Kurei utworzono 23 czerwca 2010 utworzono 23 czerwca 2010 Od kilku dni mój komputer zaczal wolniej pracowac(widac to nawet w grach,po fpsach).Do tego w procesach cały czas są rózne nie znane mi procesy(ThisIsNotABackdoor.exe,000100100.exe,winRER.exe- wiecej nie pamiętam).Myslalem że wszystko jest normalnie ale dzisiaj gdy grałem nagle wyskoczył mi program,ktorego nie sciagalem o nazwie Paypal Money Adder.Oprócz tego zdarzenia dzieją sie także inne rzeczy typu: trace uprawnienia administratora(musze jeszcze raz zmieniac), ping skacze do 900.Do tego cały czas obawiam się że mam keyloggera(można sprawdzić po logach czy jest?). Formata nie zamierzam robić, chyba że będzie konieczny.. Korzystam z Avasta. Umieszczam logi: [log] OTL logfile created on: 2010-06-23 21:14:49 - Run 1 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Tomek\Pulpit Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 36,00% Memory free 5,00 Gb Paging File | 3,00 Gb Available in Paging File | 56,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 196,29 Gb Total Space | 98,62 Gb Free Space | 50,24% Space Free | Partition Type: NTFS Drive D: | 101,79 Gb Total Space | 9,03 Gb Free Space | 8,87% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOM-BD93B182DC4 Current User Name: Tomek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-06-23 21:13:39 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tomek\Pulpit\OTL.exe PRC - [2010-06-20 16:23:23 | 001,238,352 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe PRC - [2010-06-18 19:53:45 | 000,339,968 | -H-- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\HCKU.exe PRC - [2010-06-17 02:16:10 | 000,479,233 | ---- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\lsass.exe PRC - [2010-06-14 11:51:03 | 019,719,680 | ---- | M] (NDoors Co,Ltd.) -- D:\nDoors\Atlantica\Atlantica.exe PRC - [2010-06-13 17:54:28 | 000,104,960 | -H-- | M] () -- C:\WINDOWS\system32\WUDHost.exe PRC - [2010-05-28 02:08:46 | 003,493,264 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\Xfire.exe PRC - [2010-05-16 20:48:35 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-05-07 21:55:19 | 000,215,104 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe PRC - [2010-05-06 22:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010-05-06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010-04-03 19:23:16 | 000,154,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2010-03-24 20:17:47 | 000,952,768 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe PRC - [2010-02-23 17:54:00 | 000,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-02-15 19:07:02 | 000,141,608 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe PRC - [2010-02-15 19:06:48 | 000,545,576 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe PRC - [2010-02-01 23:32:16 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin PRC - [2010-02-01 23:32:14 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe PRC - [2010-01-14 00:44:52 | 000,037,888 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe PRC - [2009-11-20 20:01:18 | 000,832,296 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2009-08-28 20:42:54 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2009-08-06 20:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe PRC - [2009-02-09 12:10:45 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2009-02-06 18:39:29 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2009-01-30 00:20:49 | 000,057,344 | ---- | M] (SlySoft, Inc.) -- C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe PRC - [2008-12-12 12:17:38 | 000,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2007-10-23 18:48:14 | 000,380,928 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\GamerOSD\GamerOSD.exe PRC - [2006-03-02 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2006-03-02 14:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2006-03-02 14:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2006-03-02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2006-03-02 14:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2006-03-02 14:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [AKAMAI] PRC - [2006-03-02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2006-03-02 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2005-11-08 19:01:05 | 000,540,160 | RHS- | M] () -- C:\WINDOWS\system32\install\svchost.exe [IMGSVC] PRC - [2005-01-28 14:44:28 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-06-23 21:13:39 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tomek\Pulpit\OTL.exe MOD - [2010-05-28 02:09:04 | 000,970,640 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\xfire_toucan_42784.dll MOD - [2010-02-26 08:14:05 | 000,664,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll MOD - [2010-02-26 08:14:04 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-09-04 22:47:54 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll MOD - [2009-06-25 10:48:08 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 17:18:19 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-03-21 16:21:24 | 001,014,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 12:22:08 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 12:22:06 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-10-23 15:01:37 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-07-03 15:16:27 | 008,483,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2007-10-23 18:48:14 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll MOD - [2006-05-03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll MOD - [2006-03-02 14:00:00 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2006-03-02 14:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2006-03-02 14:00:00 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2006-03-02 14:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2006-03-02 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll MOD - [2006-03-02 14:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2006-03-02 14:00:00 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2006-03-02 14:00:00 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2006-03-02 14:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2006-03-02 14:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2006-03-02 14:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2006-03-02 14:00:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll MOD - [2006-03-02 14:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2006-03-02 14:00:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll MOD - [2006-03-02 14:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2006-03-02 14:00:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2006-03-02 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll MOD - [2006-03-02 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2006-03-02 14:00:00 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll MOD - [2006-03-02 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2006-03-02 14:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll MOD - [2006-03-02 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2006-03-02 14:00:00 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- -- (Hamachi2Svc) SRV - File not found [Auto | Stopped] -- -- (Application Updater) SRV - [2010-06-23 08:15:28 | 002,561,624 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\rswin_3725.dll -- (Akamai) SRV - [2010-05-06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010-05-06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010-05-06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2007-10-23 18:46:30 | 000,262,144 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Stopped] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-06-08 17:16:26 | 006,056,040 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2010-05-07 16:02:18 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-05-06 22:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010-05-06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP) DRV - [2010-05-06 22:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010-05-06 22:33:59 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2) DRV - [2010-05-06 22:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-05-06 22:33:29 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2010-04-04 00:55:31 | 010,232,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2010-02-20 19:41:09 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2009-11-18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009-11-18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009-06-30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot) DRV - [2009-03-27 02:16:28 | 000,012,672 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz132_x32.sys -- (cpuz132) DRV - [2009-02-17 19:11:30 | 000,024,232 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV - [2008-01-03 16:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2007-10-23 18:48:16 | 000,012,416 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asusgsb.sys -- (asusgsb) DRV - [2007-10-23 18:48:14 | 000,010,752 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Video3D32.sys -- (Video3D) DRV - [2007-10-23 18:48:12 | 000,011,136 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt) DRV - [2007-02-16 02:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2007-01-29 18:12:52 | 000,018,432 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AsusVRC.sys -- (ASUSVRC) DRV - [2006-09-24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan) DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen) DRV - [2006-06-14 14:44:30 | 000,012,288 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EIO_XP.sys -- (EIO_XP) DRV - [2006-03-02 14:00:00 | 000,036,352 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\disk.sys -- (Disk) DRV - [2005-01-07 18:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus) DRV - [2004-08-03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2003-04-15 18:07:26 | 000,006,852 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Vcs.sys -- (Vcs) DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1454471165-1284227242-725345543-1004\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKU\S-1-5-21-1454471165-1284227242-725345543-1004\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\YouTube Downloader Toolbar\SearchSettings.dll (Spigot, Inc.) IE - HKU\S-1-5-21-1454471165-1284227242-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1454471165-1284227242-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811" FF - prefs.js..browser.search.selectedEngine: "DAEMON Search" FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:4.0 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3 FF - prefs.js..extensions.enabledItems: youtubedownloader@mybrowserbar.com:1.0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-04-16 14:32:06 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-05-16 20:48:43 | 000,000,000 | ---D | M] [2010-03-10 17:11:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\Mozilla\Extensions [2010-06-13 16:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\Mozilla\Firefox\Profiles\5bvp76ej.default\extensions [2010-03-10 17:15:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Tomek\Dane aplikacji\Mozilla\Firefox\Profiles\5bvp76ej.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-05-07 16:02:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\Mozilla\Firefox\Profiles\5bvp76ej.default\extensions\DTToolbar@toolbarnet.com [2010-03-10 17:15:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\Mozilla\Firefox\Profiles\5bvp76ej.default\extensions\illimitux@illimitux.net [2010-05-07 16:02:28 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\Mozilla\Firefox\Profiles\5bvp76ej.default\searchplugins\daemon-search.xml [2010-06-12 19:33:04 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-05-16 20:48:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-05-16 20:48:35 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll O1 HOSTS File: ([2009-12-16 09:17:15 | 000,000,830 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 85.214.155.229 l2authd.lineage2.com O1 - Hosts: 85.214.155.229 l2testauthd.lineage2.com O1 - Hosts: 66.240.255.107 nprotect.lineage2.com O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\YouTube Downloader Toolbar\SearchSettings.dll (Spigot, Inc.) O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\1.0\youtubedownloaderToolbarIE.dll (Spigot, Inc.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\1.0\youtubedownloaderToolbarIE.dll (Spigot, Inc.) O3 - HKU\S-1-5-21-1454471165-1284227242-725345543-1004\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-1454471165-1284227242-725345543-1004\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software) O4 - HKLM..\Run: [HKLM] Reg Error: Value error. File not found O4 - HKLM..\Run: [System Security Enhancements Service] C:\WINDOWS\system32\mmindsrv.exe (AceSoft Corp all rights reserved) O4 - HKLM..\Run: [Windows Defender] C:\Documents and Settings\Tomek\Dane aplikacji\HCKU.exe (AceSoft Corp all rights reserved) O4 - HKU\.DEFAULT..\Run: [AsyxSys.exe] C:\Documents and Settings\Tomek\Dane aplikacji\AsyxSys.exe () O4 - HKU\.DEFAULT..\Run: [csrsss] C:\Documents and Settings\Tomek\Dane aplikacji\csrsss.exe () O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] File not found O4 - HKU\.DEFAULT..\Run: [Developer Operations Network] File not found O4 - HKU\.DEFAULT..\Run: [HKCU] C:\WINDOWS\system32\install\Mscvhost.exe () O4 - HKU\.DEFAULT..\Run: [install] File not found O4 - HKU\.DEFAULT..\Run: [Java Sched Updater] File not found O4 - HKU\.DEFAULT..\Run: [Microsoft Windows Hosting Service Login] File not found O4 - HKU\.DEFAULT..\Run: [MSWUpdate] C:\Documents and Settings\Tomek\Dane aplikacji\lsass.exe (AceSoft Corp all rights reserved) O4 - HKU\.DEFAULT..\Run: [Security System] File not found O4 - HKU\.DEFAULT..\Run: [Startup] File not found O4 - HKU\.DEFAULT..\Run: [System] C:\Documents and Settings\Tomek\Moje dokumenty\System32\eckscge.exe File not found O4 - HKU\.DEFAULT..\Run: [Task Manager] File not found O4 - HKU\.DEFAULT..\Run: [userinit] File not found O4 - HKU\.DEFAULT..\Run: [Windows] File not found O4 - HKU\.DEFAULT..\Run: [Windows Firewall] C:\Documents and Settings\Tomek\Dane aplikacji\rundll32.exe File not found O4 - HKU\S-1-5-18..\Run: [AsyxSys.exe] C:\Documents and Settings\Tomek\Dane aplikacji\AsyxSys.exe () O4 - HKU\S-1-5-18..\Run: [csrsss] C:\Documents and Settings\Tomek\Dane aplikacji\csrsss.exe () O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] File not found O4 - HKU\S-1-5-18..\Run: [Developer Operations Network] File not found O4 - HKU\S-1-5-18..\Run: [install] File not found O4 - HKU\S-1-5-18..\Run: [Java Sched Updater] File not found O4 - HKU\S-1-5-18..\Run: [Microsoft Windows Hosting Service Login] File not found O4 - HKU\S-1-5-18..\Run: [MSWUpdate] C:\Documents and Settings\Tomek\Dane aplikacji\lsass.exe (AceSoft Corp all rights reserved) O4 - HKU\S-1-5-18..\Run: [Security System] File not found O4 - HKU\S-1-5-18..\Run: [Startup] File not found O4 - HKU\S-1-5-18..\Run: [System] C:\Documents and Settings\Tomek\Moje dokumenty\System32\eckscge.exe File not found O4 - HKU\S-1-5-18..\Run: [Task Manager] File not found O4 - HKU\S-1-5-18..\Run: [userinit] File not found O4 - HKU\S-1-5-18..\Run: [Windows] File not found O4 - HKU\S-1-5-18..\Run: [Windows Firewall] C:\Documents and Settings\Tomek\Dane aplikacji\rundll32.exe File not found O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1004..\Run: [HKCU] C:\WINDOWS\system32\Microsoft_KB57H43\update.exe () O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1004..\Run: [Windows Defender] C:\Documents and Settings\Tomek\Dane aplikacji\HCKU.exe (AceSoft Corp all rights reserved) O4 - Startup: C:\Documents and Settings\Tomek\Menu Start\Programy\Autostart\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Documents and Settings\Tomek\Menu Start\Programy\Autostart\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Task Manager = C:\DOCUME~1\Tomek\USTAWI~1\Temp\taskmanager.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: csrsss = C:\Documents and Settings\Tomek\Dane aplikacji\csrsss.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Windows Defender = C:\Documents and Settings\Tomek\Dane aplikacji\HCKU.exe (AceSoft Corp all rights reserved) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: alg = C:\Documents and Settings\Tomek\Dane aplikacji\alg.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\WINDOWS\system32\Microsoft_KB57H43\update.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: msconfigs = C:\WINDOWS\system32\System32\updater.exe File not found O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Windows = C:\DOCUME~1\Tomek\USTAWI~1\Temp\winlogons.exe File not found O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\WINDOWS\system32\Microsoft_KB57H43\update.exe File not found O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html () O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {3A52566B-6018-485B-B713-8B9FF660D8E8} http://dvrlink.net/webdvr/webdvr2.5.10.2_32.0.0.0.cab (ilhtrapp Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (C:\Documents and Settings\Tomek\Dane aplikacji\lsass.exe) - C:\Documents and Settings\Tomek\Dane aplikacji\lsass.exe (AceSoft Corp all rights reserved) O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\Tomek\Dane aplikacji\recyclerr\recyclerr.exe) - C:\Documents and Settings\Tomek\Dane aplikacji\recyclerr\recyclerr.exe File not found O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\Tomek\Dane aplikacji\dll\svchost.exe) - C:\Documents and Settings\Tomek\Dane aplikacji\dll\svchost.exe File not found O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-02-20 19:18:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009-11-21 17:49:59 | 000,009,418 | ---- | M] () - D:\Autodesk_3ds_Max_2010_English_WIN_32_Trial.exe -- [ NTFS ] O33 - MountPoints2\##192.168.3.10#aom\Shell - "" = AutoRun O33 - MountPoints2\##192.168.3.10#aom\Shell\AutoRun\command - "" = W:\instalar.exe -- File not found O33 - MountPoints2\##192.168.3.10#aom\Shell\setup\command - "" = W:\instalar.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2010-02-20 19:34:39 | 000,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-06-23 21:13:37 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tomek\Pulpit\OTL.exe [2010-06-23 16:25:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\cresty [2010-06-22 22:28:15 | 000,315,392 | ---- | C] (None) -- C:\WINDOWS\winservice.exe [2010-06-22 19:55:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\install [2010-06-22 17:28:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Moje dokumenty\AdobeStockPhotos [2010-06-21 20:36:46 | 000,200,704 | ---- | C] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\a.exe [2010-06-21 20:17:56 | 000,200,704 | ---- | C] (AceSoft Corp all rights reserved) -- C:\WINDOWS\System32\mmindsrv.exe [2010-06-21 09:24:12 | 000,000,000 | ---D | C] -- C:\SaveFolder [2010-06-21 09:11:17 | 000,000,000 | ---D | C] -- C:\Program Files\RemoteAgent [2010-06-21 00:30:20 | 000,372,736 | RHS- | C] (DAZ3gyInkVsJ8CVU) -- C:\WINDOWS\bot.exe [2010-06-19 08:16:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\x22 [2010-06-18 21:29:51 | 000,253,564 | ---- | C] (Microsoft) -- C:\Documents and Settings\Tomek\Dane aplikacji\services32.exe [2010-06-18 20:02:13 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\explorer [2010-06-18 19:53:42 | 000,339,968 | -H-- | C] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\HCKU.exe [2010-06-18 18:32:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\AV Voice Changer Diamond 6_mahek [2010-06-18 17:00:55 | 000,359,016 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe [2010-06-18 17:00:54 | 000,129,640 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe [2010-06-18 17:00:52 | 001,691,480 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys [2010-06-18 11:59:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Dane aplikacji\Application Updater [2010-06-17 17:30:40 | 000,000,000 | ---D | C] -- C:\Program Files\TopWare [2010-06-17 16:16:43 | 000,159,744 | ---- | C] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\dzaqqci.exe [2010-06-17 16:15:40 | 000,159,744 | ---- | C] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\wfggxgn.exe [2010-06-17 00:05:36 | 001,312,768 | ---- | C] (Microsoft) -- C:\Documents and Settings\Tomek\Dane aplikacji\whjxfrt.exe [2010-06-17 00:03:45 | 001,312,768 | ---- | C] (Microsoft) -- C:\Documents and Settings\Tomek\Dane aplikacji\zaexfbl.exe [2010-06-17 00:00:59 | 001,312,768 | ---- | C] (Microsoft) -- C:\Documents and Settings\Tomek\Dane aplikacji\tdxzbcp.exe [2010-06-16 23:59:15 | 001,312,768 | ---- | C] (Microsoft) -- C:\Documents and Settings\Tomek\Dane aplikacji\xytshng.exe [2010-06-16 20:12:42 | 000,358,685 | RHS- | C] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Tomek\ThisIsNotABackdoor.exe [2010-06-16 15:42:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\Nowy folder [2010-06-15 22:06:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Moje dokumenty\System32 [2010-06-15 22:02:02 | 000,375,808 | ---- | C] (Microsoft) -- C:\Documents and Settings\Tomek\Dane aplikacji\olsgcpk.exe [2010-06-15 21:37:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\WINDOWS [2010-06-15 20:59:26 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2010-06-15 20:56:13 | 000,167,936 | ---- | C] ( ) -- C:\Documents and Settings\Tomek\Dane aplikacji\ykkwhej.exe [2010-06-15 20:53:57 | 000,167,936 | ---- | C] ( ) -- C:\Documents and Settings\Tomek\Dane aplikacji\lerkjfu.exe [2010-06-15 18:05:21 | 000,458,752 | ---- | C] (RlKd9wUFogtVw) -- C:\Documents and Settings\Tomek\Dane aplikacji\plebupk.exe [2010-06-15 17:58:35 | 000,458,752 | ---- | C] (RlKd9wUFogtVw) -- C:\Documents and Settings\Tomek\Dane aplikacji\wrqgtob.exe [2010-06-15 17:49:11 | 000,458,752 | ---- | C] (RlKd9wUFogtVw) -- C:\Documents and Settings\Tomek\Dane aplikacji\bmlotyh.exe [2010-06-15 17:47:58 | 000,458,752 | ---- | C] (RlKd9wUFogtVw) -- C:\Documents and Settings\Tomek\Dane aplikacji\arnidnd.exe [2010-06-15 17:19:15 | 000,000,000 | ---D | C] -- C:\Program Files\Steam [2010-06-15 15:36:30 | 000,000,000 | ---D | C] -- C:\Program Files\Robster Productions [2010-06-15 15:23:03 | 000,397,312 | ---- | C] (fullyundetected.com) -- C:\Documents and Settings\Tomek\Dane aplikacji\bcwcwad.exe [2010-06-15 15:17:46 | 000,397,312 | ---- | C] (fullyundetected.com) -- C:\Documents and Settings\Tomek\Dane aplikacji\kizsoio.exe [2010-06-15 15:14:53 | 000,397,312 | ---- | C] (fullyundetected.com) -- C:\Documents and Settings\Tomek\Dane aplikacji\ekamfif.exe [2010-06-15 15:12:25 | 000,397,312 | ---- | C] (fullyundetected.com) -- C:\Documents and Settings\Tomek\Dane aplikacji\txiajes.exe [2010-06-15 15:11:11 | 000,397,312 | ---- | C] (fullyundetected.com) -- C:\Documents and Settings\Tomek\Dane aplikacji\mmruxjy.exe [2010-06-15 14:07:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\CS1 [2010-06-14 17:26:57 | 000,028,672 | ---- | C] (pHr34K) -- C:\Documents and Settings\Tomek\Pulpit\clicker.exe [2010-06-13 21:19:45 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll [2010-06-13 20:32:30 | 000,195,809 | ---- | C] (tryrt4rhrthrthrthrzrgq) -- C:\Documents and Settings\Tomek\Dane aplikacji\tovnuuc.exe [2010-06-13 20:32:00 | 000,195,809 | ---- | C] (tryrt4rhrthrthrthrzrgq) -- C:\Documents and Settings\Tomek\Dane aplikacji\jnrfsha.exe [2010-06-13 20:30:51 | 000,195,809 | ---- | C] (tryrt4rhrthrthrthrzrgq) -- C:\Documents and Settings\Tomek\Dane aplikacji\xxgkxvl.exe [2010-06-13 20:20:40 | 000,195,809 | ---- | C] (tryrt4rhrthrthrthrzrgq) -- C:\Documents and Settings\Tomek\Dane aplikacji\lyhydvg.exe [2010-06-13 20:20:28 | 000,000,000 | ---D | C] -- C:\Program Files\Perfect Optimizer [2010-06-13 20:19:34 | 000,195,809 | ---- | C] (tryrt4rhrthrthrthrzrgq) -- C:\Documents and Settings\Tomek\Dane aplikacji\qukndgp.exe [2010-06-13 20:18:03 | 000,195,809 | ---- | C] (tryrt4rhrthrthrthrzrgq) -- C:\Documents and Settings\Tomek\Dane aplikacji\xxufpqm.exe [2010-06-13 20:14:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\RegCure [2010-06-13 18:48:46 | 000,159,744 | ---- | C] (Yo21GdmF3A) -- C:\Documents and Settings\Tomek\Dane aplikacji\ljiodvt.exe [2010-06-13 18:06:58 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\lowsec [2010-06-13 17:05:16 | 000,192,512 | ---- | C] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\nuidznm.exe [2010-06-13 17:01:23 | 000,192,512 | ---- | C] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\bspiaqr.exe [2010-06-13 16:25:38 | 000,188,416 | ---- | C] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\qbhbmhp.exe [2010-06-13 16:09:13 | 000,188,416 | ---- | C] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\diqninl.exe [2010-06-13 16:04:19 | 000,188,416 | ---- | C] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\xdnrxmf.exe [2010-06-13 07:28:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\PCHealth [2010-06-12 20:01:18 | 000,155,648 | ---- | C] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\bshpxqehb.exe [2010-06-12 19:58:50 | 