x-kom hosting

Podejrzenie Infekcji dziwne zachowania

Filo1
utworzono
utworzono (edytowane)

Witam od paru dni wydaje mi się że coś siedzi w moim pc
proszę o sprawdzenie loga z OTL
zaczęło się to dziać po wyłączeniu Nortona na pół dnia
[log]OTL logfile created on: 2010-06-25 11:39:27 - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Filo\Moje dokumenty\Pobieranie
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1 022,00 Mb Total Physical Memory | 147,00 Mb Available Physical Memory | 14,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 34,38 Gb Free Space | 70,41% Space Free | Partition Type: NTFS
Drive D: | 184,05 Gb Total Space | 171,49 Gb Free Space | 93,18% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FILIP
Current User Name: Filo
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-06-25 11:35:47 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Filo\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2010-06-23 23:04:35 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-06-23 23:04:31 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-05-19 10:44:14 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2010-05-19 10:38:38 | 002,736,128 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
PRC - [2010-04-15 22:38:31 | 001,860,736 | ---- | M] (TMRG, Inc.) -- C:\Program Files\RelevantKnowledge\rlvknlg.exe
PRC - [2010-04-15 21:04:52 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-03-30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2010-03-24 20:17:47 | 000,952,768 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
PRC - [2010-03-12 00:14:00 | 011,792,992 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2010-03-09 04:52:49 | 000,015,872 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2010-02-26 07:10:20 | 021,979,992 | ---- | M] () -- C:\Documents and Settings\Filo\Dane aplikacji\Dropbox\bin\Dropbox.exe
PRC - [2010-02-26 02:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2009-12-20 00:00:00 | 006,095,504 | ---- | M] (MySQL AB) -- C:\Xampp\xampp\mysql\bin\mysqld.exe
PRC - [2009-12-20 00:00:00 | 000,029,416 | ---- | M] (Apache Software Foundation) -- C:\Xampp\xampp\apache\bin\httpd.exe
PRC - [2009-12-10 11:20:06 | 001,643,872 | ---- | M] (ClanServers Hosting LLC) -- C:\Program Files\GameTracker\GSInGameService.exe
PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
PRC - [2009-06-25 08:07:40 | 017,887,232 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2009-04-30 11:23:26 | 000,090,112 | ---- | M] () -- D:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
PRC - [2008-10-24 19:27:40 | 000,069,632 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2008-10-24 19:21:24 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
PRC - [2008-10-14 12:07:14 | 000,274,432 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\ZTEMF636\CardDetector.exe
PRC - [2007-06-28 18:43:00 | 000,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2006-12-23 18:05:20 | 000,143,360 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006-12-23 18:04:42 | 000,905,216 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2006-12-23 17:54:04 | 000,262,144 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2006-05-13 21:30:40 | 000,571,392 | ---- | M] (No-IP.pl) -- C:\Program Files\No-IP Client\noipclient.exe
PRC - [2006-03-02 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2006-03-02 14:00:00 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2006-03-02 14:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2006-03-02 14:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2006-03-02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2006-03-02 14:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2006-03-02 14:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2006-03-02 14:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe
PRC - [2006-03-02 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HTTPFILTER]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [BTHSVCS]
PRC - [2006-03-02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2006-03-02 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2005-06-11 01:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2004-10-13 18:24:37 | 001,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2004-08-11 01:45:04 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-06-25 11:35:47 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Filo\Moje dokumenty\Pobieranie\OTL.exe
MOD - [2010-04-15 22:38:27 | 000,389,760 | ---- | M] (TMRG, Inc.) -- C:\Program Files\RelevantKnowledge\rlls.dll
MOD - [2010-03-09 04:55:54 | 000,004,608 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerHook.dll
MOD - [2007-06-28 18:43:00 | 001,474,560 | ---- | M] () -- C:\WINDOWS\system32\nview.dll
MOD - [2007-06-28 18:43:00 | 000,294,912 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwrspl.dll
MOD - [2007-06-28 18:43:00 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll
MOD - [2007-03-16 22:10:44 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\RelevantKnowledge\MSVCP71.DLL
MOD - [2007-03-16 22:10:44 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\RelevantKnowledge\MSVCR71.DLL
MOD - [2006-05-10 07:25:25 | 000,660,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2006-05-10 07:25:25 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2006-03-17 06:08:07 | 008,480,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2006-03-02 14:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2006-03-02 14:00:00 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2006-03-02 14:00:00 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2006-03-02 14:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2006-03-02 14:00:00 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2006-03-02 14:00:00 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2006-03-02 14:00:00 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2006-03-02 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2006-03-02 14:00:00 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2006-03-02 14:00:00 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2006-03-02 14:00:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2006-03-02 14:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2006-03-02 14:00:00 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2006-03-02 14:00:00 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2006-03-02 14:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2006-03-02 14:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2006-03-02 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2006-03-02 14:00:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2006-03-02 14:00:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2006-03-02 14:00:00 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll
