń)

Zainfekowanych folderów:
(Nie znaleziono zagrożeń)

Zainfekowanych plików:
C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3REGHK.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3AUXSTB.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3DLGHK.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\f3PSSavr.scr.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\28463\MBMI.006.vir (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\28463\MBMI.007.vir (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{801085D5-C4DC-4C2B-B420-E897D769DDFF}\RP472\A0188324.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{801085D5-C4DC-4C2B-B420-E897D769DDFF}\RP486\A0196525.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\zc\d3drm.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\w5win.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\h@tkeysh@@k.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system\smss.txt (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
C:\WINDOWS\system\smss.txt2 (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.[/log]

Gość
komentarz
komentarz

powinno byc ok

[color="#ff0000"]//jeśli nie jesteś pewien, nie wypowiadaj się
//w ten sposób wprowadzasz autora w błąd
//raaz[/color]

Tomek01
komentarz
komentarz (edytowane)

Mbam nie usunął wszystkiego i OTL nie poradziło sobie ze wszystkim.
Załącz nowy log OTL i [url="http://images.malwareremoval.com/random/RSIT.exe"][b][color="#0000FF"]R[/color]andom's [color="#0000FF"]S[/color]ystem [color="#0000FF"]I[/color]nformation [color="#0000FF"]T[/color]ool[/b][/url]

Sohei
komentarz
komentarz

O4 - HKLM..\Run: [Hijack This] C:\WINDOWS\ne__H_ck.exe File not found
C:\Documents and Settings\Kimak\Dane aplikacji\rcx.dat


Czy po 5 latach sprawdzania logów jesteś pewien ze wszystko jest ok??
Bo MBAM nawet 1/4 nie wyczyścił tego syfu. A to wyzej to tylko przyklady sa

Tomek01
komentarz
komentarz (edytowane)

C:\WINDOWS\trdl
C:\WINDOWS\movexe.exe
C:\WINDOWS\trdl.dll

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.