000,155,648 | ---- | C] (AceSoft Corp all rights reserved) -- C:\WINDOWS\mmindsrv.exe [2010-06-12 19:58:47 | 000,155,648 | ---- | C] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\hqgbtpsbv.exe [2010-06-12 19:57:45 | 000,155,648 | ---- | C] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\mbklpkfov.exe [2010-06-12 16:57:44 | 000,000,000 | RHSD | C] -- C:\Documents and Settings\Tomek\Dane aplikacji\dll [2010-06-12 14:51:02 | 000,479,233 | ---- | C] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\lsass.exe [2010-06-11 15:53:25 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys [2010-06-11 15:51:23 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security [2010-06-11 06:45:01 | 000,136,422 | ---- | C] (vortex) -- C:\WINDOWS\System32\explorerhost.exe [2010-06-07 17:33:21 | 000,000,000 | ---D | C] -- C:\directory [2010-06-02 17:15:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\BaDBoY v5 [2010-06-02 17:11:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\Senses Fail [2010-05-30 20:49:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\bwa [2010-05-30 20:47:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\mph_aimbot_9 [2010-05-30 20:43:47 | 000,164,048 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2010-05-30 20:43:47 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2010-05-30 20:43:46 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2010-05-30 20:43:45 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2010-05-30 20:43:43 | 000,100,432 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2010-05-30 20:43:43 | 000,094,800 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2010-05-30 20:43:42 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2010-05-30 20:43:32 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe [2010-05-30 20:43:32 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr [2010-05-30 20:43:28 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software [2010-05-30 20:43:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-05-29 12:52:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\seren1ty Aimbot 7.0 [2010-05-28 22:01:49 | 000,000,000 | RHSD | C] -- C:\Documents and Settings\Tomek\Dane aplikacji\recyclerr [2010-05-27 21:39:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Dane aplikacji\Octoshape [2010-05-26 17:12:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun [2010-05-26 17:12:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Dane aplikacji\Search Settings [2010-05-26 17:12:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Dane aplikacji\YouTube Downloader [2010-05-25 22:20:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\Fighter FX 7.2 [2010-05-25 18:26:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\misc [2010-05-24 21:42:45 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader Toolbar [2010-05-24 21:42:17 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader [2010-05-23 11:21:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\ZHLT [2010-05-23 11:10:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\cs_demomap [2010-05-23 09:59:29 | 000,000,000 | ---D | C] -- C:\Program Files\Valve Hammer Editor [2010-05-16 20:49:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun [2010-05-16 20:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2010-05-16 20:48:33 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2010-05-16 20:44:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Dane aplikacji\OpenOffice.org [2010-05-16 20:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3 [2010-05-16 20:42:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\OpenOffice.org 3.2 (pl) Installation Files [2010-05-14 19:24:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\Hitman Blood Money [2010-05-13 14:29:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\Smieci [2010-05-13 09:16:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Moje dokumenty\Hitman Blood Money [2010-05-13 08:55:22 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman - Krwawa Forsa [2010-05-09 17:36:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Moje dokumenty\The Duel [2010-05-09 09:18:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\Project Mayhem v1.01 [2010-05-08 18:00:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\Super_Simple_Wallhack_5.21 [2010-05-08 17:41:48 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF [2010-05-08 10:10:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Dane aplikacji\Sun [2010-05-07 16:02:28 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar [2010-05-07 16:02:01 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite [2010-05-07 16:01:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Dane aplikacji\DAEMON Tools Lite [2010-05-07 16:01:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-05-06 20:59:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\Dragon_Age_Origins_Awakening-Razor1911 [2010-05-02 11:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\grafiki [2010-04-29 17:30:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\w3 [2010-04-29 15:41:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi [2010-04-29 15:41:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi [2010-04-29 15:41:18 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi [2010-04-29 13:17:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\Rise Of Legends [2010-04-29 13:06:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\Ageofempries [2010-04-29 13:05:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\Age of Mythology [2010-04-29 12:40:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\aom [2010-04-29 10:01:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\layz [2010-04-29 10:01:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Moje dokumenty\Downloads [2010-04-28 18:49:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\__MACOSX [2010-04-28 16:43:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\[NONSTEAM] WH-3 Cheat [2010-04-26 17:40:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\forumthread [9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Documents and Settings\Tomek\Dane aplikacji\*.tmp files -> C:\Documents and Settings\Tomek\Dane aplikacji\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-06-23 21:18:01 | 001,293,890 | -H-- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\logs.dat [2010-06-23 21:17:56 | 000,002,424 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\cglogs.dat [2010-06-23 21:16:21 | 000,109,119 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\data.dat [2010-06-23 21:13:39 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tomek\Pulpit\OTL.exe [2010-06-23 20:41:00 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-06-23 17:41:00 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-06-23 17:00:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job [2010-06-23 16:33:29 | 000,701,781 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\11.png [2010-06-23 16:20:58 | 000,003,400 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\12314.png [2010-06-23 16:18:25 | 000,003,249 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\1341.png [2010-06-23 16:11:21 | 000,003,345 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\12331.png [2010-06-23 16:04:06 | 000,003,249 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\1111.png [2010-06-23 16:03:36 | 000,003,249 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\134.png [2010-06-23 12:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\PerfectOptimizer_home.job [2010-06-23 11:12:51 | 003,781,731 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\4234.psd [2010-06-23 10:49:51 | 000,708,470 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\143.png [2010-06-23 09:52:18 | 000,270,087 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\s4startfw7.png [2010-06-23 09:34:04 | 000,116,441 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\2798443503_7d13106fb0.jpg [2010-06-22 22:29:35 | 000,315,392 | ---- | M] (None) -- C:\WINDOWS\winservice.exe [2010-06-22 20:14:10 | 000,006,656 | ---- | M] () -- C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-06-22 20:02:45 | 001,126,144 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\7.psd [2010-06-22 16:59:29 | 000,263,088 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\S4_League_Concept_02.jpg [2010-06-22 15:59:49 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2010-06-22 15:57:22 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-06-22 15:57:18 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-06-22 15:57:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-06-21 20:36:46 | 000,200,704 | ---- | M] (AceSoft Corp all rights reserved) -- C:\WINDOWS\System32\mmindsrv.exe [2010-06-21 20:36:46 | 000,200,704 | ---- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\a.exe [2010-06-21 16:36:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010-06-21 13:09:42 | 003,407,872 | -H-- | M] () -- C:\Documents and Settings\Tomek\NTUSER.DAT [2010-06-21 09:10:38 | 000,894,976 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\SystemPack.msi [2010-06-21 09:05:51 | 001,755,358 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\111.bmp [2010-06-21 09:05:23 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Nowy Obraz - mapa bitowa (5).bmp [2010-06-21 00:30:13 | 000,372,736 | RHS- | M] (DAZ3gyInkVsJ8CVU) -- C:\WINDOWS\bot.exe [2010-06-20 10:36:09 | 000,330,332 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\127699238452.png [2010-06-20 10:19:10 | 000,006,467 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\127699135078.png [2010-06-20 04:31:00 | 000,000,372 | ---- | M] () -- C:\WINDOWS\tasks\RegCure.job [2010-06-19 12:03:14 | 000,013,096 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\rafal.wad [2010-06-19 11:59:43 | 000,037,909 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\guwno.jpg [2010-06-19 11:54:44 | 000,026,481 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\babe39.jpg [2010-06-19 10:42:43 | 000,006,296 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\tempdecal.wad [2010-06-19 10:40:21 | 000,000,928 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Skrót do HLC.lnk [2010-06-19 10:39:10 | 000,108,910 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\hmhm copy.jpg [2010-06-19 09:58:13 | 000,000,565 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Skrót do x22 xRadar v4.0.lnk [2010-06-19 08:16:10 | 000,315,482 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\x22.rar [2010-06-19 08:05:03 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-06-18 21:54:20 | 000,045,568 | RHS- | M] () -- C:\WINDOWS\WinRER.exe [2010-06-18 21:29:49 | 000,001,061 | ---- | M] () -- C:\Documents and Settings\Tomek\share.bat [2010-06-18 21:29:49 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\sysdirec.dll [2010-06-18 20:34:13 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\pokihgfrthugytfdt.dll [2010-06-18 20:34:13 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\dfgustfeywu8riey.dll [2010-06-18 20:34:12 | 000,046,080 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\000100100.exe [2010-06-18 19:53:45 | 000,339,968 | -H-- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\HCKU.exe [2010-06-18 18:37:31 | 000,000,912 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Voice Changer 6.0 Diamond.lnk [2010-06-18 17:39:04 | 011,733,833 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\AV Voice Changer Diamond 6.rar [2010-06-18 17:01:26 | 005,302,152 | -H-- | M] () -- C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-06-18 13:36:52 | 000,000,075 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Counter-Strike.url [2010-06-18 10:04:53 | 000,100,141 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\hmhm.jpg [2010-06-18 09:46:48 | 000,344,752 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\1273382179854.png [2010-06-17 19:34:15 | 000,081,972 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\boxxy copy.jpg [2010-06-17 19:31:49 | 000,921,466 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\boxxy.png [2010-06-17 19:30:21 | 000,099,405 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Boxxy.jpg [2010-06-17 19:27:29 | 000,013,304 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\megan_schimdt.jpg [2010-06-17 16:16:45 | 000,159,744 | ---- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\dzaqqci.exe [2010-06-17 16:15:41 | 000,159,744 | ---- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\wfggxgn.exe [2010-06-17 15:12:45 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Nowy Obraz - mapa bitowa (4).bmp [2010-06-17 02:34:21 | 000,104,960 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\zwpufvk.exe [2010-06-17 02:34:19 | 000,104,960 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\qgdhjvu.exe [2010-06-17 02:32:45 | 000,104,960 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\hqznzum.exe [2010-06-17 02:32:13 | 000,104,960 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\rhajpgp.exe [2010-06-17 02:16:10 | 000,479,233 | ---- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\lsass.exe [2010-06-17 01:05:27 | 000,293,888 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\qrfvfwr.exe [2010-06-17 01:03:42 | 000,059,904 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\maketxv.exe [2010-06-17 00:47:51 | 000,059,904 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\edrtgvu.exe [2010-06-17 00:42:01 | 000,059,904 | RHS- | M] () -- C:\WINDOWS\sysdiag64.exe [2010-06-17 00:42:01 | 000,059,904 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\ksaxkws.exe [2010-06-17 00:32:17 | 000,104,960 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\twucvfw.exe [2010-06-17 00:16:32 | 000,104,960 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\ncgjsxt.exe [2010-06-17 00:13:57 | 000,104,960 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\abenguv.exe [2010-06-17 00:11:35 | 000,104,960 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\yuwkjkk.exe [2010-06-17 00:09:07 | 000,180,736 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\gcfcchf.exe [2010-06-17 00:07:39 | 000,180,736 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\ymyxyot.exe [2010-06-16 23:54:17 | 000,104,960 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\tdctmya.exe [2010-06-16 23:28:09 | 000,315,517 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\stmwgzm.exe [2010-06-16 23:22:38 | 000,315,517 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\aozmvcc.exe [2010-06-16 22:35:16 | 000,082,432 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\iaybnxa.exe [2010-06-16 22:35:16 | 000,082,432 | ---- | M] () -- C:\WINDOWS\System32\devon.exe [2010-06-16 22:19:05 | 000,318,464 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\bflhamb.exe [2010-06-16 22:13:36 | 000,318,464 | -H-- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\csrsss.exe [2010-06-16 22:13:36 | 000,318,464 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\kqrskpi.exe [2010-06-16 21:02:11 | 000,000,382 | --S- | M] () -- C:\WINDOWS\System32\2539083466.dat [2010-06-16 15:56:59 | 000,021,064 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\111.odt [2010-06-15 22:06:13 | 000,142,336 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\eckscge.exe [2010-06-15 22:02:08 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\sysfile.sys [2010-06-15 22:02:08 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\sysdir.sys [2010-06-15 22:02:07 | 000,196,608 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\AsyxSys.exe [2010-06-15 21:53:55 | 000,001,006 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\mjwhytb.exe [2010-06-15 21:50:55 | 000,000,210 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\jaiwqpy.exe [2010-06-15 21:35:21 | 000,016,764 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Podatki.odt [2010-06-15 20:59:26 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\HijackThis.lnk [2010-06-15 20:56:15 | 000,167,936 | ---- | M] ( ) -- C:\Documents and Settings\Tomek\Dane aplikacji\ykkwhej.exe [2010-06-15 20:53:58 | 000,167,936 | ---- | M] ( ) -- C:\Documents and Settings\Tomek\Dane aplikacji\lerkjfu.exe [2010-06-15 18:05:26 | 000,458,752 | ---- | M] (RlKd9wUFogtVw) -- C:\Documents and Settings\Tomek\Dane aplikacji\plebupk.exe [2010-06-15 17:58:41 | 000,458,752 | ---- | M] (RlKd9wUFogtVw) -- C:\Documents and Settings\Tomek\Dane aplikacji\wrqgtob.exe [2010-06-15 17:49:15 | 000,458,752 | ---- | M] (RlKd9wUFogtVw) -- C:\Documents and Settings\Tomek\Dane aplikacji\bmlotyh.exe [2010-06-15 17:48:02 | 000,458,752 | ---- | M] (RlKd9wUFogtVw) -- C:\Documents and Settings\Tomek\Dane aplikacji\arnidnd.exe [2010-06-15 17:33:36 | 000,144,384 | ---- | M] () -- C:\WINDOWS\System32\miccyhook.dll [2010-06-15 17:24:12 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk [2010-06-15 17:18:57 | 001,588,224 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\SteamInstall.msi [2010-06-15 16:23:08 | 001,964,155 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\wqrfqrwq.psd [2010-06-15 16:04:38 | 000,104,960 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\ulmdtii.exe [2010-06-15 16:04:14 | 000,104,960 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\skqwgay.exe [2010-06-15 15:53:24 | 000,035,605 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\SQLite3.dll [2010-06-15 15:38:30 | 000,083,887 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\aiail.jpg [2010-06-15 15:37:18 | 000,328,722 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\xdd.png [2010-06-15 15:23:03 | 000,397,312 | ---- | M] (fullyundetected.com) -- C:\Documents and Settings\Tomek\Dane aplikacji\bcwcwad.exe [2010-06-15 15:17:46 | 000,397,312 | ---- | M] (fullyundetected.com) -- C:\Documents and Settings\Tomek\Dane aplikacji\kizsoio.exe [2010-06-15 15:16:06 | 001,280,303 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\HLC_1_setup.exe [2010-06-15 15:14:53 | 000,397,312 | ---- | M] (fullyundetected.com) -- C:\Documents and Settings\Tomek\Dane aplikacji\ekamfif.exe [2010-06-15 15:12:30 | 000,397,312 | ---- | M] (fullyundetected.com) -- C:\Documents and Settings\Tomek\Dane aplikacji\txiajes.exe [2010-06-15 15:11:15 | 000,397,312 | ---- | M] (fullyundetected.com) -- C:\Documents and Settings\Tomek\Dane aplikacji\mmruxjy.exe [2010-06-15 14:16:47 | 000,000,523 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\CS.lnk [2010-06-14 17:26:57 | 000,028,672 | ---- | M] (pHr34K) -- C:\Documents and Settings\Tomek\Pulpit\clicker.exe [2010-06-13 22:13:16 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Tomek\ntuser.ini [2010-06-13 22:09:25 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat [2010-06-13 21:24:54 | 004,509,480 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Perfect.Optimizer.v5.1.0.250.zip [2010-06-13 20:32:32 | 000,195,809 | ---- | M] (tryrt4rhrthrthrthrzrgq) -- C:\Documents and Settings\Tomek\Dane aplikacji\tovnuuc.exe [2010-06-13 20:32:02 | 000,195,809 | ---- | M] (tryrt4rhrthrthrthrzrgq) -- C:\Documents and Settings\Tomek\Dane aplikacji\jnrfsha.exe [2010-06-13 20:30:53 | 000,195,809 | ---- | M] (tryrt4rhrthrthrthrzrgq) -- C:\Documents and Settings\Tomek\Dane aplikacji\xxgkxvl.exe [2010-06-13 20:20:48 | 000,195,809 | ---- | M] (tryrt4rhrthrthrthrzrgq) -- C:\Documents and Settings\Tomek\Dane aplikacji\lyhydvg.exe [2010-06-13 20:19:44 | 000,195,809 | ---- | M] (tryrt4rhrthrthrthrzrgq) -- C:\Documents and Settings\Tomek\Dane aplikacji\qukndgp.exe [2010-06-13 20:18:09 | 000,195,809 | ---- | M] (tryrt4rhrthrthrthrzrgq) -- C:\Documents and Settings\Tomek\Dane aplikacji\xxufpqm.exe [2010-06-13 20:14:57 | 000,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\RegCure.lnk [2010-06-13 20:11:11 | 000,150,528 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\qhhdkqy.exe [2010-06-13 20:09:48 | 000,150,528 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\ggcipdy.exe [2010-06-13 20:08:38 | 000,150,528 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\zqxsuoc.exe [2010-06-13 18:48:51 | 000,159,744 | ---- | M] (Yo21GdmF3A) -- C:\Documents and Settings\Tomek\Dane aplikacji\ljiodvt.exe [2010-06-13 17:54:28 | 000,104,960 | -H-- | M] () -- C:\WINDOWS\System32\WUDHost.exe [2010-06-13 17:54:28 | 000,104,960 | -H-- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\audiohd.exe [2010-06-13 17:05:18 | 000,192,512 | ---- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\nuidznm.exe [2010-06-13 17:01:25 | 000,192,512 | ---- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\bspiaqr.exe [2010-06-13 16:25:39 | 000,188,416 | ---- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\qbhbmhp.exe [2010-06-13 16:09:15 | 000,188,416 | ---- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\diqninl.exe [2010-06-13 16:04:22 | 000,188,416 | ---- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\xdnrxmf.exe [2010-06-13 13:31:56 | 000,046,453 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\pizza-torino.jpg [2010-06-12 20:01:19 | 000,155,648 | ---- | M] (AceSoft Corp all rights reserved) -- C:\WINDOWS\mmindsrv.exe [2010-06-12 20:01:19 | 000,155,648 | ---- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\bshpxqehb.exe [2010-06-12 19:58:49 | 000,155,648 | ---- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\hqgbtpsbv.exe [2010-06-12 19:57:47 | 000,155,648 | ---- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\mbklpkfov.exe [2010-06-12 18:35:24 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\nzlylyl.exe [2010-06-12 18:10:51 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\sdipduz.exe [2010-06-12 17:45:11 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\hestmli.exe [2010-06-12 17:43:22 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\ugzlwes.exe [2010-06-12 17:41:06 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\plbiadw.exe [2010-06-12 17:07:30 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\bwwphed.exe [2010-06-12 16:59:31 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\hfpdpqe.exe [2010-06-12 16:57:39 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\qihzmbq.exe [2010-06-11 20:43:33 | 000,133,718 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\rmfkgmz.exe [2010-06-11 14:58:41 | 000,001,781 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sexy.exe [2010-06-11 13:35:45 | 000,021,374 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Testoviron_Depot_Injection.jpg [2010-06-11 06:44:55 | 000,136,422 | ---- | M] (vortex) -- C:\WINDOWS\System32\explorerhost.exe [2010-06-10 22:19:35 | 000,013,135 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\hmm.JPG [2010-06-10 22:14:46 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Nowy Obraz - mapa bitowa (3).bmp [2010-06-08 17:16:38 | 000,359,016 | ---- | M] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe [2010-06-08 17:16:20 | 000,129,640 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe [2010-06-08 17:16:08 | 002,815,592 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE [2010-06-07 17:36:12 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Tomek\app.data [2010-06-07 15:48:36 | 000,089,604 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\rqprcxi.exe [2010-06-07 15:40:52 | 000,089,604 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\rxxxcnr.exe [2010-06-06 15:27:03 | 000,634,708 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\xd.jpg [2010-06-06 14:45:18 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\pro.bmp [2010-06-06 14:45:07 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Nowy Obraz - mapa bitowa (2).bmp [2010-06-04 20:07:26 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\iTunes.lnk [2010-06-04 11:18:23 | 000,404,448 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\kategorienowe.psd [2010-06-03 20:55:22 | 003,932,214 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Nowy Obraz - mapa bitowa.bmp [2010-06-03 14:23:05 | 000,000,048 | ---- | M] () -- C:\WINDOWS\wininit.ini [2010-06-03 09:00:52 | 001,297,213 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\27xge1g.gif [2010-06-02 21:42:33 | 000,194,842 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\1yph21.gif [2010-06-02 17:19:15 | 000,018,102 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Cs_Multihack _ CS_Scripts.pl.rar [2010-06-02 17:15:04 | 000,620,672 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\[cs-scripts.pl] BaDBoY v5.rar [2010-06-02 17:11:50 | 000,167,069 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\[cs-scripts.pl] Senses Fail.rar [2010-06-01 19:24:56 | 000,000,791 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk [2010-06-01 19:24:56 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk [2010-06-01 14:43:11 | 004,777,677 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\DSC_3610.jpg [2010-05-31 16:16:33 | 005,302,306 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\lady gaga - paparazzi.mp31274730682_[mp3.teledyski.info].mp3 [2010-05-31 16:11:02 | 004,228,569 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\lady gaga - bad romance (radio edit).mp31274730700_[mp3.teledyski.info].mp3 [2010-05-31 15:52:02 | 003,971,524 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\nightwish - wish i had an angel.mp31274763713_[mp3.teledyski.info].mp3 [2010-05-30 20:43:48 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk [2010-05-30 20:43:44 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010-05-30 20:31:22 | 051,731,232 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\setup_av_free.exe [2010-05-30 13:50:08 | 000,423,773 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\8D.psd [2010-05-30 13:14:59 | 000,044,913 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\x123.psd [2010-05-28 22:10:48 | 000,303,304 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\ikoneczki.psd [2010-05-28 21:49:39 | 000,023,021 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\qffnou.png [2010-05-28 20:44:10 | 000,339,436 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\kategorie.psd [2010-05-28 20:32:07 | 000,101,052 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\retro_grafika-1.jpg [2010-05-28 20:22:00 | 002,021,626 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\awea.png [2010-05-28 20:21:03 | 000,993,578 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\1manarmycloudset1.abr [2010-05-28 20:16:59 | 000,000,477 | ---- | M] () -- C:\WINDOWS\win.ini [2010-05-28 19:36:27 | 000,057,364 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\qwe452.png [2010-05-28 18:08:00 | 000,065,386 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\1231.png [2010-05-28 17:09:03 | 000,233,994 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\djupa.png [2010-05-28 17:01:38 | 000,208,422 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\dupa.png [2010-05-28 02:09:00 | 000,041,872 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll [2010-05-27 07:16:00 | 000,026,303 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Nowy OpenDocument Dokument tekstowy.odt [2010-05-26 22:26:18 | 000,019,985 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\134.odt [2010-05-26 17:43:28 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\chrtmp [2010-05-26 16:10:42 | 000,115,315 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\grafiki.rar [2010-05-26 16:07:29 | 000,120,460 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\panel.psd [2010-05-26 15:54:10 | 000,119,172 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\stopka.psd [2010-05-25 23:09:41 | 000,149,928 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\ramka2.psd [2010-05-25 23:09:25 | 000,191,266 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\ramka1.psd [2010-05-25 22:20:04 | 001,379,952 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Fighter FX 7.2.rar [2010-05-25 21:29:18 | 001,632,468 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\HEADZOTS_V2.4_PUBLIC.rar [2010-05-25 20:32:57 | 000,067,861 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\ea97cad0c680.jpg [2010-05-25 19:59:00 | 015,037,059 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\qfpa.psd [2010-05-25 18:26:18 | 000,463,119 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\FuRious_SP-X_11.07.zip [2010-05-25 07:12:30 | 001,610,630 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\niezapomniana osiemnastka.mp4 [2010-05-25 07:07:11 | 003,798,862 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\nightwish - amaranth.mp31274763707_[mp3.teledyski.info].mp3 [2010-05-25 06:59:41 | 000,126,912 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-05-24 22:20:07 | 004,689,996 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\timbaland - if we ever meet again.mp31274731462_[mp3.teledyski.info].mp3 [2010-05-24 22:15:30 | 003,462,450 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\lady gaga - telephone ft. beyonce (official cover) by bangin productions .mp31274730621_[mp3.teledyski.info].mp3 [2010-05-24 21:43:10 | 003,229,739 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Dimitri o walce Pudzian vs Sylvia.mp4 [2010-05-24 21:42:17 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\YouTube Downloader.lnk [2010-05-24 21:41:59 | 003,170,832 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\YouTubeDownloaderSetup255_[www.programosy.pl].exe [2010-05-23 12:57:26 | 004,759,040 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\cortona3d.msi [2010-05-23 11:48:14 | 000,006,535 | ---- | M] () -- C:\de_kurej.map [2010-05-23 11:09:55 | 000,174,700 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\cs_demomap.zip [2010-05-23 09:59:33 | 000,001,801 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Valve Hammer Editor.lnk [2010-05-23 09:59:33 | 000,000,819 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Valve Hammer Editor Help.lnk [2010-05-23 09:59:11 | 002,142,766 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\hammer_v34.exe [2010-05-23 09:59:09 | 000,152,854 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\zhlt253-17.zip [2010-05-21 06:38:38 | 000,019,712 | ---- | M] () -- C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-05-20 16:09:45 | 000,263,445 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\1234.JPG [2010-05-20 16:02:25 | 002,147,486 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\1234.png [2010-05-18 14:44:00 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Earth.lnk [2010-05-17 16:43:43 | 000,000,586 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\ATLANTIKA.lnk [2010-05-16 21:47:34 | 002,053,064 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\sly.png [2010-05-16 21:40:24 | 000,039,947 | ---- | M] () -- C:\Documents and Settings\Tomek\Moje dokumenty\Bez tytułu 1.odt [2010-05-16 20:45:01 | 000,000,864 | ---- | M] () -- C:\Documents and Settings\Tomek\Menu Start\Programy\Autostart\OpenOffice.org 3.2.lnk [2010-05-16 20:44:01 | 000,000,967 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.2.lnk [2010-05-16 20:09:03 | 139,699,360 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\OOo_3.2.0_Win32Intel_install_pl.exe [2010-05-16 19:57:54 | 001,287,662 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\x134.jpg [2010-05-16 11:21:02 | 000,008,108 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\system.zip [2010-05-14 19:37:44 | 000,001,543 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Hitman - Krwawa Forsa.lnk [2010-05-14 19:37:20 | 000,049,680 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\hbm_ecn_v1.2.rar [2010-05-14 19:24:23 | 001,076,686 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Hitman_Blood_Money.rar [2010-05-14 19:12:52 | 000,085,891 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\hitbloodmtrn10.zip [2010-05-14 19:11:21 | 000,200,980 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\hbm-anji-1.zip [2010-05-13 17:09:40 | 000,518,045 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\XD.png [2010-05-13 15:49:45 | 000,002,675 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\nav.bottom.png [2010-05-13 15:49:42 | 000,009,925 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\nav.top.png [2010-05-13 08:17:36 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-05-07 21:55:19 | 000,215,104 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2010-05-07 21:53:58 | 000,138,576 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010-05-07 16:02:23 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk [2010-05-07 16:02:18 | 000,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-05-06 22:59:57 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr [2010-05-06 22:59:36 | 000,165,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe [2010-05-06 22:39:23 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2010-05-06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2010-05-06 22:34:27 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2010-05-06 22:33:59 | 000,100,432 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2010-05-06 22:33:55 | 000,094,800 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2010-05-06 22:33:47 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2010-05-06 22:33:29 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Documents and Settings\Tomek\Dane aplikacji\*.tmp files -> C:\Documents and Settings\Tomek\Dane aplikacji\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-06-23 21:00:19 | 000,002,190 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\cglogs.dat [2010-06-23 16:33:25 | 000,701,781 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\11.png [2010-06-23 16:20:57 | 000,003,400 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\12314.png [2010-06-23 16:18:24 | 000,003,249 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\1341.png [2010-06-23 16:11:20 | 000,003,345 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\12331.png [2010-06-23 16:04:04 | 000,003,249 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\1111.png [2010-06-23 11:12:50 | 003,781,731 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\4234.psd [2010-06-23 10:49:48 | 000,708,470 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\143.png [2010-06-23 09:52:18 | 000,270,087 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\s4startfw7.png [2010-06-23 09:34:04 | 000,116,441 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\2798443503_7d13106fb0.jpg [2010-06-22 20:02:42 | 001,126,144 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\7.psd [2010-06-22 20:02:36 | 000,003,249 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\134.png [2010-06-22 16:59:29 | 000,263,088 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\S4_League_Concept_02.jpg [2010-06-21 09:10:38 | 000,894,976 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\SystemPack.msi [2010-06-21 09:05:50 | 001,755,358 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\111.bmp [2010-06-21 09:05:23 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Nowy Obraz - mapa bitowa (5).bmp [2010-06-20 10:36:09 | 000,330,332 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\127699238452.png [2010-06-20 10:19:10 | 000,006,467 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\127699135078.png [2010-06-19 12:02:43 | 000,013,096 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\rafal.wad [2010-06-19 11:59:41 | 000,037,909 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\guwno.jpg [2010-06-19 11:54:43 | 000,026,481 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\babe39.jpg [2010-06-19 10:42:45 | 000,006,296 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\tempdecal.wad [2010-06-19 10:40:21 | 000,000,928 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Skrót do HLC.lnk [2010-06-19 10:39:07 | 000,108,910 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\hmhm copy.jpg [2010-06-19 09:58:13 | 000,000,565 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Skrót do x22 xRadar v4.0.lnk [2010-06-19 08:16:10 | 000,315,482 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\x22.rar [2010-06-18 21:29:50 | 000,000,235 | ---- | C] () -- C:\Documents and Settings\Tomek\log.txt [2010-06-18 21:29:49 | 000,001,061 | ---- | C] () -- C:\Documents and Settings\Tomek\share.bat [2010-06-18 21:29:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\sysdirec.dll [2010-06-18 20:34:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\pokihgfrthugytfdt.dll [2010-06-18 20:34:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\dfgustfeywu8riey.dll [2010-06-18 20:34:12 | 000,046,080 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\000100100.exe [2010-06-18 18:37:31 | 000,000,912 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Voice Changer 6.0 Diamond.lnk [2010-06-18 17:37:34 | 011,733,833 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\AV Voice Changer Diamond 6.rar [2010-06-18 13:36:52 | 000,000,075 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Counter-Strike.url [2010-06-18 10:04:51 | 000,100,141 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\hmhm.jpg [2010-06-18 09:46:48 | 000,344,752 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\1273382179854.png [2010-06-17 21:15:15 | 000,000,000 | R--- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\F0j6I.txt [2010-06-17 19:34:14 | 000,081,972 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\boxxy copy.jpg [2010-06-17 19:31:45 | 000,921,466 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\boxxy.png [2010-06-17 19:30:21 | 000,099,405 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Boxxy.jpg [2010-06-17 19:24:53 | 000,013,304 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\megan_schimdt.jpg [2010-06-17 15:12:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Nowy Obraz - mapa bitowa (4).bmp [2010-06-17 02:34:20 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\zwpufvk.exe [2010-06-17 02:34:18 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\qgdhjvu.exe [2010-06-17 02:32:44 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\hqznzum.exe [2010-06-17 02:32:12 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\rhajpgp.exe [2010-06-17 01:05:28 | 000,000,000 | R--- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\K1LMf.txt [2010-06-17 01:05:23 | 000,293,888 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\qrfvfwr.exe [2010-06-17 01:03:40 | 000,059,904 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\maketxv.exe [2010-06-17 00:47:50 | 000,059,904 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\edrtgvu.exe [2010-06-17 00:42:01 | 000,059,904 | RHS- | C] () -- C:\WINDOWS\sysdiag64.exe [2010-06-17 00:42:01 | 000,000,000 | R--- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\fj1EH.txt [2010-06-17 00:41:59 | 000,059,904 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\ksaxkws.exe [2010-06-17 00:32:16 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\twucvfw.exe [2010-06-17 00:16:30 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\ncgjsxt.exe [2010-06-17 00:13:55 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\abenguv.exe [2010-06-17 00:11:34 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\yuwkjkk.exe [2010-06-17 00:09:06 | 000,180,736 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\gcfcchf.exe [2010-06-17 00:07:38 | 000,180,736 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\ymyxyot.exe [2010-06-16 23:54:16 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\tdctmya.exe [2010-06-16 23:28:05 | 000,315,517 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\stmwgzm.exe [2010-06-16 23:22:35 | 000,315,517 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\aozmvcc.exe [2010-06-16 22:35:16 | 000,000,000 | R--- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\m71JC.txt [2010-06-16 22:35:14 | 000,082,432 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\iaybnxa.exe [2010-06-16 22:19:01 | 000,318,464 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\bflhamb.exe [2010-06-16 22:13:36 | 000,000,000 | R--- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\em11C.txt [2010-06-16 22:13:32 | 000,318,464 | -H-- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\csrsss.exe [2010-06-16 22:13:32 | 000,318,464 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\kqrskpi.exe [2010-06-15 22:06:12 | 000,142,336 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\eckscge.exe [2010-06-15 22:02:08 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\sysfile.sys [2010-06-15 22:02:08 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\sysdir.sys [2010-06-15 22:02:07 | 000,196,608 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\AsyxSys.exe [2010-06-15 21:53:55 | 000,001,006 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\mjwhytb.exe [2010-06-15 21:50:55 | 000,000,210 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\jaiwqpy.exe [2010-06-15 21:20:06 | 000,021,064 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\111.odt [2010-06-15 20:59:26 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\HijackThis.lnk [2010-06-15 20:00:12 | 000,016,764 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Podatki.odt [2010-06-15 17:19:15 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk [2010-06-15 17:18:47 | 001,588,224 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\SteamInstall.msi [2010-06-15 16:23:07 | 001,964,155 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\wqrfqrwq.psd [2010-06-15 16:04:37 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\ulmdtii.exe [2010-06-15 16:04:12 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\skqwgay.exe [2010-06-15 15:53:24 | 000,035,605 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\SQLite3.dll [2010-06-15 15:38:26 | 000,083,887 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\aiail.jpg [2010-06-15 15:37:15 | 000,328,722 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\xdd.png [2010-06-15 15:16:00 | 001,280,303 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\HLC_1_setup.exe [2010-06-15 15:06:45 | 000,000,382 | --S- | C] () -- C:\WINDOWS\System32\2539083466.dat [2010-06-15 14:16:47 | 000,000,523 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\CS.lnk [2010-06-14 16:01:38 | 000,000,000 | R--- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\BbgMF.txt [2010-06-13 22:09:25 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2010-06-13 21:24:23 | 004,509,480 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Perfect.Optimizer.v5.1.0.250.zip [2010-06-13 21:19:42 | 002,183,470 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin [2010-06-13 20:20:36 | 000,000,362 | ---- | C] () -- C:\WINDOWS\tasks\PerfectOptimizer_home.job [2010-06-13 20:15:00 | 000,000,390 | ---- | C] () -- C:\WINDOWS\tasks\RegCure Program Check.job [2010-06-13 20:14:59 | 000,000,372 | ---- | C] () -- C:\WINDOWS\tasks\RegCure.job [2010-06-13 20:14:57 | 000,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\RegCure.lnk [2010-06-13 20:11:05 | 000,150,528 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\qhhdkqy.exe [2010-06-13 20:09:37 | 000,150,528 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\ggcipdy.exe [2010-06-13 20:08:31 | 000,150,528 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\zqxsuoc.exe [2010-06-13 17:54:31 | 000,104,960 | -H-- | C] () -- C:\WINDOWS\System32\WUDHost.exe [2010-06-13 17:54:31 | 000,104,960 | -H-- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\audiohd.exe [2010-06-13 17:01:26 | 000,045,568 | RHS- | C] () -- C:\WINDOWS\WinRER.exe [2010-06-13 13:31:56 | 000,046,453 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\pizza-torino.jpg [2010-06-12 18:35:23 | 000,122,880 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\nzlylyl.exe [2010-06-12 18:10:46 | 000,122,880 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\sdipduz.exe [2010-06-12 17:45:09 | 000,122,880 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\hestmli.exe [2010-06-12 17:43:21 | 000,122,880 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\ugzlwes.exe [2010-06-12 17:41:05 | 000,122,880 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\plbiadw.exe [2010-06-12 17:07:29 | 000,122,880 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\bwwphed.exe [2010-06-12 16:59:29 | 000,122,880 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\hfpdpqe.exe [2010-06-12 16:57:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\temp4876969.txt [2010-06-12 16:57:38 | 000,122,880 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\qihzmbq.exe [2010-06-11 20:43:32 | 000,133,718 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\rmfkgmz.exe [2010-06-11 14:58:38 | 000,001,781 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sexy.exe [2010-06-11 13:35:45 | 000,021,374 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Testoviron_Depot_Injection.jpg [2010-06-11 03:57:15 | 000,109,119 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\data.dat [2010-06-10 22:19:35 | 000,013,135 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\hmm.JPG [2010-06-10 22:14:46 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Nowy Obraz - mapa bitowa (3).bmp [2010-06-07 15:48:35 | 000,089,604 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\rqprcxi.exe [2010-06-07 15:40:53 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Tomek\app.data [2010-06-07 15:40:51 | 000,089,604 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\rxxxcnr.exe [2010-06-07 08:02:26 | 000,082,432 | ---- | C] () -- C:\WINDOWS\System32\devon.exe [2010-06-06 15:27:00 | 000,634,708 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\xd.jpg [2010-06-06 14:45:17 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\pro.bmp [2010-06-06 14:45:07 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Nowy Obraz - mapa bitowa (2).bmp [2010-06-03 20:54:22 | 003,932,214 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Nowy Obraz - mapa bitowa.bmp [2010-06-03 14:23:05 | 000,000,048 | ---- | C] () -- C:\WINDOWS\wininit.ini [2010-06-03 09:00:52 | 001,297,213 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\27xge1g.gif [2010-06-02 21:42:33 | 000,194,842 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\1yph21.gif [2010-06-02 17:19:26 | 000,077,824 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\opengl32.dll [2010-06-02 17:19:15 | 000,018,102 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Cs_Multihack _ CS_Scripts.pl.rar [2010-06-02 17:15:01 | 000,620,672 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\[cs-scripts.pl] BaDBoY v5.rar [2010-06-02 17:11:50 | 000,167,069 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\[cs-scripts.pl] Senses Fail.rar [2010-06-01 14:41:27 | 004,777,677 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\DSC_3610.jpg [2010-05-30 20:48:10 | 000,000,283 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\aimbot.ini [2010-05-30 20:43:48 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk [2010-05-30 20:23:33 | 051,731,232 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\setup_av_free.exe [2010-05-30 13:50:07 | 000,423,773 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\8D.psd [2010-05-30 13:14:57 | 000,044,913 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\x123.psd [2010-05-29 14:37:43 | 000,163,840 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\aimbot.dll [2010-05-28 21:49:38 | 000,023,021 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\qffnou.png [2010-05-28 21:42:24 | 000,404,448 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\kategorienowe.psd [2010-05-28 20:59:34 | 000,303,304 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\ikoneczki.psd [2010-05-28 20:44:09 | 000,339,436 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\kategorie.psd [2010-05-28 20:32:07 | 000,101,052 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\retro_grafika-1.jpg [2010-05-28 20:21:55 | 002,021,626 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\awea.png [2010-05-28 20:20:58 | 000,993,578 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\1manarmycloudset1.abr [2010-05-28 19:36:26 | 000,057,364 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\qwe452.png [2010-05-28 18:07:59 | 000,065,386 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\1231.png [2010-05-28 17:09:02 | 000,233,994 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\djupa.png [2010-05-28 17:01:37 | 000,208,422 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\dupa.png [2010-05-28 02:09:00 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll [2010-05-26 17:43:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\chrtmp [2010-05-26 16:14:16 | 000,191,266 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\ramka1.psd [2010-05-26 16:14:16 | 000,149,928 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\ramka2.psd [2010-05-26 16:14:16 | 000,120,460 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\panel.psd [2010-05-26 16:14:16 | 000,119,172 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\stopka.psd [2010-05-26 16:13:42 | 000,019,985 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\134.odt [2010-05-26 16:10:37 | 000,115,315 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\grafiki.rar [2010-05-26 15:28:32 | 000,026,303 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Nowy OpenDocument Dokument tekstowy.odt [2010-05-25 22:20:27 | 000,000,152 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Tobys Counter-Strike - Cheat - Hack - Guides - Tweaks - Downloads and much more!.url [2010-05-25 22:19:01 | 001,379,952 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Fighter FX 7.2.rar [2010-05-25 21:28:04 | 001,632,468 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\HEADZOTS_V2.4_PUBLIC.rar [2010-05-25 20:32:57 | 000,067,861 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\ea97cad0c680.jpg [2010-05-25 19:58:58 | 015,037,059 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\qfpa.psd [2010-05-25 18:26:23 | 000,148,480 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\FuRiousSP.dll [2010-05-25 18:26:23 | 000,035,764 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\FuRiousSP.cfg [2010-05-25 18:26:16 | 000,463,119 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\FuRious_SP-X_11.07.zip [2010-05-25 13:40:02 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-05-25 07:12:29 | 001,610,630 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\niezapomniana osiemnastka.mp4 [2010-05-25 07:04:06 | 003,971,524 