MOD - [2006-03-02 14:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2006-03-02 14:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2006-03-02 14:00:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2006-03-02 14:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2006-03-02 14:00:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2006-03-02 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2006-03-02 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2006-03-02 14:00:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2006-03-02 14:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2006-03-02 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2006-03-02 14:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2006-03-02 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2005-12-29 04:56:06 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2005-07-26 06:42:36 | 001,284,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2005-07-26 06:42:33 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2005-03-02 20:18:38 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-04-04 21:50:00 | 003,502,176 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2010-03-30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010-02-26 02:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe -- (NAV)
SRV - [2009-12-20 00:00:00 | 006,095,504 | ---- | M] (MySQL AB) [Auto | Running] -- C:\Xampp\xampp\mysql\bin\mysqld.exe -- (MySQL)
SRV - [2009-12-20 00:00:00 | 000,029,416 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Xampp\xampp\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2009-12-10 11:20:06 | 001,643,872 | ---- | M] (ClanServers Hosting LLC) [Auto | Running] -- C:\Program Files\GameTracker\GSInGameService.exe -- (GS In-Game Service)
SRV - [2009-04-30 11:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- D:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2008-10-24 19:27:40 | 000,069,632 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-06-12 12:18:53 | 001,347,504 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100624.037\NAVEX15.SYS -- (NAVEX15)
DRV - [2010-06-12 12:18:53 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010-06-12 12:18:53 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010-06-12 12:18:53 | 000,085,552 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100624.037\NAVENG.SYS -- (NAVENG)
DRV - [2010-05-28 21:33:19 | 000,331,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100624.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010-05-22 20:16:04 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100619.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010-05-06 06:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NAV\1107000.00C\SYMTDI.SYS -- (SYMTDI)
DRV - [2010-05-01 13:53:42 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010-04-29 07:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1107000.00C\Ironx86.SYS -- (SymIRON)
DRV - [2010-04-23 18:53:48 | 000,002,688 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\FortressMU\FortressMU 2010\fortressmu 2010 muguard\MuGuard\llck1.sys -- (LLRING0)
DRV - [2010-04-22 05:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1107000.00C\SYMEFA.SYS -- (SymEFA)
DRV - [2010-04-22 04:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\NAV\1107000.00C\SRTSP.SYS -- (SRTSP)
DRV - [2010-04-22 04:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1107000.00C\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010-04-21 14:41:15 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-02-26 02:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1107000.00C\ccHPx86.sys -- (ccHP)
DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009-08-30 02:17:18 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1107000.00C\SYMDS.SYS -- (SymDS)
DRV - [2009-06-29 13:59:14 | 000,142,592 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009-06-25 08:07:44 | 005,095,936 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009-06-25 08:07:40 | 001,684,736 | R--- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009-06-25 08:07:40 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2008-10-14 12:07:50 | 000,103,936 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2008-10-14 12:07:50 | 000,103,936 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmeaext.sys -- (ZTEusbnmeaext)
DRV - [2008-10-14 12:07:50 | 000,103,936 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2008-10-14 12:07:50 | 000,103,936 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2008-10-14 09:10:30 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2008-06-16 10:13:46 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2008-05-16 11:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008-05-16 11:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008-05-16 11:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008-05-16 11:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008-05-16 11:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008-05-16 11:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008-05-16 11:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2007-07-25 10:20:34 | 001,748,992 | R--- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\msicpl.dll -- (MSICPL)
DRV - [2007-06-28 18:43:00 | 006,807,328 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006-09-24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006-06-16 13:56:38 | 000,083,968 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006-03-02 14:00:00 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2005-03-02 12:44:00 | 000,465,988 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HCWBT8xx.sys -- (HCWBT8XX)