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\nightwish - wish i had an angel.mp31274763713_[mp3.teledyski.info].mp3 [2010-05-25 07:04:01 | 003,798,862 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\nightwish - amaranth.mp31274763707_[mp3.teledyski.info].mp3 [2010-05-24 22:00:47 | 004,689,996 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\timbaland - if we ever meet again.mp31274731462_[mp3.teledyski.info].mp3 [2010-05-24 21:48:41 | 005,302,306 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\lady gaga - paparazzi.mp31274730682_[mp3.teledyski.info].mp3 [2010-05-24 21:48:05 | 004,228,569 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\lady gaga - bad romance (radio edit).mp31274730700_[mp3.teledyski.info].mp3 [2010-05-24 21:47:39 | 003,462,450 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\lady gaga - telephone ft. beyonce (official cover) by bangin productions .mp31274730621_[mp3.teledyski.info].mp3 [2010-05-24 21:43:10 | 003,229,739 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Dimitri o walce Pudzian vs Sylvia.mp4 [2010-05-24 21:42:17 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\YouTube Downloader.lnk [2010-05-24 21:41:36 | 003,170,832 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\YouTubeDownloaderSetup255_[www.programosy.pl].exe [2010-05-23 12:56:49 | 004,759,040 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\cortona3d.msi [2010-05-23 11:48:14 | 000,006,535 | ---- | C] () -- C:\de_kurej.map [2010-05-23 11:09:55 | 000,174,700 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\cs_demomap.zip [2010-05-23 09:59:33 | 000,001,801 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Valve Hammer Editor.lnk [2010-05-23 09:59:33 | 000,000,819 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Valve Hammer Editor Help.lnk [2010-05-23 09:59:00 | 000,152,854 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\zhlt253-17.zip [2010-05-23 09:58:55 | 002,142,766 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\hammer_v34.exe [2010-05-20 16:09:45 | 000,263,445 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\1234.JPG [2010-05-20 16:02:21 | 002,147,486 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\1234.png [2010-05-18 14:44:00 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Google Earth.lnk [2010-05-17 16:43:43 | 000,000,586 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\ATLANTIKA.lnk [2010-05-16 21:47:30 | 002,053,064 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\sly.png [2010-05-16 21:33:38 | 000,039,947 | ---- | C] () -- C:\Documents and Settings\Tomek\Moje dokumenty\Bez tytułu 1.odt [2010-05-16 20:45:01 | 000,000,864 | ---- | C] () -- C:\Documents and Settings\Tomek\Menu Start\Programy\Autostart\OpenOffice.org 3.2.lnk [2010-05-16 20:44:01 | 000,000,967 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.2.lnk [2010-05-16 19:57:51 | 001,287,662 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\x134.jpg [2010-05-16 19:51:00 | 139,699,360 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\OOo_3.2.0_Win32Intel_install_pl.exe [2010-05-16 11:21:02 | 000,008,108 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\system.zip [2010-05-14 19:37:44 | 000,001,543 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Hitman - Krwawa Forsa.lnk [2010-05-14 19:37:23 | 000,154,327 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\hbm_ecn.exe [2010-05-14 19:37:17 | 000,049,680 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\hbm_ecn_v1.2.rar [2010-05-14 19:24:10 | 001,076,686 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Hitman_Blood_Money.rar [2010-05-14 19:12:59 | 000,144,384 | ---- | C] () -- C:\WINDOWS\System32\miccyhook.dll [2010-05-14 19:12:57 | 000,089,088 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\unl-hitmanbm.exe [2010-05-14 19:12:57 | 000,004,062 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\unleashed.nfo [2010-05-14 19:12:57 | 000,000,050 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\GamesTrainer.URL [2010-05-14 19:12:52 | 000,085,891 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\hitbloodmtrn10.zip [2010-05-14 19:06:07 | 000,200,980 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\hbm-anji-1.zip [2010-05-13 17:09:38 | 000,518,045 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\XD.png [2010-05-13 15:49:45 | 000,002,675 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\nav.bottom.png [2010-05-13 15:49:41 | 000,009,925 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\nav.top.png [2010-05-07 16:02:23 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk [2010-05-07 16:02:18 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-05-03 14:26:07 | 000,028,632 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Kingdom_Hearts_Font.ttf [2010-04-28 18:49:33 | 000,000,230 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\pattern_145.gif [2010-04-01 10:09:38 | 000,000,016 | ---- | C] () -- C:\WINDOWS\backodbc.ini [2010-04-01 10:09:36 | 000,006,852 | ---- | C] () -- C:\WINDOWS\System32\drivers\Vcs.sys [2010-03-28 15:28:11 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2010-03-13 14:01:40 | 000,000,143 | ---- | C] () -- C:\WINDOWS\GKLauncherInfo.ini [2010-03-09 17:11:02 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini [2010-03-09 17:11:01 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-03-09 17:11:01 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-03-09 17:11:01 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll [2010-03-09 17:11:01 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll [2010-03-09 17:11:01 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll [2010-03-09 17:11:01 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll [2010-03-09 17:11:01 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll [2010-03-09 17:11:01 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll [2010-03-09 17:11:01 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll [2010-03-09 17:11:01 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll [2010-02-24 15:57:31 | 000,000,871 | ---- | C] () -- C:\WINDOWS\disney.ini [2010-02-23 16:43:10 | 000,138,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010-02-23 16:42:23 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini [2007-11-26 22:56:28 | 000,151,415 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2006-03-02 14:00:00 | 000,047,978 | ---- | C] () -- C:\WINDOWS\System32\acledito.sys [2006-03-02 14:00:00 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\disk.sys [2006-03-02 14:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2004-10-11 12:19:00 | 000,092,672 | ---- | C] () -- C:\WINDOWS\System32\ASUSASV2.DLL [1996-04-03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys [color=#E56717]========== LOP Check ==========[/color] [2010-05-30 20:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-05-30 20:40:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9 [2010-05-07 16:01:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-02-24 16:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Fallout3 [2010-02-22 11:47:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-03-04 18:50:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonJP [2010-06-13 20:18:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\RegCure [2010-06-19 14:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-03-17 22:14:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2010-06-18 11:59:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\Application Updater [2010-05-07 17:12:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\DAEMON Tools Lite [2010-06-14 15:36:44 | 000,000,000 | RHSD | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\dll [2010-02-24 16:26:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\Gadu-Gadu 10 [2010-05-27 21:39:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\Octoshape [2010-05-16 20:44:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\OpenOffice.org [2010-02-20 20:22:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\Opera [2010-06-11 14:57:16 | 000,000,000 | RHSD | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\recyclerr [2010-03-28 16:03:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\Samsung [2010-05-26 17:12:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\Search Settings [2010-03-06 20:52:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\Touchstone [2010-04-01 22:37:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\TS3Client [2010-05-26 17:12:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\YouTube Downloader [2010-06-23 12:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\Tasks\PerfectOptimizer_home.job [2010-06-23 17:00:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure Program Check.job [2010-06-20 04:31:00 | 000,000,372 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-02-20 19:18:26 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-02-20 19:14:52 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2006-03-02 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-03-28 16:05:01 | 000,000,074 | ---- | M] () -- C:\CMLoader.log [2010-02-20 19:18:26 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-02-20 19:41:41 | 000,000,143 | ---- | M] () -- C:\csb.log [2010-05-23 11:48:14 | 000,006,535 | ---- | M] () -- C:\de_kurej.map [2010-02-20 19:18:26 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-02-20 19:18:26 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2006-03-02 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2006-03-02 14:00:00 | 000,250,624 | RHS- | M] () -- C:\ntldr [2010-06-22 15:57:15 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [2010-06-17 01:30:04 | 001,312,768 | ---- | M] (Microsoft) -- C:\Program Filesdownload.exe [2010-06-17 00:01:10 | 001,312,768 | ---- | M] (Microsoft) -- C:\Program Filestdxzbcp.exe [2010-06-17 00:05:49 | 001,312,768 | ---- | M] (Microsoft) -- C:\Program Fileswhjxfrt.exe [2010-06-16 23:59:25 | 001,312,768 | ---- | M] (Microsoft) -- C:\Program Filesxytshng.exe [2010-06-17 00:03:55 | 001,312,768 | ---- | M] (Microsoft) -- C:\Program Fileszaexfbl.exe [2010-02-20 19:40:09 | 000,000,429 | ---- | M] () -- C:\RHDSetup.log [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\atapi.sys [2004-08-03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys [2004-08-03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [2006-03-02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys [2004-08-03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\cdrom.sys [2006-03-02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [2008-04-14 19:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\ndis.sys [2006-03-02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys [2006-03-02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe [2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\winlogon.exe [2010-06-18 20:02:12 | 000,292,352 | -H-- | M] (Avira AntiVir) MD5=84E8C581B63955AF6145D1AE5E69F50F -- C:\WINDOWS\system32\explorer\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 24 bytes -> C:\WINDOWS:DF03936973062032 @Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF < End of report > [/log]
slivero komentarz 23 czerwca 2010 komentarz 23 czerwca 2010 Najlepszym sposobem jest sformatowanie dysku . Bo widać , że masz nieporządek na komputerze , który się robi wraz z użytkowaniem go . Formatowanie trwa krótko , a będziesz miał spokój . Ile czasu dysk nie był formatowany ? [color=red] //nie znasz się na sprawdzaniu logów to się nie wypowiadaj //po to jest ten dział żeby nie trzeba było przeinstalowywać systemu //jeszcze raz zobaczę taką "poradę" i poleci ostrzeżenie //vocativus [/color]
Mateusz J. komentarz 23 czerwca 2010 komentarz 23 czerwca 2010 Jeszcze jedna taka rada, a Ci nogi... Proszę poczekać na fix, do kilku minut się pojawi, dosyć potężna infekcja. Proszę, Uruchom OTL i w oknie Custom Scans/Fixes wklej[code] :Processes explorer.exe :OTL PRC - [2010-06-13 17:54:28 | 000,104,960 | -H-- | M] () -- C:\WINDOWS\system32\WUDHost.exe PRC - [2005-11-08 19:01:05 | 000,540,160 | RHS- | M] () -- C:\WINDOWS\system32\install\svchost.exe [IMGSVC] SRV - [2010-06-23 08:15:28 | 002,561,624 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\rswin_3725.dll -- (Akamai) O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\YouTube Downloader Toolbar\SearchSettings.dll (Spigot, Inc.) O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\1.0\youtubedownloaderToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKU\S-1-5-21-1454471165-1284227242-725345543-1004\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-1454471165-1284227242-725345543-1004\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O4 - HKLM..\Run: [HKLM] Reg Error: Value error. File not found O4 - HKU\.DEFAULT..\Run: [AsyxSys.exe] C:\Documents and Settings\Tomek\Dane aplikacji\AsyxSys.exe () O4 - HKU\.DEFAULT..\Run: [csrsss] C:\Documents and Settings\Tomek\Dane aplikacji\csrsss.exe () O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] File not found O4 - HKU\.DEFAULT..\Run: [Developer Operations Network] File not found O4 - HKU\.DEFAULT..\Run: [HKCU] C:\WINDOWS\system32\install\Mscvhost.exe () O4 - HKU\.DEFAULT..\Run: [install] File not found O4 - HKU\.DEFAULT..\Run: [Java Sched Updater] File not found O4 - HKU\.DEFAULT..\Run: [Microsoft Windows Hosting Service Login] File not found O4 - HKU\.DEFAULT..\Run: [MSWUpdate] C:\Documents and Settings\Tomek\Dane aplikacji\lsass.exe (AceSoft Corp all rights reserved) O4 - HKU\.DEFAULT..\Run: [Security System] File not found O4 - HKU\.DEFAULT..\Run: [Startup] File not found O4 - HKU\.DEFAULT..\Run: [System] C:\Documents and Settings\Tomek\Moje dokumenty\System32\eckscge.exe File not found O4 - HKU\.DEFAULT..\Run: [Task Manager] File not found O4 - HKU\.DEFAULT..\Run: [userinit] File not found O4 - HKU\.DEFAULT..\Run: [Windows] File not found O4 - HKU\.DEFAULT..\Run: [Windows Firewall] C:\Documents and Settings\Tomek\Dane aplikacji\rundll32.exe File not found O4 - HKU\S-1-5-18..\Run: [AsyxSys.exe] C:\Documents and Settings\Tomek\Dane aplikacji\AsyxSys.exe () O4 - HKU\S-1-5-18..\Run: [csrsss] C:\Documents and Settings\Tomek\Dane aplikacji\csrsss.exe () O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] File not found O4 - HKU\S-1-5-18..\Run: [Developer Operations Network] File not found O4 - HKU\S-1-5-18..\Run: [install] File not found O4 - HKU\S-1-5-18..\Run: [Java Sched Updater] File not found O4 - HKU\S-1-5-18..\Run: [Microsoft Windows Hosting Service Login] File not found O4 - HKU\S-1-5-18..\Run: [MSWUpdate] C:\Documents and Settings\Tomek\Dane aplikacji\lsass.exe (AceSoft Corp all rights reserved) O4 - HKU\S-1-5-18..\Run: [Security System] File not found O4 - HKU\S-1-5-18..\Run: [Startup] File not found O4 - HKU\S-1-5-18..\Run: [System] C:\Documents and Settings\Tomek\Moje dokumenty\System32\eckscge.exe File not found O4 - HKU\S-1-5-18..\Run: [Task Manager] File not found O4 - HKU\S-1-5-18..\Run: [userinit] File not found O4 - HKU\S-1-5-18..\Run: [Windows] File not found O4 - HKU\S-1-5-18..\Run: [Windows Firewall] C:\Documents and Settings\Tomek\Dane aplikacji\rundll32.exe File not found O4 - HKLM..\Run: [System Security Enhancements Service] C:\WINDOWS\system32\mmindsrv.exe (AceSoft Corp all rights reserved) O4 - HKLM..\Run: [Windows Defender] C:\Documents and Settings\Tomek\Dane aplikacji\HCKU.exe (AceSoft Corp all rights reserved) O4 - HKU\S-1-5-18..\Run: [Windows Firewall] C:\Documents and Settings\Tomek\Dane aplikacji\rundll32.exe File not found O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1004..\Run: [HKCU] C:\WINDOWS\system32\Microsoft_KB57H43\update.exe () O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1004..\Run: [Windows Defender] C:\Documents and Settings\Tomek\Dane aplikacji\HCKU.exe (AceSoft Corp all rights reserved) O20 - HKLM Winlogon: Shell - (C:\Documents and Settings\Tomek\Dane aplikacji\lsass.exe) - C:\Documents and Settings\Tomek\Dane aplikacji\lsass.exe (AceSoft Corp all rights reserved) O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\Tomek\Dane aplikacji\recyclerr\recyclerr.exe) - C:\Documents and Settings\Tomek\Dane aplikacji\recyclerr\recyclerr.exe File not found O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\Tomek\Dane aplikacji\dll\svchost.exe) - C:\Documents and Settings\Tomek\Dane aplikacji\dll\svchost.exe File not found O32 - AutoRun File - [2009-11-21 17:49:59 | 000,009,418 | ---- | M] () - D:\Autodesk_3ds_Max_2010_English_WIN_32_Trial.exe -- [ NTFS ] O33 - MountPoints2\##192.168.3.10#aom\Shell - "" = AutoRun O33 - MountPoints2\##192.168.3.10#aom\Shell\AutoRun\command - "" = W:\instalar.exe -- File not found O33 - MountPoints2\##192.168.3.10#aom\Shell\setup\command - "" = W:\instalar.exe -- File not found [2010-06-17 01:30:04 | 001,312,768 | ---- | M] (Microsoft) -- C:\Program Filesdownload.exe [2010-06-17 00:01:10 | 001,312,768 | ---- | M] (Microsoft) -- C:\Program Filestdxzbcp.exe [2010-06-17 00:05:49 | 001,312,768 | ---- | M] (Microsoft) -- C:\Program Fileswhjxfrt.exe [2010-06-16 23:59:25 | 001,312,768 | ---- | M] (Microsoft) -- C:\Program Filesxytshng.exe [2010-06-17 00:03:55 | 001,312,768 | ---- | M] (Microsoft) -- C:\Program Fileszaexfbl.exe :Files C:\WINDOWS\system32\install\svchost.exe c:\Program Files\Common Files\Akamai C:\Documents and Settings\Tomek\Dane aplikacji\AsyxSys.exe C:\Documents and Settings\Tomek\Dane aplikacji\csrsss.exe C:\WINDOWS\system32\install\Mscvhost.exe C:\Documents and Settings\Tomek\Dane aplikacji\AsyxSys.exe C:\Documents and Settings\Tomek\Dane aplikacji\csrsss.exe C:\WINDOWS\system32\install\Mscvhost.exe C:\Documents and Settings\Tomek\Dane aplikacji\lsass.exe C:\Documents and Settings\Tomek\Moje dokumenty\System32 C:\Documents and Settings\Tomek\Dane aplikacji\rundll32.exe C:\Documents and Settings\Tomek\Dane aplikacji\AsyxSys.exe C:\Documents and Settings\Tomek\Dane aplikacji\csrsss.exe C:\Documents and Settings\Tomek\Dane aplikacji\lsass.exe C:\Documents and Settings\Tomek\Moje dokumenty\System32\eckscge.exe C:\Documents and Settings\Tomek\Dane aplikacji\rundll32.exe C:\WINDOWS\system32\mmindsrv.exe C:\Documents and Settings\Tomek\Dane aplikacji\HCKU.exe C:\Documents and Settings\Tomek\Dane aplikacji\rundll32.exe C:\WINDOWS\system32\Microsoft_KB57H43\update.exe C:\Documents and Settings\Tomek\Dane aplikacji\services32.exe C:\WINDOWS\System32\explorer C:\Documents and Settings\Tomek\Dane aplikacji\dzaqqci.exe C:\Documents and Settings\Tomek\Dane aplikacji\wfggxgn.exe C:\Documents and Settings\Tomek\Dane aplikacji\whjxfrt.exe C:\Documents and Settings\Tomek\Dane aplikacji\zaexfbl.exe C:\Documents and Settings\Tomek\Dane aplikacji\tdxzbcp.exe C:\Documents and Settings\Tomek\Dane aplikacji\xytshng.exe C:\Documents and Settings\Tomek\ThisIsNotABackdoor.exe C:\Documents and Settings\Tomek\Moje dokumenty\System32 C:\Documents and Settings\Tomek\Dane aplikacji\olsgcpk.exe C:\WINDOWS\WINDOWS C:\Program Files\Trend Micro C:\Documents and Settings\Tomek\Dane aplikacji\ykkwhej.exe C:\Documents and Settings\Tomek\Dane aplikacji\lerkjfu.exe C:\Documents and Settings\Tomek\Dane aplikacji\plebupk.exe C:\Documents and Settings\Tomek\Dane aplikacji\wrqgtob.exe C:\Documents and Settings\Tomek\Dane aplikacji\bmlotyh.exe C:\Documents and Settings\Tomek\Dane aplikacji\arnidnd.exe C:\Documents and Settings\Tomek\Dane aplikacji\bcwcwad.exe C:\Documents and Settings\Tomek\Dane aplikacji\kizsoio.exe C:\Documents and Settings\Tomek\Dane aplikacji\ekamfif.exe C:\Documents and Settings\Tomek\Dane aplikacji\txiajes.exe C:\Documents and Settings\Tomek\Dane aplikacji\mmruxjy.exe C:\Documents and Settings\Tomek\Pulpit\CS1 C:\Documents and Settings\Tomek\Pulpit\clicker.exe C:\WINDOWS\System32\OpenCL.dll C:\Documents and Settings\Tomek\Dane aplikacji\tovnuuc.exe C:\Documents and Settings\Tomek\Dane aplikacji\jnrfsha.exe C:\Documents and Settings\Tomek\Dane aplikacji\xxgkxvl.exe C:\Documents and Settings\Tomek\Dane aplikacji\lyhydvg.exe C:\Program Files\Perfect Optimizer C:\Documents and Settings\Tomek\Dane aplikacji\qukndgp.exe C:\Documents and Settings\Tomek\Dane aplikacji\xxufpqm.exe C:\Documents and Settings\All Users\Dane aplikacji\RegCure C:\Documents and Settings\Tomek\Dane aplikacji\ljiodvt.exe C:\WINDOWS\System32\lowsec C:\Documents and Settings\Tomek\Dane aplikacji\nuidznm.exe C:\Documents and Settings\Tomek\Dane aplikacji\bspiaqr.exe C:\Documents and Settings\Tomek\Dane aplikacji\qbhbmhp.exe C:\Documents and Settings\Tomek\Dane aplikacji\diqninl.exe C:\Documents and Settings\Tomek\Dane aplikacji\xdnrxmf.exe C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\PCHealth C:\Documents and Settings\Tomek\Dane aplikacji\bshpxqehb.exe C:\WINDOWS\mmindsrv.exe C:\Documents and Settings\Tomek\Dane aplikacji\hqgbtpsbv.exe C:\Documents and Settings\Tomek\Dane aplikacji\mbklpkfov.exe C:\Documents and Settings\Tomek\Dane aplikacji\dll :Commands [emptytemp] [Reboot][/code]Kliknij Run Fix. Zatwierdź restart komputera. Po ponownym uruchomieniu komputera tworzysz nowy log i pokazujesz do kontroli. Wykonaj: http://www.forumpc.pl/index.php?showtopic=107753 Usuwasz wszystko co znajdzie program, a raport pokazuje na forum. Log obszerny, coś po drodze mogło mi umknąć, jak widać mało tego nie jest.
Kurei komentarz 24 czerwca 2010 Autor komentarz 24 czerwca 2010 (edytowane) Prosze,oto log po restarcie: [log] OTL logfile created on: 2010-06-24 06:53:11 - Run 3 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Tomek\Pulpit Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free 5,00 Gb Paging File | 4,00 Gb Available in Paging File | 82,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 196,29 Gb Total Space | 98,69 Gb Free Space | 50,28% Space Free | Partition Type: NTFS Drive D: | 101,79 Gb Total Space | 9,03 Gb Free Space | 8,87% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOM-BD93B182DC4 Current User Name: Tomek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-06-23 21:13:39 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tomek\Pulpit\OTL.exe PRC - [2010-06-14 11:51:03 | 019,719,680 | ---- | M] (NDoors Co,Ltd.) -- D:\nDoors\Atlantica\Atlantica.exe PRC - [2010-05-16 20:48:35 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-05-07 21:55:19 | 000,215,104 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe PRC - [2010-05-06 22:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010-05-06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010-04-29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe PRC - [2010-04-03 19:23:16 | 000,154,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2010-02-23 17:54:00 | 000,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe PRC - [2010-02-01 23:32:16 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin PRC - [2010-02-01 23:32:14 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe PRC - [2009-11-20 20:01:18 | 000,832,296 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2009-08-28 20:42:54 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2009-08-06 20:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe PRC - [2009-02-09 12:10:45 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-12-12 12:17:38 | 000,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2006-03-02 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2006-03-02 14:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2006-03-02 14:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2006-03-02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2006-03-02 14:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2006-03-02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2006-03-02 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2005-01-28 14:44:28 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-06-23 21:13:39 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tomek\Pulpit\OTL.exe MOD - [2010-03-10 07:23:29 | 001,506,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll MOD - [2010-02-26 08:14:05 | 000,664,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll MOD - [2010-02-26 08:14:04 | 000,625,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll MOD - [2010-02-26 08:14:04 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-12-24 09:07:42 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll MOD - [2009-09-04 22:47:54 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll MOD - [2009-07-17 20:57:56 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll MOD - [2009-06-25 10:48:08 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 17:18:19 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-03-21 16:21:24 | 001,014,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 12:22:08 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 12:22:06 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-10-23 15:01:37 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-10-15 19:00:47 | 000,332,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll MOD - [2008-07-03 15:16:27 | 008,483,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-06-20 19:42:21 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll MOD - [2008-06-20 19:42:20 | 000,148,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll MOD - [2006-05-03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll MOD - [2006-03-02 14:00:00 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2006-03-02 14:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2006-03-02 14:00:00 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2006-03-02 14:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2006-03-02 14:00:00 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2006-03-02 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll MOD - [2006-03-02 14:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2006-03-02 14:00:00 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2006-03-02 14:00:00 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll MOD - [2006-03-02 14:00:00 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2006-03-02 14:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2006-03-02 14:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2006-03-02 14:00:00 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstask.dll MOD - [2006-03-02 14:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2006-03-02 14:00:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2006-03-02 14:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2006-03-02 14:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll MOD - [2006-03-02 14:00:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll MOD - [2006-03-02 14:00:00 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll MOD - [2006-03-02 14:00:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2006-03-02 14:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2006-03-02 14:00:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2006-03-02 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll MOD - [2006-03-02 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2006-03-02 14:00:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll MOD - [2006-03-02 14:00:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2006-03-02 14:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll MOD - [2006-03-02 14:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll MOD - [2006-03-02 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2006-03-02 14:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll MOD - [2006-03-02 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2006-03-02 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- -- (Hamachi2Svc) SRV - File not found [Auto | Stopped] -- -- (Application Updater) SRV - [2010-05-06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010-05-06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010-05-06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2007-10-23 18:46:30 | 000,262,144 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Stopped] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-06-08 17:16:26 | 006,056,040 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2010-05-07 16:02:18 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-05-06 22:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010-05-06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP) DRV - [2010-05-06 22:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010-05-06 22:33:59 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2) DRV - [2010-05-06 22:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-05-06 22:33:29 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2010-04-29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2010-04-04 00:55:31 | 010,232,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2010-02-20 19:41:09 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2009-11-18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009-11-18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009-06-30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot) DRV - [2009-03-27 02:16:28 | 000,012,672 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz132_x32.sys -- (cpuz132) DRV - [2009-02-17 19:11:30 | 000,024,232 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV - [2008-01-03 16:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2007-10-23 18:48:16 | 000,012,416 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asusgsb.sys -- (asusgsb) DRV - [2007-10-23 18:48:14 | 000,010,752 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Video3D32.sys -- (Video3D) DRV - [2007-10-23 18:48:12 | 000,011,136 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt) DRV - [2007-02-16 02:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2007-01-29 18:12:52 | 000,018,432 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AsusVRC.sys -- (ASUSVRC) DRV - [2006-09-24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan) DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen) DRV - [2006-06-14 14:44:30 | 000,012,288 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EIO_XP.sys -- (EIO_XP) DRV - [2006-03-02 14:00:00 | 000,036,352 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\disk.sys -- (Disk) DRV - [2005-01-07 18:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus) DRV - [2004-08-03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2003-04-15 18:07:26 | 000,006,852 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Vcs.sys -- (Vcs) DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll File not found IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1454471165-1284227242-725345543-1004\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll File not found IE - HKU\S-1-5-21-1454471165-1284227242-725345543-1004\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\YouTube Downloader Toolbar\SearchSettings.dll File not found IE - HKU\S-1-5-21-1454471165-1284227242-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1454471165-1284227242-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811" FF - prefs.js..browser.search.selectedEngine: "DAEMON Search" FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:4.0 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3 FF - prefs.js..extensions.enabledItems: youtubedownloader@mybrowserbar.com:1.0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-04-16 14:32:06 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-05-16 20:48:43 | 000,000,000 | ---D | M] [2010-03-10 17:11:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\Mozilla\Extensions [2010-06-13 16:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\Mozilla\Firefox\Profiles\5bvp76ej.default\extensions [2010-03-10 17:15:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Tomek\Dane aplikacji\Mozilla\Firefox\Profiles\5bvp76ej.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-05-07 16:02:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\Mozilla\Firefox\Profiles\5bvp76ej.default\extensions\DTToolbar@toolbarnet.com [2010-03-10 17:15:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\Mozilla\Firefox\Profiles\5bvp76ej.default\extensions\illimitux@illimitux.net [2010-05-07 16:02:28 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\Mozilla\Firefox\Profiles\5bvp76ej.default\searchplugins\daemon-search.xml [2010-06-12 19:33:04 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-05-16 20:48:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-05-16 20:48:35 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll O1 HOSTS File: ([2009-12-16 09:17:15 | 000,000,830 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 85.214.155.229 l2authd.lineage2.com O1 - Hosts: 85.214.155.229 l2testauthd.lineage2.com O1 - Hosts: 66.240.255.107 nprotect.lineage2.com O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll File not found O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\YouTube Downloader Toolbar\SearchSettings.dll File not found O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\1.0\youtubedownloaderToolbarIE.dll File not found O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not found O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll File not found O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\1.0\youtubedownloaderToolbarIE.dll File not found O3 - HKU\S-1-5-21-1454471165-1284227242-725345543-1004\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not found O3 - HKU\S-1-5-21-1454471165-1284227242-725345543-1004\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll File not found O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software) O4 - HKLM..\Run: [HKLM] C:\WINDOWS\system32\update\WinLogon.exe (Wyntid) O4 - HKLM..\Run: [Microsoft] C:\Documents and Settings\Tomek\Dane aplikacji\lsass.exe File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [System Security Enhancements Service] C:\WINDOWS\System32\mmindsrv.exe File not found O4 - HKLM..\Run: [Windows Defender] C:\Documents and Settings\Tomek\Dane aplikacji\HCKU.exe File not found O4 - HKU\.DEFAULT..\Run: [AsyxSys.exe] C:\Documents and Settings\Tomek\Dane aplikacji\AsyxSys.exe File not found O4 - HKU\.DEFAULT..\Run: [csrsss] C:\Documents and Settings\Tomek\Dane aplikacji\csrsss.exe File not found O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] File not found O4 - HKU\.DEFAULT..\Run: [Developer Operations Network] File not found O4 - HKU\.DEFAULT..\Run: [install] File not found O4 - HKU\.DEFAULT..\Run: [Java Sched Updater] File not found O4 - HKU\.DEFAULT..\Run: [Microsoft Windows Hosting Service Login] File not found O4 - HKU\.DEFAULT..\Run: [MSWUpdate] C:\Documents and Settings\Tomek\Dane aplikacji\lsass.exe File not found O4 - HKU\.DEFAULT..\Run: [Security System] File not found O4 - HKU\.DEFAULT..\Run: [Startup] File not found O4 - HKU\.DEFAULT..\Run: [System] C:\Documents and Settings\Tomek\Moje dokumenty\System32\eckscge.exe File not found O4 - HKU\.DEFAULT..\Run: [Task Manager] File not found O4 - HKU\.DEFAULT..\Run: [userinit] File not found O4 - HKU\.DEFAULT..\Run: [Windows] File not found O4 - HKU\.DEFAULT..\Run: [Windows Firewall] C:\Documents and Settings\Tomek\Dane aplikacji\rundll32.exe File not found O4 - HKU\S-1-5-18..\Run: [AsyxSys.exe] C:\Documents and Settings\Tomek\Dane aplikacji\AsyxSys.exe File not found O4 - HKU\S-1-5-18..\Run: [csrsss] C:\Documents and Settings\Tomek\Dane aplikacji\csrsss.exe File not found O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] File not found O4 - HKU\S-1-5-18..\Run: [Developer Operations Network] File not found O4 - HKU\S-1-5-18..\Run: [install] File not found O4 - HKU\S-1-5-18..\Run: [Java Sched Updater] File not found O4 - HKU\S-1-5-18..\Run: [Microsoft Windows Hosting Service Login] File not found O4 - HKU\S-1-5-18..\Run: [MSWUpdate] C:\Documents and Settings\Tomek\Dane aplikacji\lsass.exe File not found O4 - HKU\S-1-5-18..\Run: [Security System] File not found O4 - HKU\S-1-5-18..\Run: [Startup] File not found O4 - HKU\S-1-5-18..\Run: [System] C:\Documents and Settings\Tomek\Moje dokumenty\System32\eckscge.exe File not found O4 - HKU\S-1-5-18..\Run: [Task Manager] File not found O4 - HKU\S-1-5-18..\Run: [userinit] File not found O4 - HKU\S-1-5-18..\Run: [Windows] File not found O4 - HKU\S-1-5-18..\Run: [Windows Firewall] C:\Documents and Settings\Tomek\Dane aplikacji\rundll32.exe File not found O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1004..\Run: [HKCU] C:\WINDOWS\system32\update\WinLogon.exe (Wyntid) O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1004..\Run: [Microsoft] C:\Documents and Settings\Tomek\Dane aplikacji\lsass.exe File not found O4 - HKU\S-1-5-21-1454471165-1284227242-725345543-1004..\Run: [Windows Defender] C:\Documents and Settings\Tomek\Dane aplikacji\HCKU.exe File not found O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Documents and Settings\Tomek\Menu Start\Programy\Autostart\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Documents and Settings\Tomek\Menu Start\Programy\Autostart\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Task Manager = C:\DOCUME~1\Tomek\USTAWI~1\Temp\taskmanager.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: csrsss = C:\Documents and Settings\Tomek\Dane aplikacji\csrsss.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Windows Defender = C:\Documents and Settings\Tomek\Dane aplikacji\HCKU.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: alg = C:\Documents and Settings\Tomek\Dane aplikacji\alg.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\WINDOWS\system32\update\WinLogon.exe (Wyntid) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: msconfigs = C:\WINDOWS\system32\System32\updater.exe File not found O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Windows = C:\DOCUME~1\Tomek\USTAWI~1\Temp\winlogons.exe File not found O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\WINDOWS\system32\update\WinLogon.exe (Wyntid) O7 - HKU\S-1-5-21-1454471165-1284227242-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html () O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {3A52566B-6018-485B-B713-8B9FF660D8E8} http://dvrlink.net/webdvr/webdvr2.5.10.2_32.0.0.0.cab (ilhtrapp Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (C:\Documents and Settings\Tomek\Dane aplikacji\lsass.exe) - C:\Documents and Settings\Tomek\Dane aplikacji\lsass.exe File not found O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\Tomek\Dane aplikacji\recyclerr\recyclerr.exe) - C:\Documents and Settings\Tomek\Dane aplikacji\recyclerr\recyclerr.exe File not found O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\Tomek\Dane aplikacji\dll\svchost.exe) - C:\Documents and Settings\Tomek\Dane aplikacji\dll\svchost.exe File not found O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-02-20 19:18:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\##192.168.3.10#aom\Shell - "" = AutoRun O33 - MountPoints2\##192.168.3.10#aom\Shell\AutoRun\command - "" = W:\instalar.exe -- File not found O33 - MountPoints2\##192.168.3.10#aom\Shell\setup\command - "" = W:\instalar.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-06-24 06:45:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Dane aplikacji\Malwarebytes [2010-06-24 06:45:27 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-06-24 06:45:25 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-06-24 06:45:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010-06-24 06:45:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2010-06-24 06:37:22 | 000,000,000 | ---D | C] -- C:\_OTL [2010-06-24 06:29:42 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Tomek\Pulpit\mbam-setup-1.46.exe [2010-06-23 21:13:37 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tomek\Pulpit\OTL.exe [2010-06-23 16:25:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\cresty [2010-06-22 22:28:15 | 000,315,392 | ---- | C] (None) -- C:\WINDOWS\winservice.exe [2010-06-22 19:55:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\install [2010-06-22 17:28:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Moje dokumenty\AdobeStockPhotos [2010-06-21 20:36:46 | 000,200,704 | ---- | C] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\a.exe [2010-06-21 09:24:12 | 000,000,000 | ---D | C] -- C:\SaveFolder [2010-06-21 09:11:17 | 000,000,000 | ---D | C] -- C:\Program Files\RemoteAgent [2010-06-21 00:30:20 | 000,372,736 | RHS- | C] (DAZ3gyInkVsJ8CVU) -- C:\WINDOWS\bot.exe [2010-06-19 08:16:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\x22 [2010-06-18 20:02:13 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\explorer [2010-06-18 18:32:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\AV Voice Changer Diamond 6_mahek [2010-06-18 17:00:55 | 000,359,016 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe [2010-06-18 17:00:54 | 000,129,640 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe [2010-06-18 17:00:52 | 001,691,480 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys [2010-06-18 11:59:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Dane aplikacji\Application Updater [2010-06-17 17:30:40 | 000,000,000 | ---D | C] -- C:\Program Files\TopWare [2010-06-17 16:16:43 | 000,159,744 | ---- | C] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\dzaqqci.exe [2010-06-17 16:15:40 | 000,159,744 | ---- | C] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\wfggxgn.exe [2010-06-17 00:05:36 | 001,312,768 | ---- | C] (Microsoft) -- C:\Documents and Settings\Tomek\Dane aplikacji\whjxfrt.exe [2010-06-17 00:03:45 | 001,312,768 | ---- | C] (Microsoft) -- C:\Documents and Settings\Tomek\Dane aplikacji\zaexfbl.exe [2010-06-17 00:00:59 | 001,312,768 | ---- | C] (Microsoft) -- C:\Documents and Settings\Tomek\Dane aplikacji\tdxzbcp.exe [2010-06-16 23:59:15 | 001,312,768 | ---- | C] (Microsoft) -- C:\Documents and Settings\Tomek\Dane aplikacji\xytshng.exe [2010-06-16 20:12:42 | 000,358,685 | RHS- | C] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Tomek\ThisIsNotABackdoor.exe [2010-06-16 15:42:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\Nowy folder [2010-06-15 22:02:02 | 000,375,808 | ---- | C] (Microsoft) -- C:\Documents and Settings\Tomek\Dane aplikacji\olsgcpk.exe [2010-06-15 21:37:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\WINDOWS [2010-06-15 20:59:26 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2010-06-15 20:56:13 | 000,167,936 | ---- | C] ( ) -- C:\Documents and Settings\Tomek\Dane aplikacji\ykkwhej.exe [2010-06-15 20:53:57 | 000,167,936 | ---- | C] ( ) -- C:\Documents and Settings\Tomek\Dane aplikacji\lerkjfu.exe [2010-06-15 18:05:21 | 000,458,752 | ---- | C] (RlKd9wUFogtVw) -- C:\Documents and Settings\Tomek\Dane aplikacji\plebupk.exe [2010-06-15 17:58:35 | 000,458,752 | ---- | C] (RlKd9wUFogtVw) -- C:\Documents and Settings\Tomek\Dane aplikacji\wrqgtob.exe [2010-06-15 17:49:11 | 000,458,752 | ---- | C] (RlKd9wUFogtVw) -- C:\Documents and Settings\Tomek\Dane aplikacji\bmlotyh.exe [2010-06-15 17:47:58 | 000,458,752 | ---- | C] (RlKd9wUFogtVw) -- C:\Documents and Settings\Tomek\Dane aplikacji\arnidnd.exe [2010-06-15 17:19:15 | 000,000,000 | ---D | C] -- C:\Program Files\Steam [2010-06-15 15:36:30 | 000,000,000 | ---D | C] -- C:\Program Files\Robster Productions [2010-06-15 15:23:03 | 000,397,312 | ---- | C] (fullyundetected.com) -- C:\Documents and Settings\Tomek\Dane aplikacji\bcwcwad.exe [2010-06-15 15:17:46 | 000,397,312 | ---- | C] (fullyundetected.com) -- C:\Documents and Settings\Tomek\Dane aplikacji\kizsoio.exe [2010-06-15 15:14:53 | 000,397,312 | ---- | C] (fullyundetected.com) -- C:\Documents and Settings\Tomek\Dane aplikacji\ekamfif.exe [2010-06-15 15:12:25 | 000,397,312 | ---- | C] (fullyundetected.com) -- C:\Documents and Settings\Tomek\Dane aplikacji\txiajes.exe [2010-06-15 15:11:11 | 000,397,312 | ---- | C] (fullyundetected.com) -- C:\Documents and Settings\Tomek\Dane aplikacji\mmruxjy.exe [2010-06-15 14:07:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\CS1 [2010-06-14 17:26:57 | 000,028,672 | ---- | C] (pHr34K) -- C:\Documents and Settings\Tomek\Pulpit\clicker.exe [2010-06-13 21:19:45 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll [2010-06-13 20:32:30 | 000,195,809 | ---- | C] (tryrt4rhrthrthrthrzrgq) -- C:\Documents and Settings\Tomek\Dane aplikacji\tovnuuc.exe [2010-06-13 20:32:00 | 000,195,809 | ---- | C] (tryrt4rhrthrthrthrzrgq) -- C:\Documents and Settings\Tomek\Dane aplikacji\jnrfsha.exe [2010-06-13 20:30:51 | 000,195,809 | ---- | C] (tryrt4rhrthrthrthrzrgq) -- C:\Documents and Settings\Tomek\Dane aplikacji\xxgkxvl.exe [2010-06-13 20:20:40 | 000,195,809 | ---- | C] (tryrt4rhrthrthrthrzrgq) -- C:\Documents and Settings\Tomek\Dane aplikacji\lyhydvg.exe [2010-06-13 20:20:28 | 000,000,000 | ---D | C] -- C:\Program Files\Perfect Optimizer [2010-06-13 20:19:34 | 000,195,809 | ---- | C] (tryrt4rhrthrthrthrzrgq) -- C:\Documents and Settings\Tomek\Dane aplikacji\qukndgp.exe [2010-06-13 20:18:03 | 000,195,809 | ---- | C] (tryrt4rhrthrthrthrzrgq) -- C:\Documents and Settings\Tomek\Dane aplikacji\xxufpqm.exe [2010-06-13 20:14:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\RegCure [2010-06-13 18:48:46 | 000,159,744 | ---- | C] (Yo21GdmF3A) -- C:\Documents and Settings\Tomek\Dane aplikacji\ljiodvt.exe [2010-06-13 18:06:58 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\lowsec [2010-06-13 17:05:16 | 000,192,512 | ---- | C] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\nuidznm.exe [2010-06-13 17:01:23 | 000,192,512 | ---- | C] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\bspiaqr.exe [2010-06-13 16:25:38 | 000,188,416 | ---- | C] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\qbhbmhp.exe [2010-06-13 16:09:13 | 000,188,416 | ---- | C] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\diqninl.exe [2010-06-13 16:04:19 | 000,188,416 | ---- | C] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\xdnrxmf.exe [2010-06-13 07:28:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\PCHealth [2010-06-12 20:01:18 | 000,155,648 | ---- | C] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\bshpxqehb.exe [2010-06-12 19:58:50 | 000,155,648 | ---- | C] (AceSoft Corp all rights reserved) -- C:\WINDOWS\mmindsrv.exe [2010-06-12 19:58:47 | 000,155,648 | ---- | C] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\hqgbtpsbv.exe [2010-06-12 19:57:45 | 000,155,648 | ---- | C] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\mbklpkfov.exe [2010-06-12 16:57:44 | 000,000,000 | RHSD | C] -- C:\Documents and Settings\Tomek\Dane aplikacji\dll [2010-06-11 15:53:25 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys [2010-06-11 15:51:23 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security [2010-06-11 06:45:01 | 000,136,422 | ---- | C] (vortex) -- C:\WINDOWS\System32\explorerhost.exe [2010-06-07 17:33:21 | 000,000,000 | ---D | C] -- C:\directory [2010-06-02 17:15:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\BaDBoY v5 [2010-06-02 17:11:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\Senses Fail [2010-05-30 20:49:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\bwa [2010-05-30 20:47:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\mph_aimbot_9 [2010-05-30 20:43:47 | 000,164,048 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2010-05-30 20:43:47 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2010-05-30 20:43:46 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2010-05-30 20:43:45 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2010-05-30 20:43:43 | 000,100,432 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2010-05-30 20:43:43 | 000,094,800 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2010-05-30 20:43:42 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2010-05-30 20:43:32 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe [2010-05-30 20:43:32 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr [2010-05-30 20:43:28 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software [2010-05-30 20:43:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-05-29 12:52:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\seren1ty Aimbot 7.0 [2010-05-28 22:01:49 | 000,000,000 | RHSD | C] -- C:\Documents and Settings\Tomek\Dane aplikacji\recyclerr [2010-05-27 21:39:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Dane aplikacji\Octoshape [2010-05-26 17:12:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun [2010-05-26 17:12:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Dane aplikacji\Search Settings [2010-05-26 17:12:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Dane aplikacji\YouTube Downloader [2010-05-25 22:20:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\Fighter FX 7.2 [2010-05-25 18:26:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\misc [2010-05-24 21:42:45 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader Toolbar [2010-05-24 21:42:17 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader [2010-05-23 11:21:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\ZHLT [2010-05-23 11:10:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\cs_demomap [2010-05-23 09:59:29 | 000,000,000 | ---D | C] -- C:\Program Files\Valve Hammer Editor [2010-05-16 20:49:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun [2010-05-16 20:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2010-05-16 20:48:33 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2010-05-16 20:44:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Dane aplikacji\OpenOffice.org [2010-05-16 20:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3 [2010-05-16 20:42:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\OpenOffice.org 3.2 (pl) Installation Files [2010-05-14 19:24:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\Hitman Blood Money [2010-05-13 14:29:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\Smieci [2010-05-13 09:16:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Moje dokumenty\Hitman Blood Money [2010-05-13 08:55:22 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman - Krwawa Forsa [2010-05-09 17:36:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Moje dokumenty\The Duel [2010-05-09 09:18:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\Project Mayhem v1.01 [2010-05-08 18:00:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\Super_Simple_Wallhack_5.21 [2010-05-08 17:41:48 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF [2010-05-08 10:10:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Dane aplikacji\Sun [2010-05-07 16:02:28 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar [2010-05-07 16:02:01 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite [2010-05-07 16:01:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Dane aplikacji\DAEMON Tools Lite [2010-05-07 16:01:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-05-06 20:59:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\Dragon_Age_Origins_Awakening-Razor1911 [2010-05-02 11:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\grafiki [2010-04-29 17:30:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\w3 [2010-04-29 15:41:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi [2010-04-29 15:41:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi [2010-04-29 15:41:18 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi [2010-04-29 13:17:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\Rise Of Legends [2010-04-29 13:06:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\Ageofempries [2010-04-29 13:05:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\Age of Mythology [2010-04-29 12:40:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\aom [2010-04-29 10:01:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\layz [2010-04-29 10:01:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Moje dokumenty\Downloads [2010-04-28 18:49:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\__MACOSX [2010-04-28 16:43:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\[NONSTEAM] WH-3 Cheat [2010-04-26 17:40:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomek\Pulpit\forumthread [9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Documents and Settings\Tomek\Dane aplikacji\*.tmp files -> C:\Documents and Settings\Tomek\Dane aplikacji\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-06-24 06:53:54 | 000,009,148 | -H-- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\cglogs.dat [2010-06-24 06:45:29 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-06-24 06:41:00 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-06-24 06:40:42 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2010-06-24 06:40:28 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-06-24 06:39:17 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-06-24 06:39:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-06-24 06:38:23 | 003,407,872 | -H-- | M] () -- C:\Documents and Settings\Tomek\NTUSER.DAT [2010-06-24 06:36:49 | 000,110,014 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\data.dat [2010-06-24 06:30:26 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Tomek\Pulpit\mbam-setup-1.46.exe [2010-06-24 04:31:00 | 000,000,372 | ---- | M] () -- C:\WINDOWS\tasks\RegCure.job [2010-06-23 23:02:34 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-06-23 21:13:39 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tomek\Pulpit\OTL.exe [2010-06-23 17:00:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job [2010-06-23 16:33:29 | 000,701,781 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\11.png [2010-06-23 16:20:58 | 000,003,400 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\12314.png [2010-06-23 16:18:25 | 000,003,249 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\1341.png [2010-06-23 16:11:21 | 000,003,345 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\12331.png [2010-06-23 16:04:06 | 000,003,249 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\1111.png [2010-06-23 16:03:36 | 000,003,249 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\134.png [2010-06-23 12:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\PerfectOptimizer_home.job [2010-06-23 11:12:51 | 003,781,731 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\4234.psd [2010-06-23 10:49:51 | 000,708,470 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\143.png [2010-06-23 09:52:18 | 000,270,087 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\s4startfw7.png [2010-06-23 09:34:04 | 000,116,441 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\2798443503_7d13106fb0.jpg [2010-06-22 22:29:35 | 000,315,392 | ---- | M] (None) -- C:\WINDOWS\winservice.exe [2010-06-22 20:14:10 | 000,006,656 | ---- | M] () -- C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-06-22 20:02:45 | 001,126,144 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\7.psd [2010-06-22 16:59:29 | 000,263,088 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\S4_League_Concept_02.jpg [2010-06-21 20:36:46 | 000,200,704 | ---- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\a.exe [2010-06-21 16:36:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010-06-21 09:10:38 | 000,894,976 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\SystemPack.msi [2010-06-21 09:05:51 | 001,755,358 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\111.bmp [2010-06-21 09:05:23 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Nowy Obraz - mapa bitowa (5).bmp [2010-06-21 00:30:13 | 000,372,736 | RHS- | M] (DAZ3gyInkVsJ8CVU) -- C:\WINDOWS\bot.exe [2010-06-20 10:36:09 | 000,330,332 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\127699238452.png [2010-06-20 10:19:10 | 000,006,467 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\127699135078.png [2010-06-19 12:03:14 | 000,013,096 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\rafal.wad [2010-06-19 11:59:43 | 000,037,909 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\guwno.jpg [2010-06-19 11:54:44 | 000,026,481 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\babe39.jpg [2010-06-19 10:42:43 | 000,006,296 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\tempdecal.wad [2010-06-19 10:40:21 | 000,000,928 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Skrót do HLC.lnk [2010-06-19 10:39:10 | 000,108,910 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\hmhm copy.jpg [2010-06-19 09:58:13 | 000,000,565 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Skrót do x22 xRadar v4.0.lnk [2010-06-19 08:16:10 | 000,315,482 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\x22.rar [2010-06-19 08:05:03 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-06-18 21:54:20 | 000,045,568 | RHS- | M] () -- C:\WINDOWS\WinRER.exe [2010-06-18 21:29:49 | 000,001,061 | ---- | M] () -- C:\Documents and Settings\Tomek\share.bat [2010-06-18 21:29:49 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\sysdirec.dll [2010-06-18 20:34:13 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\pokihgfrthugytfdt.dll [2010-06-18 20:34:13 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\dfgustfeywu8riey.dll [2010-06-18 20:34:12 | 000,046,080 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\000100100.exe [2010-06-18 18:37:31 | 000,000,912 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Voice Changer 6.0 Diamond.lnk [2010-06-18 17:39:04 | 011,733,833 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\AV Voice Changer Diamond 6.rar [2010-06-18 17:01:26 | 005,302,152 | -H-- | M] () -- C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-06-18 13:36:52 | 000,000,075 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Counter-Strike.url [2010-06-18 10:04:53 | 000,100,141 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\hmhm.jpg [2010-06-18 09:46:48 | 000,344,752 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\1273382179854.png [2010-06-17 19:34:15 | 000,081,972 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\boxxy copy.jpg [2010-06-17 19:31:49 | 000,921,466 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\boxxy.png [2010-06-17 19:30:21 | 000,099,405 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Boxxy.jpg [2010-06-17 19:27:29 | 000,013,304 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\megan_schimdt.jpg [2010-06-17 16:16:45 | 000,159,744 | ---- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\dzaqqci.exe [2010-06-17 16:15:41 | 000,159,744 | ---- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\wfggxgn.exe [2010-06-17 15:12:45 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Nowy Obraz - mapa bitowa (4).bmp [2010-06-17 02:34:21 | 000,104,960 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\zwpufvk.exe [2010-06-17 02:34:19 | 000,104,960 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\qgdhjvu.exe [2010-06-17 02:32:45 | 000,104,960 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\hqznzum.exe [2010-06-17 02:32:13 | 000,104,960 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\rhajpgp.exe [2010-06-17 01:05:27 | 000,293,888 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\qrfvfwr.exe [2010-06-17 01:03:42 | 000,059,904 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\maketxv.exe [2010-06-17 00:47:51 | 000,059,904 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\edrtgvu.exe [2010-06-17 00:42:01 | 000,059,904 | RHS- | M] () -- C:\WINDOWS\sysdiag64.exe [2010-06-17 00:42:01 | 000,059,904 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\ksaxkws.exe [2010-06-17 00:32:17 | 000,104,960 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\twucvfw.exe [2010-06-17 00:16:32 | 000,104,960 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\ncgjsxt.exe [2010-06-17 00:13:57 | 000,104,960 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\abenguv.exe [2010-06-17 00:11:35 | 000,104,960 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\yuwkjkk.exe [2010-06-17 00:09:07 | 000,180,736 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\gcfcchf.exe [2010-06-17 00:07:39 | 000,180,736 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\ymyxyot.exe [2010-06-16 23:54:17 | 000,104,960 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\tdctmya.exe [2010-06-16 23:28:09 | 000,315,517 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\stmwgzm.exe [2010-06-16 23:22:38 | 000,315,517 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\aozmvcc.exe [2010-06-16 22:35:16 | 000,082,432 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\iaybnxa.exe [2010-06-16 22:35:16 | 000,082,432 | ---- | M] () -- C:\WINDOWS\System32\devon.exe [2010-06-16 22:19:05 | 000,318,464 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\bflhamb.exe [2010-06-16 22:13:36 | 000,318,464 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\kqrskpi.exe [2010-06-16 21:02:11 | 000,000,382 | --S- | M] () -- C:\WINDOWS\System32\2539083466.dat [2010-06-16 15:56:59 | 000,021,064 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\111.odt [2010-06-15 22:06:13 | 000,142,336 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\eckscge.exe [2010-06-15 22:02:08 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\sysfile.sys [2010-06-15 22:02:08 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\sysdir.sys [2010-06-15 21:53:55 | 000,001,006 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\mjwhytb.exe [2010-06-15 21:50:55 | 000,000,210 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\jaiwqpy.exe [2010-06-15 21:35:21 | 000,016,764 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Podatki.odt [2010-06-15 20:59:26 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\HijackThis.lnk [2010-06-15 20:56:15 | 000,167,936 | ---- | M] ( ) -- C:\Documents and Settings\Tomek\Dane aplikacji\ykkwhej.exe [2010-06-15 20:53:58 | 000,167,936 | ---- | M] ( ) -- C:\Documents and Settings\Tomek\Dane aplikacji\lerkjfu.exe [2010-06-15 18:05:26 | 000,458,752 | ---- | M] (RlKd9wUFogtVw) -- C:\Documents and Settings\Tomek\Dane aplikacji\plebupk.exe [2010-06-15 17:58:41 | 000,458,752 | ---- | M] (RlKd9wUFogtVw) -- C:\Documents and Settings\Tomek\Dane aplikacji\wrqgtob.exe [2010-06-15 17:49:15 | 000,458,752 | ---- | M] (RlKd9wUFogtVw) -- C:\Documents and Settings\Tomek\Dane aplikacji\bmlotyh.exe [2010-06-15 17:48:02 | 000,458,752 | ---- | M] (RlKd9wUFogtVw) -- C:\Documents and Settings\Tomek\Dane aplikacji\arnidnd.exe [2010-06-15 17:33:36 | 000,144,384 | ---- | M] () -- C:\WINDOWS\System32\miccyhook.dll [2010-06-15 17:24:12 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk [2010-06-15 17:18:57 | 001,588,224 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\SteamInstall.msi [2010-06-15 16:23:08 | 001,964,155 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\wqrfqrwq.psd [2010-06-15 16:04:38 | 000,104,960 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\ulmdtii.exe [2010-06-15 16:04:14 | 000,104,960 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\skqwgay.exe [2010-06-15 15:53:24 | 000,035,605 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\SQLite3.dll [2010-06-15 15:38:30 | 000,083,887 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\aiail.jpg [2010-06-15 15:37:18 | 000,328,722 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\xdd.png [2010-06-15 15:23:03 | 000,397,312 | ---- | M] (fullyundetected.com) -- C:\Documents and Settings\Tomek\Dane aplikacji\bcwcwad.exe [2010-06-15 15:17:46 | 000,397,312 | ---- | M] (fullyundetected.com) -- C:\Documents and Settings\Tomek\Dane aplikacji\kizsoio.exe [2010-06-15 15:16:06 | 001,280,303 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\HLC_1_setup.exe [2010-06-15 15:14:53 | 000,397,312 | ---- | M] (fullyundetected.com) -- C:\Documents and Settings\Tomek\Dane aplikacji\ekamfif.exe [2010-06-15 15:12:30 | 000,397,312 | ---- | M] (fullyundetected.com) -- C:\Documents and Settings\Tomek\Dane aplikacji\txiajes.exe [2010-06-15 15:11:15 | 000,397,312 | ---- | M] (fullyundetected.com) -- C:\Documents and Settings\Tomek\Dane aplikacji\mmruxjy.exe [2010-06-15 14:16:47 | 000,000,523 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\CS.lnk [2010-06-14 17:26:57 | 000,028,672 | ---- | M] (pHr34K) -- C:\Documents and Settings\Tomek\Pulpit\clicker.exe [2010-06-13 22:13:16 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Tomek\ntuser.ini [2010-06-13 22:09:25 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat [2010-06-13 21:24:54 | 004,509,480 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Perfect.Optimizer.v5.1.0.250.zip [2010-06-13 20:32:32 | 000,195,809 | ---- | M] (tryrt4rhrthrthrthrzrgq) -- C:\Documents and Settings\Tomek\Dane aplikacji\tovnuuc.exe [2010-06-13 20:32:02 | 000,195,809 | ---- | M] (tryrt4rhrthrthrthrzrgq) -- C:\Documents and Settings\Tomek\Dane aplikacji\jnrfsha.exe [2010-06-13 20:30:53 | 000,195,809 | ---- | M] (tryrt4rhrthrthrthrzrgq) -- C:\Documents and Settings\Tomek\Dane aplikacji\xxgkxvl.exe [2010-06-13 20:20:48 | 000,195,809 | ---- | M] (tryrt4rhrthrthrthrzrgq) -- C:\Documents and Settings\Tomek\Dane aplikacji\lyhydvg.exe [2010-06-13 20:19:44 | 000,195,809 | ---- | M] (tryrt4rhrthrthrthrzrgq) -- C:\Documents and Settings\Tomek\Dane aplikacji\qukndgp.exe [2010-06-13 20:18:09 | 000,195,809 | ---- | M] (tryrt4rhrthrthrthrzrgq) -- C:\Documents and Settings\Tomek\Dane aplikacji\xxufpqm.exe [2010-06-13 20:14:57 | 000,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\RegCure.lnk [2010-06-13 20:11:11 | 000,150,528 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\qhhdkqy.exe [2010-06-13 20:09:48 | 000,150,528 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\ggcipdy.exe [2010-06-13 20:08:38 | 000,150,528 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\zqxsuoc.exe [2010-06-13 18:48:51 | 000,159,744 | ---- | M] (Yo21GdmF3A) -- C:\Documents and Settings\Tomek\Dane aplikacji\ljiodvt.exe [2010-06-13 17:54:28 | 000,104,960 | -H-- | M] () -- C:\WINDOWS\System32\WUDHost.exe [2010-06-13 17:54:28 | 000,104,960 | -H-- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\audiohd.exe [2010-06-13 17:05:18 | 000,192,512 | ---- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\nuidznm.exe [2010-06-13 17:01:25 | 000,192,512 | ---- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\bspiaqr.exe [2010-06-13 16:25:39 | 000,188,416 | ---- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\qbhbmhp.exe [2010-06-13 16:09:15 | 000,188,416 | ---- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\diqninl.exe [2010-06-13 16:04:22 | 000,188,416 | ---- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\xdnrxmf.exe [2010-06-13 13:31:56 | 000,046,453 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\pizza-torino.jpg [2010-06-12 20:01:19 | 000,155,648 | ---- | M] (AceSoft Corp all rights reserved) -- C:\WINDOWS\mmindsrv.exe [2010-06-12 20:01:19 | 000,155,648 | ---- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\bshpxqehb.exe [2010-06-12 19:58:49 | 000,155,648 | ---- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\hqgbtpsbv.exe [2010-06-12 19:57:47 | 000,155,648 | ---- | M] (AceSoft Corp all rights reserved) -- C:\Documents and Settings\Tomek\Dane aplikacji\mbklpkfov.exe [2010-06-12 18:35:24 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\nzlylyl.exe [2010-06-12 18:10:51 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\sdipduz.exe [2010-06-12 17:45:11 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\hestmli.exe [2010-06-12 17:43:22 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\ugzlwes.exe [2010-06-12 17:41:06 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\plbiadw.exe [2010-06-12 17:07:30 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\bwwphed.exe [2010-06-12 16:59:31 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\hfpdpqe.exe [2010-06-12 16:57:39 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\qihzmbq.exe [2010-06-11 20:43:33 | 000,133,718 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\rmfkgmz.exe [2010-06-11 14:58:41 | 000,001,781 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sexy.exe [2010-06-11 13:35:45 | 000,021,374 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Testoviron_Depot_Injection.jpg [2010-06-11 06:44:55 | 000,136,422 | ---- | M] (vortex) -- C:\WINDOWS\System32\explorerhost.exe [2010-06-10 22:19:35 | 000,013,135 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\hmm.JPG [2010-06-10 22:14:46 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Nowy Obraz - mapa bitowa (3).bmp [2010-06-08 17:16:38 | 000,359,016 | ---- | M] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe [2010-06-08 17:16:20 | 000,129,640 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe [2010-06-08 17:16:08 | 002,815,592 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE [2010-06-07 17:36:12 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Tomek\app.data [2010-06-07 15:48:36 | 000,089,604 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\rqprcxi.exe [2010-06-07 15:40:52 | 000,089,604 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\rxxxcnr.exe [2010-06-06 15:27:03 | 000,634,708 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\xd.jpg [2010-06-06 14:45:18 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\pro.bmp [2010-06-06 14:45:07 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Nowy Obraz - mapa bitowa (2).bmp [2010-06-04 20:07:26 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\iTunes.lnk [2010-06-04 11:18:23 | 000,404,448 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\kategorienowe.psd [2010-06-03 20:55:22 | 003,932,214 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Nowy Obraz - mapa bitowa.bmp [2010-06-03 14:23:05 | 000,000,048 | ---- | M] () -- C:\WINDOWS\wininit.ini [2010-06-03 09:00:52 | 001,297,213 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\27xge1g.gif [2010-06-02 21:42:33 | 000,194,842 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\1yph21.gif [2010-06-02 17:19:15 | 000,018,102 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Cs_Multihack _ CS_Scripts.pl.rar [2010-06-02 17:15:04 | 000,620,672 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\[cs-scripts.pl] BaDBoY v5.rar [2010-06-02 17:11:50 | 000,167,069 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\[cs-scripts.pl] Senses Fail.rar [2010-06-01 19:24:56 | 000,000,791 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk [2010-06-01 19:24:56 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk [2010-06-01 14:43:11 | 004,777,677 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\DSC_3610.jpg [2010-05-31 16:16:33 | 005,302,306 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\lady gaga - paparazzi.mp31274730682_[mp3.teledyski.info].mp3 [2010-05-31 16:11:02 | 004,228,569 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\lady gaga - bad romance (radio edit).mp31274730700_[mp3.teledyski.info].mp3 [2010-05-31 15:52:02 | 003,971,524 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\nightwish - wish i had an angel.mp31274763713_[mp3.teledyski.info].mp3 [2010-05-30 20:43:48 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk [2010-05-30 20:43:44 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010-05-30 20:31:22 | 051,731,232 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\setup_av_free.exe [2010-05-30 13:50:08 | 000,423,773 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\8D.psd [2010-05-30 13:14:59 | 000,044,913 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\x123.psd [2010-05-28 22:10:48 | 000,303,304 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\ikoneczki.psd [2010-05-28 21:49:39 | 000,023,021 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\qffnou.png [2010-05-28 20:44:10 | 000,339,436 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\kategorie.psd [2010-05-28 20:32:07 | 000,101,052 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\retro_grafika-1.jpg [2010-05-28 20:22:00 | 002,021,626 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\awea.png [2010-05-28 20:21:03 | 000,993,578 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\1manarmycloudset1.abr [2010-05-28 20:16:59 | 000,000,477 | ---- | M] () -- C:\WINDOWS\win.ini [2010-05-28 19:36:27 | 000,057,364 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\qwe452.png [2010-05-28 18:08:00 | 000,065,386 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\1231.png [2010-05-28 17:09:03 | 000,233,994 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\djupa.png [2010-05-28 17:01:38 | 000,208,422 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\dupa.png [2010-05-28 02:09:00 | 000,041,872 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll [2010-05-27 07:16:00 | 000,026,303 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Nowy OpenDocument Dokument tekstowy.odt [2010-05-26 22:26:18 | 000,019,985 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\134.odt [2010-05-26 17:43:28 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Tomek\Dane aplikacji\chrtmp [2010-05-26 16:10:42 | 000,115,315 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\grafiki.rar [2010-05-26 16:07:29 | 000,120,460 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\panel.psd [2010-05-26 15:54:10 | 000,119,172 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\stopka.psd [2010-05-25 23:09:41 | 000,149,928 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\ramka2.psd [2010-05-25 23:09:25 | 000,191,266 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\ramka1.psd [2010-05-25 22:20:04 | 001,379,952 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Fighter FX 7.2.rar [2010-05-25 21:29:18 | 001,632,468 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\HEADZOTS_V2.4_PUBLIC.rar [2010-05-25 20:32:57 | 000,067,861 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\ea97cad0c680.jpg [2010-05-25 19:59:00 | 015,037,059 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\qfpa.psd [2010-05-25 18:26:18 | 000,463,119 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\FuRious_SP-X_11.07.zip [2010-05-25 07:12:30 | 001,610,630 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\niezapomniana osiemnastka.mp4 [2010-05-25 07:07:11 | 003,798,862 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\nightwish - amaranth.mp31274763707_[mp3.teledyski.info].mp3 [2010-05-25 06:59:41 | 000,126,912 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-05-24 22:20:07 | 004,689,996 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\timbaland - if we ever meet again.mp31274731462_[mp3.teledyski.info].mp3 [2010-05-24 22:15:30 | 003,462,450 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\lady gaga - telephone ft. beyonce (official cover) by bangin productions .mp31274730621_[mp3.teledyski.info].mp3 [2010-05-24 21:43:10 | 003,229,739 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Dimitri o walce Pudzian vs Sylvia.mp4 [2010-05-24 21:42:17 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\YouTube Downloader.lnk [2010-05-24 21:41:59 | 003,170,832 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\YouTubeDownloaderSetup255_[www.programosy.pl].exe [2010-05-23 12:57:26 | 004,759,040 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\cortona3d.msi [2010-05-23 11:48:14 | 000,006,535 | ---- | M] () -- C:\de_kurej.map [2010-05-23 11:09:55 | 000,174,700 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\cs_demomap.zip [2010-05-23 09:59:33 | 000,001,801 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Valve Hammer Editor.lnk [2010-05-23 09:59:33 | 000,000,819 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Valve Hammer Editor Help.lnk [2010-05-23 09:59:11 | 002,142,766 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\hammer_v34.exe [2010-05-23 09:59:09 | 000,152,854 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\zhlt253-17.zip [2010-05-21 06:38:38 | 000,019,712 | ---- | M] () -- C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-05-20 16:09:45 | 