DRV - [2005-01-07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2005-01-07 17:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.pcf.pl/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pcf.pl/

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pcf.pl/

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pcf.pl/

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pcf.pl/

IE - HKU\S-1-5-21-484763869-1547161642-839522115-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pcf.pl/
IE - HKU\S-1-5-21-484763869-1547161642-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3

FF - HKLM\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\IPSFFPlgn\ [2010-05-26 14:40:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-06-24 22:58:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-06-23 23:04:35 | 000,000,000 | ---D | M]

[2010-04-14 21:40:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filo\Dane aplikacji\Mozilla\Extensions
[2010-06-24 21:37:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filo\Dane aplikacji\Mozilla\Firefox\Profiles\6ck0ha1d.default\extensions
[2010-05-06 15:36:12 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Filo\Dane aplikacji\Mozilla\Firefox\Profiles\6ck0ha1d.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010-05-06 15:22:22 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Filo\Dane aplikacji\Mozilla\Firefox\Profiles\6ck0ha1d.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010-06-24 21:37:55 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-05-04 20:46:10 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010-04-15 21:04:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-04-15 21:04:52 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-04-01 19:33:11 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-04-01 19:33:11 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-04-01 19:33:11 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-04-01 19:33:11 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-04-01 19:33:11 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-04-01 19:33:11 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2006-03-02 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (Steganos Internet Anonym) - {00000000-5736-4205-0008-f7ed0776fb27} - c:\Program Files\Steganos Internet Anonym 2006\SIA2006iep.dll ()
O3 - HKU\S-1-5-21-484763869-1547161642-839522115-1005\..\Toolbar\WebBrowser: (Steganos Internet Anonym) - {00000000-5736-4205-0008-F7ED0776FB27} - c:\Program Files\Steganos Internet Anonym 2006\SIA2006iep.dll ()
O4 - HKLM..\Run: [BEWINTERNET-PL-IEWSessionManager] D:\Orange\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [CardDetectorZTEMF636] C:\Program Files\CardDetector\ZTEMF636\CardDetector.exe (France Telecom SA)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [No-IP Client 1.42] C:\Program Files\No-IP Client\noipclient.exe (No-IP.pl)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RelevantKnowledge] C:\Program Files\RelevantKnowledge\rlvknlg.exe (TMRG, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [WinSys2] C:\WINDOWS\system32\WinSys2.exe ()
O4 - HKU\S-1-5-21-484763869-1547161642-839522115-1005..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-484763869-1547161642-839522115-1005..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-484763869-1547161642-839522115-1005..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-484763869-1547161642-839522115-1005..\Run: [GameTracker] C:\Program Files\GameTracker\GTLite.exe (ClanServers Hosting LLC)
O4 - HKU\S-1-5-21-484763869-1547161642-839522115-1005..\Run: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe ()
O4 - HKU\S-1-5-21-484763869-1547161642-839522115-1005..\Run: [Sony Ericsson PC Suite] D:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - HKU\.DEFAULT..\RunOnce: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe ()
O4 - HKU\S-1-5-18..\RunOnce: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe ()
O4 - HKU\S-1-5-20..\RunOnce: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe ()
O4 - Startup: C:\Documents and Settings\Filo\Menu Start\Programy\Autostart\Dropbox.lnk = C:\Documents and Settings\Filo\Dane aplikacji\Dropbox\bin\Dropbox.exe ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-484763869-1547161642-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Secure Surfing Engine\sselsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Secure Surfing Engine\sselsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Secure Surfing Engine\sselsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Secure Surfing Engine\sselsp.dll ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab (Java Plug-in 1.5.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-04-14 20:08:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{13b477ff-47f2-11df-9416-00006043af17}\Shell - "" = AutoRun
O33 - MountPoints2\{13b477ff-47f2-11df-9416-00006043af17}\Shell\AutoRun\command - "" = F:\AutoRunCardDetector.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010-04-14 20:08:08 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-06-22 23:08:58 | 000,000,000 | ---D | C] -- C:\Program Files\SnadBoy's Revelation v2
[2010-06-22 19:36:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010-06-21 20:51:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2010-06-21 20:51:13 | 000,130,048 | R--- | C] (www.madshi.net) -- C:\WINDOWS\System32\MadCHook.dll
[2010-06-21 20:51:04 | 000,114,688 | R--- | C] (Crystal Dew World) -- C:\WINDOWS\System32\sysinfo.dll
[2010-06-21 20:51:01 | 001,748,992 | R--- | C] (MSI) -- C:\WINDOWS\System32\msicpl.dll
[2010-06-21 15:28:17 | 000,000,000 | ---D | C] -- C:\Program Files\BigBrotherBot_1.3.2
[2010-06-21 15:24:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Pulpit\Nowy folder
[2010-06-21 15:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Pulpit\extplugins
[2010-06-16 16:16:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010-06-12 12:43:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Moje dokumenty\My SureThing Projects
[2010-06-12 12:42:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\MicroVision Applications
[2010-06-12 12:42:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SureThing Shared
[2010-06-12 12:42:40 | 000,000,000 | ---D | C] -- C:\Program Files\SureThing CD Labeler 5
[2010-05-26 15:24:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Hewlett-Packard
[2010-05-25 15:09:55 | 000,000,000 | ---D | C] -- C:\Program Files\RelevantKnowledge
[2010-05-25 15:09:01 | 000,000,000 | ---D | C] -- C:\Program Files\ChrisTV Lite
[2010-05-25 14:18:31 | 000,065,536 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\hcwdlg.ocx
[2010-05-25 14:17:01 | 000,524,353 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\HCWTVWND.dll
[2010-05-25 14:17:01 | 000,077,824 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\hcwsplit.ax
[2010-05-25 14:17:01 | 000,069,632 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\hcwfread.ax
[2010-05-25 14:17:01 | 000,011,264 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\hcwhook.dll
[2010-05-25 14:17:01 | 000,000,000 | ---D | C] -- C:\MyVideos
[2010-05-25 14:17:00 | 000,465,988 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\drivers\HCWBT8xx.sys
[2010-05-25 14:17:00 | 000,393,216 | ---- | C] (Snowbound Software Corporation (www.Snowbnd.com)) -- C:\WINDOWS\System32\hcwsnbd9.dll
[2010-05-25 14:17:00 | 000,213,050 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\Hcwchan.dll
[2010-05-25 14:17:00 | 000,192,568 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\hcwpnp32.dll
[2010-05-25 14:17:00 | 000,106,559 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\Hcwtvdlg.dll
[2010-05-25 14:17:00 | 000,090,174 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\bt848wst.dll
[2010-05-25 14:17:00 | 000,086,072 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\hcwi2c32.dll
[2010-05-25 14:17:00 | 000,073,728 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\Hcwsnap.ax
[2010-05-25 14:17:00 | 000,045,056 | ---- | C] (DScaler Project, see http://www.dscaler.org/) -- C:\WINDOWS\System32\Hcwdlace.ax
[2010-05-25 14:17:00 | 000,012,288 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\btgpio32.dll
[2010-05-25 14:16:53 | 000,036,921 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\Hcwutl32.dll
[2010-05-25 14:16:53 | 000,000,000 | ---D | C] -- C:\Program Files\WinTV
[2010-05-25 05:13:38 | 000,361,904 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symtdi.sys
[2010-05-25 05:13:38 | 000,339,504 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symtdiv.sys
[2010-05-25 05:13:38 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symds.sys
[2010-05-25 05:13:38 | 000,325,680 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\srtsp.sys
[2010-05-25 05:13:38 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symefa.sys
[2010-05-25 05:13:38 | 000,116,784 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\ironx86.sys
[2010-05-25 05:13:38 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\srtspx.sys
[2010-05-25 05:13:37 | 000,501,888 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\cchpx86.sys
[2010-05-25 05:13:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NAV\1107000.00C
[2010-05-22 23:14:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010-05-20 18:46:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Dane aplikacji\NWPS
[2010-05-20 18:46:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NWPS
[2010-05-20 18:46:03 | 000,000,000 | ---D | C] -- C:\Program Files\nwps
[2010-05-19 19:57:38 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune
[2010-05-19 19:36:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-05-19 19:36:52 | 000,000,000 | ---D | C] -- C:\Program Files\HDD Regenerator
[2010-05-19 19:35:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\Downloaded Installations
[2010-05-16 19:27:53 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Filo\Moje dokumenty\My Dropbox
[2010-05-16 19:26:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Dane aplikacji\Dropbox
[2010-05-16 19:09:06 | 000,000,000 | ---D | C] -- C:\totalcmd
[2010-05-16 19:09:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Dane aplikacji\GHISLER
[2010-05-15 23:45:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010-05-14 20:03:28 | 000,000,000 | ---D | C] -- C:\Program Files\No-IP Client
[2010-05-14 14:03:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010-05-14 14:02:14 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010-05-14 14:02:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
[2010-05-14 14:02:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010-05-14 13:58:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\Adobe
[2010-05-14 13:35:28 | 000,000,000 | ---D | C] -- C:\Xampp
[2010-05-14 12:47:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\BigBrotherBot
[2010-05-12 22:29:00 | 000,000,000 | ---D | C] -- C:\glog
[2010-05-12 22:28:52 | 000,000,000 | ---D | C] -- C:\log
[2010-05-12 20:46:57 | 000,000,000 | ---D | C] -- C:\effbot.exe
[2010-05-12 20:44:28 | 000,000,000 | ---D | C] -- C:\Program Files\MySQL
[2010-05-12 20:44:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\MySQL
[2010-05-11 22:49:03 | 000,000,000 | ---D | C] -- C:\Python27
[2010-05-11 19:27:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Dane aplikacji\TeamViewer
[2010-05-11 19:27:08 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2010-05-10 18:31:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2010-05-10 18:31:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2010-05-10 18:30:40 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2010-05-09 11:34:16 | 002,292,736 | ---- | C] (Python Software Foundation) -- C:\WINDOWS\System32\python27.dll
[2010-05-08 23:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2010-05-06 23:27:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Moje dokumenty\OCCT
[2010-05-06 23:24:48 | 000,000,000 | ---D | C] -- C:\Program Files\OCCT
[2010-05-06 23:23:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010-05-06 23:04:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2010-05-06 22:11:55 | 001,684,736 | R--- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys
[2010-05-06 22:11:46 | 000,290,816 | R--- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2010-05-06 22:11:45 | 000,122,880 | R--- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe
[2010-05-06 22:10:22 | 000,142,592 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtenicxp.sys