000,263,445 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\1234.JPG [2010-05-20 16:02:25 | 002,147,486 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\1234.png [2010-05-18 14:44:00 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Earth.lnk [2010-05-17 16:43:43 | 000,000,586 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\ATLANTIKA.lnk [2010-05-16 21:47:34 | 002,053,064 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\sly.png [2010-05-16 21:40:24 | 000,039,947 | ---- | M] () -- C:\Documents and Settings\Tomek\Moje dokumenty\Bez tytułu 1.odt [2010-05-16 20:45:01 | 000,000,864 | ---- | M] () -- C:\Documents and Settings\Tomek\Menu Start\Programy\Autostart\OpenOffice.org 3.2.lnk [2010-05-16 20:44:01 | 000,000,967 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.2.lnk [2010-05-16 20:09:03 | 139,699,360 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\OOo_3.2.0_Win32Intel_install_pl.exe [2010-05-16 19:57:54 | 001,287,662 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\x134.jpg [2010-05-16 11:21:02 | 000,008,108 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\system.zip [2010-05-14 19:37:44 | 000,001,543 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Hitman - Krwawa Forsa.lnk [2010-05-14 19:37:20 | 000,049,680 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\hbm_ecn_v1.2.rar [2010-05-14 19:24:23 | 001,076,686 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\Hitman_Blood_Money.rar [2010-05-14 19:12:52 | 000,085,891 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\hitbloodmtrn10.zip [2010-05-14 19:11:21 | 000,200,980 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\hbm-anji-1.zip [2010-05-13 17:09:40 | 000,518,045 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\XD.png [2010-05-13 15:49:45 | 000,002,675 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\nav.bottom.png [2010-05-13 15:49:42 | 000,009,925 | ---- | M] () -- C:\Documents and Settings\Tomek\Pulpit\nav.top.png [2010-05-13 08:17:36 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-05-07 21:55:19 | 000,215,104 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2010-05-07 21:53:58 | 000,138,576 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010-05-07 16:02:23 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk [2010-05-07 16:02:18 | 000,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-05-06 22:59:57 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr [2010-05-06 22:59:36 | 000,165,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe [2010-05-06 22:39:23 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2010-05-06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2010-05-06 22:34:27 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2010-05-06 22:33:59 | 000,100,432 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2010-05-06 22:33:55 | 000,094,800 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2010-05-06 22:33:47 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2010-05-06 22:33:29 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2010-04-29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-04-29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Documents and Settings\Tomek\Dane aplikacji\*.tmp files -> C:\Documents and Settings\Tomek\Dane aplikacji\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-06-24 06:45:29 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-06-23 16:33:25 | 000,701,781 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\11.png [2010-06-23 16:20:57 | 000,003,400 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\12314.png [2010-06-23 16:18:24 | 000,003,249 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\1341.png [2010-06-23 16:11:20 | 000,003,345 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\12331.png [2010-06-23 16:04:04 | 000,003,249 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\1111.png [2010-06-23 11:12:50 | 003,781,731 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\4234.psd [2010-06-23 10:49:48 | 000,708,470 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\143.png [2010-06-23 09:52:18 | 000,270,087 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\s4startfw7.png [2010-06-23 09:34:04 | 000,116,441 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\2798443503_7d13106fb0.jpg [2010-06-22 20:02:42 | 001,126,144 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\7.psd [2010-06-22 20:02:36 | 000,003,249 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\134.png [2010-06-22 16:59:29 | 000,263,088 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\S4_League_Concept_02.jpg [2010-06-21 09:10:38 | 000,894,976 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\SystemPack.msi [2010-06-21 09:05:50 | 001,755,358 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\111.bmp [2010-06-21 09:05:23 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Nowy Obraz - mapa bitowa (5).bmp [2010-06-20 10:36:09 | 000,330,332 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\127699238452.png [2010-06-20 10:19:10 | 000,006,467 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\127699135078.png [2010-06-19 12:02:43 | 000,013,096 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\rafal.wad [2010-06-19 11:59:41 | 000,037,909 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\guwno.jpg [2010-06-19 11:54:43 | 000,026,481 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\babe39.jpg [2010-06-19 10:42:45 | 000,006,296 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\tempdecal.wad [2010-06-19 10:40:21 | 000,000,928 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Skrót do HLC.lnk [2010-06-19 10:39:07 | 000,108,910 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\hmhm copy.jpg [2010-06-19 09:58:13 | 000,000,565 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Skrót do x22 xRadar v4.0.lnk [2010-06-19 08:16:10 | 000,315,482 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\x22.rar [2010-06-18 21:29:50 | 000,000,235 | ---- | C] () -- C:\Documents and Settings\Tomek\log.txt [2010-06-18 21:29:49 | 000,001,061 | ---- | C] () -- C:\Documents and Settings\Tomek\share.bat [2010-06-18 21:29:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\sysdirec.dll [2010-06-18 20:34:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\pokihgfrthugytfdt.dll [2010-06-18 20:34:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\dfgustfeywu8riey.dll [2010-06-18 20:34:12 | 000,046,080 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\000100100.exe [2010-06-18 18:37:31 | 000,000,912 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Voice Changer 6.0 Diamond.lnk [2010-06-18 17:37:34 | 011,733,833 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\AV Voice Changer Diamond 6.rar [2010-06-18 13:36:52 | 000,000,075 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Counter-Strike.url [2010-06-18 10:04:51 | 000,100,141 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\hmhm.jpg [2010-06-18 09:46:48 | 000,344,752 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\1273382179854.png [2010-06-17 21:15:15 | 000,000,000 | R--- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\F0j6I.txt [2010-06-17 19:34:14 | 000,081,972 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\boxxy copy.jpg [2010-06-17 19:31:45 | 000,921,466 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\boxxy.png [2010-06-17 19:30:21 | 000,099,405 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Boxxy.jpg [2010-06-17 19:24:53 | 000,013,304 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\megan_schimdt.jpg [2010-06-17 15:12:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Nowy Obraz - mapa bitowa (4).bmp [2010-06-17 02:34:20 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\zwpufvk.exe [2010-06-17 02:34:18 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\qgdhjvu.exe [2010-06-17 02:32:44 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\hqznzum.exe [2010-06-17 02:32:12 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\rhajpgp.exe [2010-06-17 01:05:28 | 000,000,000 | R--- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\K1LMf.txt [2010-06-17 01:05:23 | 000,293,888 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\qrfvfwr.exe [2010-06-17 01:03:40 | 000,059,904 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\maketxv.exe [2010-06-17 00:47:50 | 000,059,904 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\edrtgvu.exe [2010-06-17 00:42:01 | 000,059,904 | RHS- | C] () -- C:\WINDOWS\sysdiag64.exe [2010-06-17 00:42:01 | 000,000,000 | R--- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\fj1EH.txt [2010-06-17 00:41:59 | 000,059,904 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\ksaxkws.exe [2010-06-17 00:32:16 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\twucvfw.exe [2010-06-17 00:16:30 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\ncgjsxt.exe [2010-06-17 00:13:55 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\abenguv.exe [2010-06-17 00:11:34 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\yuwkjkk.exe [2010-06-17 00:09:06 | 000,180,736 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\gcfcchf.exe [2010-06-17 00:07:38 | 000,180,736 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\ymyxyot.exe [2010-06-16 23:54:16 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\tdctmya.exe [2010-06-16 23:28:05 | 000,315,517 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\stmwgzm.exe [2010-06-16 23:22:35 | 000,315,517 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\aozmvcc.exe [2010-06-16 22:35:16 | 000,000,000 | R--- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\m71JC.txt [2010-06-16 22:35:14 | 000,082,432 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\iaybnxa.exe [2010-06-16 22:19:01 | 000,318,464 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\bflhamb.exe [2010-06-16 22:13:36 | 000,000,000 | R--- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\em11C.txt [2010-06-16 22:13:32 | 000,318,464 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\kqrskpi.exe [2010-06-15 22:06:12 | 000,142,336 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\eckscge.exe [2010-06-15 22:02:08 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\sysfile.sys [2010-06-15 22:02:08 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\sysdir.sys [2010-06-15 21:53:55 | 000,001,006 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\mjwhytb.exe [2010-06-15 21:50:55 | 000,000,210 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\jaiwqpy.exe [2010-06-15 21:20:06 | 000,021,064 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\111.odt [2010-06-15 20:59:26 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\HijackThis.lnk [2010-06-15 20:00:12 | 000,016,764 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Podatki.odt [2010-06-15 17:19:15 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk [2010-06-15 17:18:47 | 001,588,224 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\SteamInstall.msi [2010-06-15 16:23:07 | 001,964,155 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\wqrfqrwq.psd [2010-06-15 16:04:37 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\ulmdtii.exe [2010-06-15 16:04:12 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\skqwgay.exe [2010-06-15 15:53:24 | 000,035,605 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\SQLite3.dll [2010-06-15 15:38:26 | 000,083,887 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\aiail.jpg [2010-06-15 15:37:15 | 000,328,722 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\xdd.png [2010-06-15 15:16:00 | 001,280,303 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\HLC_1_setup.exe [2010-06-15 15:06:45 | 000,000,382 | --S- | C] () -- C:\WINDOWS\System32\2539083466.dat [2010-06-15 14:16:47 | 000,000,523 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\CS.lnk [2010-06-14 16:01:38 | 000,000,000 | R--- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\BbgMF.txt [2010-06-13 22:09:25 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2010-06-13 21:24:23 | 004,509,480 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Perfect.Optimizer.v5.1.0.250.zip [2010-06-13 21:19:42 | 002,183,470 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin [2010-06-13 20:20:36 | 000,000,362 | ---- | C] () -- C:\WINDOWS\tasks\PerfectOptimizer_home.job [2010-06-13 20:15:00 | 000,000,390 | ---- | C] () -- C:\WINDOWS\tasks\RegCure Program Check.job [2010-06-13 20:14:59 | 000,000,372 | ---- | C] () -- C:\WINDOWS\tasks\RegCure.job [2010-06-13 20:14:57 | 000,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\RegCure.lnk [2010-06-13 20:11:05 | 000,150,528 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\qhhdkqy.exe [2010-06-13 20:09:37 | 000,150,528 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\ggcipdy.exe [2010-06-13 20:08:31 | 000,150,528 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\zqxsuoc.exe [2010-06-13 17:54:31 | 000,104,960 | -H-- | C] () -- C:\WINDOWS\System32\WUDHost.exe [2010-06-13 17:54:31 | 000,104,960 | -H-- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\audiohd.exe [2010-06-13 17:01:26 | 000,045,568 | RHS- | C] () -- C:\WINDOWS\WinRER.exe [2010-06-13 13:31:56 | 000,046,453 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\pizza-torino.jpg [2010-06-12 18:35:23 | 000,122,880 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\nzlylyl.exe [2010-06-12 18:10:46 | 000,122,880 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\sdipduz.exe [2010-06-12 17:45:09 | 000,122,880 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\hestmli.exe [2010-06-12 17:43:21 | 000,122,880 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\ugzlwes.exe [2010-06-12 17:41:05 | 000,122,880 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\plbiadw.exe [2010-06-12 17:07:29 | 000,122,880 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\bwwphed.exe [2010-06-12 16:59:29 | 000,122,880 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\hfpdpqe.exe [2010-06-12 16:57:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\temp4876969.txt [2010-06-12 16:57:38 | 000,122,880 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\qihzmbq.exe [2010-06-11 20:43:32 | 000,133,718 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\rmfkgmz.exe [2010-06-11 14:58:38 | 000,001,781 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sexy.exe [2010-06-11 13:35:45 | 000,021,374 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Testoviron_Depot_Injection.jpg [2010-06-11 03:57:15 | 000,110,014 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\data.dat [2010-06-10 22:19:35 | 000,013,135 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\hmm.JPG [2010-06-10 22:14:46 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Nowy Obraz - mapa bitowa (3).bmp [2010-06-07 15:48:35 | 000,089,604 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\rqprcxi.exe [2010-06-07 15:40:53 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Tomek\app.data [2010-06-07 15:40:51 | 000,089,604 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\rxxxcnr.exe [2010-06-07 08:02:26 | 000,082,432 | ---- | C] () -- C:\WINDOWS\System32\devon.exe [2010-06-06 15:27:00 | 000,634,708 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\xd.jpg [2010-06-06 14:45:17 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\pro.bmp [2010-06-06 14:45:07 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Nowy Obraz - mapa bitowa (2).bmp [2010-06-03 20:54:22 | 003,932,214 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Nowy Obraz - mapa bitowa.bmp [2010-06-03 14:23:05 | 000,000,048 | ---- | C] () -- C:\WINDOWS\wininit.ini [2010-06-03 09:00:52 | 001,297,213 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\27xge1g.gif [2010-06-02 21:42:33 | 000,194,842 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\1yph21.gif [2010-06-02 17:19:26 | 000,077,824 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\opengl32.dll [2010-06-02 17:19:15 | 000,018,102 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Cs_Multihack _ CS_Scripts.pl.rar [2010-06-02 17:15:01 | 000,620,672 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\[cs-scripts.pl] BaDBoY v5.rar [2010-06-02 17:11:50 | 000,167,069 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\[cs-scripts.pl] Senses Fail.rar [2010-06-01 14:41:27 | 004,777,677 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\DSC_3610.jpg [2010-05-30 20:48:10 | 000,000,283 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\aimbot.ini [2010-05-30 20:43:48 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk [2010-05-30 20:23:33 | 051,731,232 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\setup_av_free.exe [2010-05-30 13:50:07 | 000,423,773 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\8D.psd [2010-05-30 13:14:57 | 000,044,913 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\x123.psd [2010-05-29 14:37:43 | 000,163,840 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\aimbot.dll [2010-05-28 21:49:38 | 000,023,021 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\qffnou.png [2010-05-28 21:42:24 | 000,404,448 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\kategorienowe.psd [2010-05-28 20:59:34 | 000,303,304 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\ikoneczki.psd [2010-05-28 20:44:09 | 000,339,436 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\kategorie.psd [2010-05-28 20:32:07 | 000,101,052 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\retro_grafika-1.jpg [2010-05-28 20:21:55 | 002,021,626 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\awea.png [2010-05-28 20:20:58 | 000,993,578 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\1manarmycloudset1.abr [2010-05-28 19:36:26 | 000,057,364 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\qwe452.png [2010-05-28 18:07:59 | 000,065,386 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\1231.png [2010-05-28 17:09:02 | 000,233,994 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\djupa.png [2010-05-28 17:01:37 | 000,208,422 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\dupa.png [2010-05-28 02:09:00 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll [2010-05-26 17:43:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Tomek\Dane aplikacji\chrtmp [2010-05-26 16:14:16 | 000,191,266 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\ramka1.psd [2010-05-26 16:14:16 | 000,149,928 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\ramka2.psd [2010-05-26 16:14:16 | 000,120,460 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\panel.psd [2010-05-26 16:14:16 | 000,119,172 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\stopka.psd [2010-05-26 16:13:42 | 000,019,985 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\134.odt [2010-05-26 16:10:37 | 000,115,315 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\grafiki.rar [2010-05-26 15:28:32 | 000,026,303 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Nowy OpenDocument Dokument tekstowy.odt [2010-05-25 22:20:27 | 000,000,152 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Tobys Counter-Strike - Cheat - Hack - Guides - Tweaks - Downloads and much more!.url [2010-05-25 22:19:01 | 001,379,952 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Fighter FX 7.2.rar [2010-05-25 21:28:04 | 001,632,468 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\HEADZOTS_V2.4_PUBLIC.rar [2010-05-25 20:32:57 | 000,067,861 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\ea97cad0c680.jpg [2010-05-25 19:58:58 | 015,037,059 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\qfpa.psd [2010-05-25 18:26:23 | 000,148,480 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\FuRiousSP.dll [2010-05-25 18:26:23 | 000,035,764 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\FuRiousSP.cfg [2010-05-25 18:26:16 | 000,463,119 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\FuRious_SP-X_11.07.zip [2010-05-25 13:40:02 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-05-25 07:12:29 | 001,610,630 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\niezapomniana osiemnastka.mp4 [2010-05-25 07:04:06 | 003,971,524 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\nightwish - wish i had an angel.mp31274763713_[mp3.teledyski.info].mp3 [2010-05-25 07:04:01 | 003,798,862 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\nightwish - amaranth.mp31274763707_[mp3.teledyski.info].mp3 [2010-05-24 22:00:47 | 004,689,996 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\timbaland - if we ever meet again.mp31274731462_[mp3.teledyski.info].mp3 [2010-05-24 21:48:41 | 005,302,306 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\lady gaga - paparazzi.mp31274730682_[mp3.teledyski.info].mp3 [2010-05-24 21:48:05 | 004,228,569 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\lady gaga - bad romance (radio edit).mp31274730700_[mp3.teledyski.info].mp3 [2010-05-24 21:47:39 | 003,462,450 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\lady gaga - telephone ft. beyonce (official cover) by bangin productions .mp31274730621_[mp3.teledyski.info].mp3 [2010-05-24 21:43:10 | 003,229,739 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Dimitri o walce Pudzian vs Sylvia.mp4 [2010-05-24 21:42:17 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\YouTube Downloader.lnk [2010-05-24 21:41:36 | 003,170,832 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\YouTubeDownloaderSetup255_[www.programosy.pl].exe [2010-05-23 12:56:49 | 004,759,040 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\cortona3d.msi [2010-05-23 11:48:14 | 000,006,535 | ---- | C] () -- C:\de_kurej.map [2010-05-23 11:09:55 | 000,174,700 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\cs_demomap.zip [2010-05-23 09:59:33 | 000,001,801 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Valve Hammer Editor.lnk [2010-05-23 09:59:33 | 000,000,819 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Valve Hammer Editor Help.lnk [2010-05-23 09:59:00 | 000,152,854 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\zhlt253-17.zip [2010-05-23 09:58:55 | 002,142,766 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\hammer_v34.exe [2010-05-20 16:09:45 | 000,263,445 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\1234.JPG [2010-05-20 16:02:21 | 002,147,486 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\1234.png [2010-05-18 14:44:00 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Google Earth.lnk [2010-05-17 16:43:43 | 000,000,586 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\ATLANTIKA.lnk [2010-05-16 21:47:30 | 002,053,064 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\sly.png [2010-05-16 21:33:38 | 000,039,947 | ---- | C] () -- C:\Documents and Settings\Tomek\Moje dokumenty\Bez tytułu 1.odt [2010-05-16 20:45:01 | 000,000,864 | ---- | C] () -- C:\Documents and Settings\Tomek\Menu Start\Programy\Autostart\OpenOffice.org 3.2.lnk [2010-05-16 20:44:01 | 000,000,967 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenOffice.org 3.2.lnk [2010-05-16 19:57:51 | 001,287,662 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\x134.jpg [2010-05-16 19:51:00 | 139,699,360 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\OOo_3.2.0_Win32Intel_install_pl.exe [2010-05-16 11:21:02 | 000,008,108 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\system.zip [2010-05-14 19:37:44 | 000,001,543 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Hitman - Krwawa Forsa.lnk [2010-05-14 19:37:23 | 000,154,327 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\hbm_ecn.exe [2010-05-14 19:37:17 | 000,049,680 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\hbm_ecn_v1.2.rar [2010-05-14 19:24:10 | 001,076,686 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Hitman_Blood_Money.rar [2010-05-14 19:12:59 | 000,144,384 | ---- | C] () -- C:\WINDOWS\System32\miccyhook.dll [2010-05-14 19:12:57 | 000,089,088 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\unl-hitmanbm.exe [2010-05-14 19:12:57 | 000,004,062 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\unleashed.nfo [2010-05-14 19:12:57 | 000,000,050 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\GamesTrainer.URL [2010-05-14 19:12:52 | 000,085,891 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\hitbloodmtrn10.zip [2010-05-14 19:06:07 | 000,200,980 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\hbm-anji-1.zip [2010-05-13 17:09:38 | 000,518,045 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\XD.png [2010-05-13 15:49:45 | 000,002,675 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\nav.bottom.png [2010-05-13 15:49:41 | 000,009,925 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\nav.top.png [2010-05-07 16:02:23 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk [2010-05-07 16:02:18 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010-05-03 14:26:07 | 000,028,632 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\Kingdom_Hearts_Font.ttf [2010-04-28 18:49:33 | 000,000,230 | ---- | C] () -- C:\Documents and Settings\Tomek\Pulpit\pattern_145.gif [2010-04-01 10:09:38 | 000,000,016 | ---- | C] () -- C:\WINDOWS\backodbc.ini [2010-04-01 10:09:36 | 000,006,852 | ---- | C] () -- C:\WINDOWS\System32\drivers\Vcs.sys [2010-03-28 15:28:11 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2010-03-13 14:01:40 | 000,000,143 | ---- | C] () -- C:\WINDOWS\GKLauncherInfo.ini [2010-03-09 17:11:02 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini [2010-03-09 17:11:01 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-03-09 17:11:01 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-03-09 17:11:01 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll [2010-03-09 17:11:01 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll [2010-03-09 17:11:01 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll [2010-03-09 17:11:01 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll [2010-03-09 17:11:01 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll [2010-03-09 17:11:01 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll [2010-03-09 17:11:01 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll [2010-03-09 17:11:01 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll [2010-02-24 15:57:31 | 000,000,871 | ---- | C] () -- C:\WINDOWS\disney.ini [2010-02-23 16:43:10 | 000,138,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010-02-23 16:42:23 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini [2007-11-26 22:56:28 | 000,151,415 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2006-03-02 14:00:00 | 000,047,978 | ---- | C] () -- C:\WINDOWS\System32\acledito.sys [2006-03-02 14:00:00 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\disk.sys [2006-03-02 14:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2004-10-11 12:19:00 | 000,092,672 | ---- | C] () -- C:\WINDOWS\System32\ASUSASV2.DLL [1996-04-03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys [color=#E56717]========== LOP Check ==========[/color] [2010-05-30 20:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2010-05-30 20:40:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9 [2010-05-07 16:01:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-02-24 16:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Fallout3 [2010-02-22 11:47:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-03-04 18:50:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonJP [2010-06-13 20:18:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\RegCure [2010-06-19 14:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-03-17 22:14:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2010-06-18 11:59:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\Application Updater [2010-05-07 17:12:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\DAEMON Tools Lite [2010-06-14 15:36:44 | 000,000,000 | RHSD | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\dll [2010-02-24 16:26:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\Gadu-Gadu 10 [2010-05-27 21:39:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\Octoshape [2010-05-16 20:44:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\OpenOffice.org [2010-02-20 20:22:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\Opera [2010-06-11 14:57:16 | 000,000,000 | RHSD | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\recyclerr [2010-03-28 16:03:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\Samsung [2010-05-26 17:12:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\Search Settings [2010-03-06 20:52:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\Touchstone [2010-04-01 22:37:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\TS3Client [2010-05-26 17:12:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomek\Dane aplikacji\YouTube Downloader [2010-06-23 12:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\Tasks\PerfectOptimizer_home.job [2010-06-23 17:00:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure Program Check.job [2010-06-24 04:31:00 | 000,000,372 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-02-20 19:18:26 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-02-20 19:14:52 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2006-03-02 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010-03-28 16:05:01 | 000,000,074 | ---- | M] () -- C:\CMLoader.log [2010-02-20 19:18:26 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-02-20 19:41:41 | 000,000,143 | ---- | M] () -- C:\csb.log [2010-05-23 11:48:14 | 000,006,535 | ---- | M] () -- C:\de_kurej.map [2010-02-20 19:18:26 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-02-20 19:18:26 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2006-03-02 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2006-03-02 14:00:00 | 000,250,624 | RHS- | M] () -- C:\ntldr [2010-06-24 06:39:10 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [2010-02-20 19:40:09 | 000,000,429 | ---- | M] () -- C:\RHDSetup.log [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\atapi.sys [2004-08-03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys [2004-08-03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [2006-03-02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys [2004-08-03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\cdrom.sys [2006-03-02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [2008-04-14 19:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\ndis.sys [2006-03-02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys [2006-03-02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe [2006-03-13 21:19:10 | 000,882,697 | RHS- | M] (Wyntid) MD5=32F2B0263F1565DE1AE8FA66B664F00C -- C:\WINDOWS\system32\update\WinLogon.exe [2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\winlogon.exe [2010-06-18 20:02:12 | 000,292,352 | -H-- | M] (Avira AntiVir) MD5=84E8C581B63955AF6145D1AE5E69F50F -- C:\WINDOWS\system32\explorer\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 24 bytes -> C:\WINDOWS:DF03936973062032 @Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF < End of report > [/log] Właśnie koncze skanowanie Anti-Malwarem. @ [log] Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Wersja bazy: 4232 Windows 5.1.2600 Dodatek Service Pack 2 Internet Explorer 6.0.2900.2180 2010-06-24 07:00:09 mbam-log-2010-06-24 (07-00-09).txt Typ skanowania: Szybkie skanowanie Przeskanowano obiektów: 118538 Upłynęło: 6 minut(y), 42 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 16 Zainfekowanych wartości rejestru: 9 Zainfekowane informacje rejestru systemowego: 5 Zainfekowanych folderów: 14 Zainfekowanych plików: 141 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{0t42uxfe-727e-u2b0-a4m4-cg0tj4bt66em} (Generic.Bot.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{150fv203-04i5-op3i-2y0o-fslr456xme5q} (Generic.Bot.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{50m01oyg-714s-l365-7148-1i63ys686768} (Generic.Bot.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5q2wkw13-n2qt-03ws-o626-oq10i73k2l70} (Generic.Bot.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{c8btmr41-qs64-h753-3o51-574281373i7r} (Generic.Bot.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{hr2t4jf2-2rpl-y2bc-ra2f-66uhkhl15k63} (Generic.Bot.H) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{08b0e5jf-4fcb-11cf-aaa5-00401c6xx500} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\.pox (Rogue.FixTool) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\pofile (Rogue.FixTool) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\VB and VBA Program Settings\Microwsoft (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\victim (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Quarantined and deleted successfully. Zainfekowanych wartości rejestru: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\windows (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\microsoft (Backdoor.IRCBot) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\microsoft (Backdoor.IRCBot) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\policies (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hkcu (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\uid (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\policies (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hklm (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run\microsoft corpo (Trojan.Agent) -> Quarantined and deleted successfully. Zainfekowane informacje rejestru systemowego: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe C:\Documents and Settings\Tomek\Dane aplikacji\lsass.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.Userinit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\Tomek\Dane aplikacji\recyclerr\recyclerr.exe,C:\Documents and Settings\Tomek\Dane aplikacji\dll\svchost.exe,userinit.exe) Good: (Userinit.exe) -> Quarantined and deleted successfully. Zainfekowanych folderów: C:\Program Files\Perfect Optimizer (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully. C:\Program Files\Perfect Optimizer\Backup (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully. C:\Program Files\Perfect Optimizer\Backup\Application (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully. C:\Program Files\Perfect Optimizer\Backup\Registry (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully. C:\Program Files\Perfect Optimizer\Backup\Registry\FirstBackup (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully. C:\Program Files\Perfect Optimizer\Backup\Registry\FullBackup (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully. C:\Program Files\Perfect Optimizer\Backup\Service (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully. C:\Program Files\Perfect Optimizer\Temp (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully. C:\directory\CyberGate (Trojan.PWS) -> Quarantined and deleted successfully. C:\directory\CyberGate\install (Trojan.PWS) -> Quarantined and deleted successfully. C:\WINDOWS\system32\lowsec (Stolen.data) -> Quarantined and deleted successfully. C:\WINDOWS\system32\Microsoft_KB57H43 (Trojan.Backdoor) -> Quarantined and deleted successfully. C:\WINDOWS\system32\System32 (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\Winbooterr (Trojan.Backdoor) -> Quarantined and deleted successfully. Zainfekowanych plików: C:\WINDOWS\system32\Winbooter\win32svc.exe (Generic.Bot.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\System32\winupdater.exe (Generic.Bot.H) -> Quarantined and deleted successfully. C:\WINDOWS\install\server.exe (Generic.Bot.H) -> Quarantined and deleted successfully. C:\WINDOWS\WlnUpdates32\xpupdates32.exe (Generic.Bot.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\update\WinLogon.exe (Generic.Bot.H) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\a.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\abenguv.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\audiohd.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\bflhamb.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\bshpxqehb.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\bspiaqr.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\qbhbmhp.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\qgdhjvu.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\qhhdkqy.exe (Trojan.Ircbrute) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\qrfvfwr.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\rhajpgp.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\skqwgay.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\tdctmya.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\twucvfw.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\ggcipdy.exe (Trojan.Ircbrute) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\hqgbtpsbv.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\hqznzum.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\kqrskpi.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\ksaxkws.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\diqninl.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\dzaqqci.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\edrtgvu.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\ulmdtii.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\wfggxgn.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\xdnrxmf.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\yuwkjkk.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\zqxsuoc.exe (Trojan.Ircbrute) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\zwpufvk.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\maketxv.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\mbklpkfov.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\ncgjsxt.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\nuidznm.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc1008 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc1009.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc1068 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc119.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc1204.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc180 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc200 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc1201.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc1202.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc175 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc176 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc198 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc207 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc212 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc214 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc229 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc234 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc235 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc246 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc247 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc248 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc253 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc258.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc259 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc277 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc279 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc287 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc305 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc46.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc49.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc52.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc568 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc59.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc622 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc624 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc636.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc644 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc647.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc648.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc69.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc639 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc73.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc77.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc78.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc91 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc1029 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc1055 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc1059 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc1067 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc1074 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc1075 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc1076 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc1106 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc1205.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc1210.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc1219.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc122 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc1226 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc1228 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc1232 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc1234 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc1235 (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1454471165-1284227242-725345543-1004\Dc1248.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. C:\WINDOWS\system32\msiexec.exe.tmp (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\WINDOWS\system32\WUDHost.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Ustawienia lokalne\Temp\dialup.exe (Hacktool.Dialupass) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Ustawienia lokalne\Temp\4FtcWvig (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Ustawienia lokalne\Temp\9fVjCLki (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Ustawienia lokalne\Temp\gxLPxyJB (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Ustawienia lokalne\Temp\N9VtGgAq (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Ustawienia lokalne\Temp\QIpZ51tK (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Ustawienia lokalne\Temp\svchost.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Ustawienia lokalne\Temp\Y85Ru9qv (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Ustawienia lokalne\Temp\104574500_1277319439.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Ustawienia lokalne\Temp\1kpXjYxi (Malware.Packer.Morphine) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\B17N1JmmE0.log (Backdoor.Gootkit) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\e1bm0E61H6.log (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\eraseme_85158.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\fk6b7GIiIJ.log (Backdoor.Gootkit) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\FM1le6M6i7.log (Backdoor.Gootkit) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\g7J6kFi11K.log (Backdoor.Gootkit) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\1276706380.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\n0ise.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. C:\WINDOWS\sysdiag64.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\WINDOWS\mmindsrv.exe (Spyware.Dybalom) -> Quarantined and deleted successfully. C:\Program Files\Perfect Optimizer\PerfectOptimizer.ini (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully. C:\directory\CyberGate\install\update.exe (Trojan.PWS) -> Quarantined and deleted successfully. C:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> Quarantined and deleted successfully. C:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\data.dat (Stolen.Data) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\addons.dat (Bifrose.Trace) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\cglogs.dat (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\config\systemprofile\Dane aplikacji\cglogs.dat (Malware.Trace) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\logs.dat (Bifrose.Trace) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\Microsoft\svchost.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Dane aplikacji\Microsoft\winlog.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\devon.exe (Trojan.Backdoor) -> Quarantined and deleted successfully. C:\WINDOWS\system32\explorer\winlogon.exe (Backdoor.SpyNet.M) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Ustawienia lokalne\Temp\IEPASS.abc (Malware.Trace) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Ustawienia lokalne\Temp\mspass.exe (HackTool.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Ustawienia lokalne\Temp\UuU.uUu (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\UuU.uUu (Malware.Trace) -> Quarantined and deleted successfully. C:\Documents and Settings\Tomek\Ustawienia lokalne\Temp\XxX.xXx (Malware.Trace) -> Delete on reboot. [/log]
Gość komentarz 24 czerwca 2010 komentarz 24 czerwca 2010 daj log z ComboFixa -> http://www.bleepingcomputer.com/combofix/pl/instrukcja-uzycia-combofix
Mateusz J. komentarz 24 czerwca 2010 komentarz 24 czerwca 2010 OTL nie wykonał poleceń. Pobierz program ComboFix, ze strony podanej od usera wyżej. Następnie do notatnika wklej: [code]File:: C:\WINDOWS\system32\install\svchost.exe C:\Documents and Settings\Tomek\Dane aplikacji\AsyxSys.exe C:\Documents and Settings\Tomek\Dane aplikacji\csrsss.exe C:\WINDOWS\system32\install\Mscvhost.exe C:\Documents and Settings\Tomek\Dane aplikacji\AsyxSys.exe C:\Documents and Settings\Tomek\Dane aplikacji\csrsss.exe C:\WINDOWS\system32\install\Mscvhost.exe C:\Documents and Settings\Tomek\Dane aplikacji\lsass.exe C:\Documents and Settings\Tomek\Moje dokumenty\System32 C:\Documents and Settings\Tomek\Dane aplikacji\rundll32.exe C:\Documents and Settings\Tomek\Dane aplikacji\AsyxSys.exe C:\Documents and Settings\Tomek\Dane aplikacji\csrsss.exe C:\Documents and Settings\Tomek\Dane aplikacji\lsass.exe C:\Documents and Settings\Tomek\Moje dokumenty\System32\eckscge.exe C:\Documents and Settings\Tomek\Dane aplikacji\rundll32.exe C:\WINDOWS\system32\mmindsrv.exe C:\Documents and Settings\Tomek\Dane aplikacji\HCKU.exe C:\Documents and Settings\Tomek\Dane aplikacji\rundll32.exe C:\WINDOWS\system32\Microsoft_KB57H43\update.exe C:\Documents and Settings\Tomek\Dane aplikacji\services32.exe C:\Documents and Settings\Tomek\Dane aplikacji\dzaqqci.exe C:\Documents and Settings\Tomek\Dane aplikacji\wfggxgn.exe C:\Documents and Settings\Tomek\Dane aplikacji\whjxfrt.exe C:\Documents and Settings\Tomek\Dane aplikacji\zaexfbl.exe C:\Documents and Settings\Tomek\Dane aplikacji\tdxzbcp.exe C:\Documents and Settings\Tomek\Dane aplikacji\xytshng.exe C:\Documents and Settings\Tomek\ThisIsNotABackdoor.exe C:\Documents and Settings\Tomek\Moje dokumenty\System32 C:\Documents and Settings\Tomek\Dane aplikacji\olsgcpk.exe C:\Documents and Settings\Tomek\Dane aplikacji\ykkwhej.exe C:\Documents and Settings\Tomek\Dane aplikacji\lerkjfu.exe C:\Documents and Settings\Tomek\Dane aplikacji\plebupk.exe C:\Documents and Settings\Tomek\Dane aplikacji\wrqgtob.exe C:\Documents and Settings\Tomek\Dane aplikacji\bmlotyh.exe C:\Documents and Settings\Tomek\Dane aplikacji\arnidnd.exe C:\Documents and Settings\Tomek\Dane aplikacji\bcwcwad.exe C:\Documents and Settings\Tomek\Dane aplikacji\kizsoio.exe C:\Documents and Settings\Tomek\Dane aplikacji\ekamfif.exe C:\Documents and Settings\Tomek\Dane aplikacji\txiajes.exe C:\Documents and Settings\Tomek\Dane aplikacji\mmruxjy.exe C:\Documents and Settings\Tomek\Pulpit\clicker.exe C:\WINDOWS\System32\OpenCL.dll C:\Documents and Settings\Tomek\Dane aplikacji\tovnuuc.exe C:\Documents and Settings\Tomek\Dane aplikacji\jnrfsha.exe C:\Documents and Settings\Tomek\Dane aplikacji\xxgkxvl.exe C:\Documents and Settings\Tomek\Dane aplikacji\lyhydvg.exe C:\Documents and Settings\Tomek\Dane aplikacji\qukndgp.exe C:\Documents and Settings\Tomek\Dane aplikacji\xxufpqm.exe C:\Documents and Settings\All Users\Dane aplikacji\RegCure C:\Documents and Settings\Tomek\Dane aplikacji\ljiodvt.exe C:\Documents and Settings\Tomek\Dane aplikacji\nuidznm.exe C:\Documents and Settings\Tomek\Dane aplikacji\bspiaqr.exe C:\Documents and Settings\Tomek\Dane aplikacji\qbhbmhp.exe C:\Documents and Settings\Tomek\Dane aplikacji\diqninl.exe C:\Documents and Settings\Tomek\Dane aplikacji\xdnrxmf.exe C:\Documents and Settings\Tomek\Dane aplikacji\bshpxqehb.exe C:\WINDOWS\mmindsrv.exe C:\Documents and Settings\Tomek\Dane aplikacji\hqgbtpsbv.exe C:\Documents and Settings\Tomek\Dane aplikacji\mbklpkfov.exe Folder:: c:\Program Files\Common Files\Akamai C:\WINDOWS\System32\explorer C:\WINDOWS\WINDOWS C:\Program Files\Trend Micro C:\WINDOWS\System32\lowsec C:\Program Files\Perfect Optimizer C:\Documents and Settings\Tomek\Pulpit\CS1 C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\PCHealth C:\Documents and Settings\Tomek\Dane aplikacji\dll Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HKLM"=- "Microsoft"=- "System Security Enhancements Service]"=- "Windows Defender"=- [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AsyxSys.exe"=- "csrsss"=- "CTFMON.EXE"=- "Developer Operations Network"=- "install"=- "Java Sched Updater"=- "Microsoft Windows Hosting Service Login"=- "MSWUpdate"=- "Security System"=- "Startup"=- "System"=- "Task Manager"=- "userinit"=- "Windows"=- "Windows Firewall"=- [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AsyxSys.exe"=- "csrsss"=- "CTFMON.EXE"=- "Developer Operations Network"=- "install"=- "Java Sched Updater"=- "Microsoft Windows Hosting Service Login"=- "MSWUpdate"=- "Security Systemę"=- "Startup"=- "System"=- "Task Manager"=- "userinit"=- "Windows"=- "Windows Firewall"=- [HKEY_USERS\S-1-5-21-1454471165-1284227242-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HKCU"=- "Microsoft"=- "Windows Defender"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Shell"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Shell"="explorer.exe" [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] [/code]W notatniku zakladka Plik ==> Zapisz jako ==> zapisz pod nazwą[b] CFScript.txt[/b] i zapisz go w tym katalogu co ściągnięty i zapisany został [b]combofix[/b] Na ikonę [b]ComboFix[/b] przeciągasz zrobiony plik [b]CFScript.txt[/b] Rozpocznie się usuwanie [b]i powstanie log , który pokazujesz na forum.[/b]
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.