[2010-05-06 15:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\dwhelper
[2010-05-06 15:27:56 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid
[2010-05-06 15:27:54 | 000,000,000 | ---D | C] -- C:\Program Files\FDRLab
[2010-05-04 20:46:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Dane aplikacji\skypePM
[2010-05-04 20:46:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Dane aplikacji\Skype
[2010-05-04 20:45:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010-05-04 20:45:41 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010-05-04 20:45:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype
[2010-05-04 20:21:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Moje dokumenty\GTA San Andreas User Files
[2010-05-04 20:17:56 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2010-05-01 13:55:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Moje dokumenty\Symantec
[2010-05-01 13:53:42 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010-05-01 13:53:42 | 000,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010-05-01 13:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010-05-01 13:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010-05-01 13:53:16 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2010-05-01 13:53:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NAV
[2010-05-01 13:53:13 | 000,000,000 | ---D | C] -- C:\Program Files\Norton AntiVirus
[2010-05-01 13:53:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton
[2010-05-01 13:53:04 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010-05-01 13:53:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-06-25 11:38:44 | 003,407,872 | -H-- | M] () -- C:\Documents and Settings\Filo\NTUSER.DAT
[2010-06-25 11:28:43 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-06-25 11:28:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-06-25 11:28:35 | 1072,156,672 | -HS- | M] () -- C:\hiberfil.sys
[2010-06-25 10:51:10 | 000,013,536 | ---- | M] () -- C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-06-24 23:24:59 | 002,645,524 | -H-- | M] () -- C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-06-24 23:24:01 | 000,000,916 | ---- | M] () -- C:\Documents and Settings\Filo\status.xml
[2010-06-24 22:29:30 | 000,006,199 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\php-fusion-logo.png
[2010-06-24 16:17:05 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\Gta San Andreas.lnk
[2010-06-23 10:14:58 | 000,000,834 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\Skrót do samp.lnk
[2010-06-22 20:39:45 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-06-21 20:57:37 | 000,000,000 | ---- | M] () -- C:\WINDOWS\msicpl.ini
[2010-06-21 20:56:32 | 000,127,254 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-06-21 20:47:48 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-06-18 15:45:14 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Filo\011.jpg
[2010-06-17 15:51:08 | 004,358,135 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\15. hemp gru - dr.joint (droga).mp31260296438_[mp3.teledyski.info].mp3
[2010-06-17 15:35:58 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\Filo\default.pls
[2010-06-17 15:34:55 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-06-17 11:16:56 | 009,961,055 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\hemp gru-Wyrok Ulicy.mp3
[2010-06-16 16:04:03 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\Skrót do ioUrTded.lnk
[2010-06-14 15:52:22 | 000,011,412 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\q3config.cfg
[2010-06-13 19:54:37 | 015,930,202 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\ut4_happyjumptutorial_beta3.pk3
[2010-06-13 11:58:25 | 000,095,864 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-06-12 14:24:35 | 000,100,834 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\Nowy312.ncd
[2010-06-12 14:02:14 | 000,240,097 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\office07.gif
[2010-06-12 13:17:19 | 000,077,446 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\fcdh.std
[2010-06-12 12:46:35 | 000,096,618 | -H-- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\mvstcdxx.lst
[2010-06-12 12:42:53 | 000,000,756 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\SureThing CD Labeler Deluxe Trial 5.lnk
[2010-06-12 12:33:33 | 000,001,774 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\LightScribe.lnk
[2010-06-12 12:28:51 | 000,049,233 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\Nowy45.ncd
[2010-06-12 12:25:34 | 000,040,758 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\1039_57_1256019757_ms off.jpg
[2010-06-12 12:20:12 | 000,002,385 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart Essentials.lnk
[2010-06-12 12:20:12 | 000,002,305 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero Home Essentials SE.lnk
[2010-06-12 12:20:12 | 000,001,901 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Uaktualnienie online pakietu Nero.lnk
[2010-06-12 12:13:35 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010-06-02 09:07:36 | 006,250,624 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\Hemp_gru-sami_swoi_(feat._ka.mp3
[2010-05-26 21:03:01 | 000,529,978 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\Cat.DB
[2010-05-25 15:09:04 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\ChrisTV Lite.lnk
[2010-05-25 14:26:58 | 000,000,653 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-05-25 14:18:32 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\WinTV2000.lnk
[2010-05-25 14:13:05 | 000,001,885 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Norton AntiVirus.LNK
[2010-05-24 22:55:21 | 000,019,156 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\Kopia dziejkop56.jpg.png
[2010-05-24 22:53:35 | 000,029,870 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\dziejkop56.jpg.png
[2010-05-24 22:39:52 | 000,033,009 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\haha.png
[2010-05-24 22:38:50 | 000,033,009 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\hahaje.png
[2010-05-24 22:08:08 | 000,211,471 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\tlo.PNG
[2010-05-24 22:02:16 | 000,046,493 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\tlo.jpg
[2010-05-24 21:48:03 | 000,389,394 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\bez tytułu.bmp
[2010-05-24 21:12:43 | 000,000,293 | ---- | M] () -- C:\Documents and Settings\Filo\.jupload.properties
[2010-05-23 22:45:53 | 000,000,264 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\Nowy Dokument sformatowany.rtf
[2010-05-20 18:46:10 | 000,001,630 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Managed Switch Port Mapping Tool.lnk
[2010-05-19 19:57:39 | 000,000,613 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\HD Tune.lnk
[2010-05-19 19:36:54 | 000,001,778 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\HDD Regenerator.lnk
[2010-05-16 20:06:56 | 000,001,500 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\XAMPP Control Panel.lnk
[2010-05-16 19:27:54 | 000,000,981 | ---- | M] () -- C:\Documents and Settings\Filo\Menu Start\Programy\Autostart\Dropbox.lnk
[2010-05-16 19:27:53 | 000,000,981 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\Dropbox.lnk
[2010-05-16 19:09:08 | 000,000,548 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\Total Commander.lnk
[2010-05-15 14:27:25 | 000,001,917 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-05-15 14:27:09 | 000,945,112 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-05-15 14:27:09 | 000,436,322 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-05-15 14:27:09 | 000,380,486 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-05-15 14:27:09 | 000,067,298 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-05-15 14:27:09 | 000,052,900 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-05-14 22:00:14 | 000,003,592 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\b3.xml
[2010-05-14 16:02:01 | 000,004,346 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\Nowy Archiwum WinRAR-a (ZIP).zip
[2010-05-14 15:33:32 | 000,008,673 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\server.cfg
[2010-05-14 14:04:07 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-05-14 14:02:15 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Acrobat_com.lnk
[2010-05-14 08:36:08 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\isolate.ini
[2010-05-11 19:27:15 | 000,000,879 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 5.lnk
[2010-05-10 18:32:21 | 000,011,827 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\q3config.cfg
[2010-05-10 18:30:42 | 000,000,685 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\LogMeIn Hamachi.lnk
[2010-05-09 11:34:16 | 002,292,736 | ---- | M] (Python Software Foundation) -- C:\WINDOWS\System32\python27.dll
[2010-05-08 23:05:00 | 000,001,256 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\eBay.lnk
[2010-05-06 23:24:51 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\OCCT.lnk
[2010-05-06 23:04:37 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2010-05-06 23:04:37 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2010-05-06 22:32:14 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2010-05-06 22:08:20 | 000,000,010 | ---- | M] () -- C:\WINDOWS\GSetup.ini
[2010-05-06 15:40:56 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-05-06 15:30:16 | 000,000,695 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\save2pc.lnk
[2010-05-06 15:27:55 | 000,000,727 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\save2pc Light.lnk
[2010-05-06 06:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symtdi.sys
[2010-05-06 06:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symtdiv.sys
[2010-05-06 06:01:43 | 000,001,473 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symnetv.inf
[2010-05-06 06:01:43 | 000,001,445 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symnet.inf
[2010-05-04 20:46:40 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010-05-04 20:45:44 | 000,001,880 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-05-04 20:17:56 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2010-05-04 20:05:32 | 000,000,657 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\GTA San Andreas.lnk
[2010-05-03 20:41:33 | 000,000,832 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\ISO1.nri
[2010-05-03 15:07:00 | 695,396,470 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\Image.nrg
[2010-05-01 13:53:42 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010-05-01 13:53:42 | 000,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010-05-01 13:53:42 | 000,007,443 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010-05-01 13:53:42 | 000,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010-04-29 12:04:12 | 000,001,134 | -H-- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\Default.rdp
[2010-04-29 07:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\ironx86.sys
[2010-04-29 07:03:51 | 000,007,438 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\iron.cat
[2010-04-29 07:03:51 | 000,000,741 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\iron.inf
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-06-24 16:16:10 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\Gta San Andreas.lnk
[2010-06-21 20:57:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2010-06-21 20:56:15 | 1072,156,672 | -HS- | C] () -- C:\hiberfil.sys
[2010-06-21 20:52:42 | 000,127,254 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2010-06-21 20:51:53 | 000,018,521 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2010-06-21 20:51:11 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\smdll.dll
[2010-06-21 20:51:05 | 000,262,144 | R--- | C] () -- C:\WINDOWS\System32\HookMAp.dll
[2010-06-21 20:51:05 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\Auxiliary.dll
[2010-06-21 20:51:04 | 000,266,240 | R--- | C] () -- C:\WINDOWS\System32\HookShield.dll
[2010-06-21 20:51:04 | 000,008,883 | R--- | C] () -- C:\WINDOWS\System32\sysinfo.vxd
[2010-06-21 20:51:03 | 000,009,728 | R--- | C] () -- C:\WINDOWS\System32\sysinfoX64.sys
[2010-06-21 20:51:02 | 000,208,896 | R--- | C] () -- C:\WINDOWS\System32\WinSys2.exe
[2010-06-21 20:51:02 | 000,200,704 | R--- | C] () -- C:\WINDOWS\System32\WinSys.exe
[2010-06-21 20:51:02 | 000,008,192 | R--- | C] () -- C:\WINDOWS\System32\sysinfo.sys
[2010-06-21 20:51:01 | 000,208,896 | R--- | C] () -- C:\WINDOWS\System32\sw20.exe
[2010-06-21 20:51:01 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\sw24.exe
[2010-06-18 15:45:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Filo\011.jpg
[2010-06-17 11:16:56 | 009,961,055 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\hemp gru-Wyrok Ulicy.mp3
[2010-06-15 10:50:44 | 004,358,135 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\15. hemp gru - dr.joint (droga).mp31260296438_[mp3.teledyski.info].mp3
[2010-06-14 15:52:49 | 000,011,412 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\q3config.cfg
[2010-06-13 19:45:12 | 015,930,202 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\ut4_happyjumptutorial_beta3.pk3
[2010-06-12 14:24:34 | 000,100,834 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\Nowy312.ncd
[2010-06-12 14:02:14 | 000,240,097 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\office07.gif
[2010-06-12 13:17:19 | 000,077,446 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\fcdh.std
[2010-06-12 12:46:35 | 000,096,618 | -H-- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\mvstcdxx.lst
[2010-06-12 12:42:53 | 000,000,756 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\SureThing CD Labeler Deluxe Trial 5.lnk
[2010-06-12 12:33:33 | 000,001,774 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\LightScribe.lnk
[2010-06-12 12:28:50 | 000,049,233 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\Nowy45.ncd
[2010-06-12 12:25:33 | 000,040,758 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\1039_57_1256019757_ms off.jpg
[2010-06-02 09:07:36 | 006,250,624 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\Hemp_gru-sami_swoi_(feat._ka.mp3
[2010-05-26 15:24:28 | 000,000,335 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log
[2010-05-25 15:09:04 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\ChrisTV Lite.lnk
[2010-05-25 14:18:32 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\WinTV2000.lnk
[2010-05-25 14:12:18 | 000,529,978 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\Cat.DB
[2010-05-25 05:13:38 | 000,007,873 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symefa.cat
[2010-05-25 05:13:38 | 000,007,787 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symnetv.cat
[2010-05-25 05:13:38 | 000,007,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\srtspx.cat
[2010-05-25 05:13:38 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\srtsp.cat
[2010-05-25 05:13:38 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\iron.cat
[2010-05-25 05:13:38 | 000,007,425 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symds.cat
[2010-05-25 05:13:38 | 000,007,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symnet.cat
[2010-05-25 05:13:38 | 000,003,373 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symefa.inf
[2010-05-25 05:13:38 | 000,002,793 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symds.inf
[2010-05-25 05:13:38 | 000,001,473 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symnetv.inf
[2010-05-25 05:13:38 | 000,001,445 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symnet.inf
[2010-05-25 05:13:38 | 000,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\srtspx.inf
[2010-05-25 05:13:38 | 000,001,382 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\srtsp.inf
[2010-05-25 05:13:38 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\iron.inf
[2010-05-25 05:13:37 | 000,007,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\cchpx86.cat
[2010-05-25 05:13:37 | 000,001,754 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\cchpx86.inf
[2010-05-25 05:13:26 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\isolate.ini
[2010-05-24 22:55:00 | 000,019,156 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\Kopia dziejkop56.jpg.png
[2010-05-24 22:50:23 | 000,029,870 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\dziejkop56.jpg.png
[2010-05-24 22:39:38 | 000,033,009 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\haha.png
[2010-05-24 22:38:49 | 000,033,009 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\hahaje.png
[2010-05-24 22:03:53 | 000,211,471 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\tlo.PNG
[2010-05-24 21:47:41 | 000,046,493 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\tlo.jpg
[2010-05-24 21:39:35 | 000,006,199 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\php-fusion-logo.png
[2010-05-24 21:12:16 | 000,000,293 | ---- | C] () -- C:\Documents and Settings\Filo\.jupload.properties
[2010-05-24 20:47:32 | 000,389,394 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\bez tytułu.bmp
[2010-05-23 22:43:12 | 000,000,264 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\Nowy Dokument sformatowany.rtf
[2010-05-20 18:46:10 | 000,001,630 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Managed Switch Port Mapping Tool.lnk
[2010-05-19 19:57:39 | 000,000,613 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\HD Tune.lnk
[2010-05-19 19:36:54 | 000,001,778 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\HDD Regenerator.lnk
[2010-05-16 19:27:54 | 000,000,981 | ---- | C] () -- C:\Documents and Settings\Filo\Menu Start\Programy\Autostart\Dropbox.lnk
[2010-05-16 19:27:53 | 000,000,981 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\Dropbox.lnk
[2010-05-16 19:09:08 | 000,000,548 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\Total Commander.lnk
[2010-05-16 19:09:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\UC.PIF
[2010-05-16 19:09:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\RAR.PIF
[2010-05-16 19:09:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKZIP.PIF
[2010-05-16 19:09:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKUNZIP.PIF
[2010-05-16 19:09:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\NOCLOSE.PIF
[2010-05-16 19:09:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\LHA.PIF
[2010-05-16 19:09:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\ARJ.PIF
[2010-05-14 22:20:08 | 000,003,592 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\b3.xml
[2010-05-14 20:29:51 | 000,001,500 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\XAMPP Control Panel.lnk
[2010-05-14 16:01:32 | 000,004,346 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\Nowy Archiwum WinRAR-a (ZIP).zip
[2010-05-14 15:24:54 | 000,008,673 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\server.cfg
[2010-05-14 14:04:07 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-05-14 14:02:15 | 000,000,732 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Acrobat_com.lnk
[2010-05-13 14:57:00 | 000,000,916 | ---- | C] () -- C:\Documents and Settings\Filo\status.xml
[2010-05-11 19:27:15 | 000,000,879 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 5.lnk
[2010-05-10 18:38:07 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\Skrót do ioUrTded.lnk
[2010-05-10 18:33:44 | 000,011,827 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\q3config.cfg
[2010-05-10 18:30:42 | 000,000,685 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\LogMeIn Hamachi.lnk
[2010-05-08 23:05:00 | 000,001,256 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\eBay.lnk
[2010-05-06 23:24:51 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\OCCT.lnk
[2010-05-06 23:04:37 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2010-05-06 23:04:36 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2010-05-06 22:32:17 | 000,013,646 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2010-05-06 22:10:22 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010-05-06 22:08:20 | 000,207,400 | R--- | C] () -- C:\WINDOWS\GSetup.exe
[2010-05-06 22:08:20 | 000,000,010 | ---- | C] () -- C:\WINDOWS\GSetup.ini
[2010-05-06 21:49:39 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-05-06 15:35:36 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-05-06 15:30:16 | 000,000,695 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\save2pc.lnk
[2010-05-06 15:27:56 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-05-06 15:27:56 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-05-06 15:27:56 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax
[2010-05-06 15:27:55 | 000,000,727 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\save2pc Light.lnk
[2010-05-04 20:46:40 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010-05-04 20:45:44 | 000,001,880 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-05-04 20:12:21 | 000,000,834 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\Skrót do samp.lnk
[2010-05-04 20:05:32 | 000,000,657 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\GTA San Andreas.lnk
[2010-05-03 20:41:33 | 000,000,832 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\ISO1.nri
[2010-05-03 15:06:25 | 695,396,470 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\Image.nrg
[2010-05-01 13:53:42 | 000,007,443 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010-05-01 13:53:42 | 000,000,805 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010-05-01 13:53:36 | 000,001,885 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Norton AntiVirus.LNK
[2010-04-22 13:48:21 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010-04-21 14:41:15 | 000,685,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-04-14 20:14:27 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2007-06-28 18:43:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007-06-28 18:43:00 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007-06-28 18:43:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007-06-28 18:43:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007-06-28 18:43:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006-03-02 14:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2006-03-02 14:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2006-03-02 14:00:00 | 000,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[1996-04-03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

[color=#E56717]========== LOP Check ==========[/color]

[2010-05-14 13:39:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BigBrotherBot
[2010-04-15 21:29:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software
[2010-04-18 11:27:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-04-14 21:37:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe
[2010-05-12 20:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MySQL
[2010-05-20 18:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NWPS
[2010-05-19 19:38:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-06-25 11:28:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filo\Dane aplikacji\Dropbox
[2010-05-24 23:03:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filo\Dane aplikacji\Gadu-Gadu 10
[2010-06-25 11:28:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filo\Dane aplikacji\GameTracker
[2010-05-16 19:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filo\Dane aplikacji\GHISLER
[2010-05-20 18:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filo\Dane aplikacji\NWPS
[2010-05-11 19:30:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filo\Dane aplikacji\TeamViewer
[2010-06-25 11:29:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\GameTracker

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-04-14 20:08:31 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-04-14 20:01:18 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2006-03-02 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010-04-14 20:08:31 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-05-25 14:16:57 | 000,000,034 | ---- | M] () -- C:\hcwclear.txt
[2010-06-25 11:28:35 | 1072,156,672 | -HS- | M] () -- C:\hiberfil.sys
[2010-04-14 20:08:31 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-04-14 20:08:31 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2006-03-02 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2006-03-02 14:00:00 | 000,250,624 | RHS- | M] () -- C:\ntldr
[2010-06-25 11:28:34 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2006-03-02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2006-03-02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll
[2009-12-20 00:00:00 | 000,037,520 | ---- | M] (perl.org) MD5=2852D57385C4709EAAE2F9DB01AD3672 -- C:\Xampp\xampp\perl\site\lib\auto\Win32\EventLog\EventLog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2006-03-02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2006-03-02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 48 bytes -> C:\Documents and Settings\All Users\DRM:مايكروسوفت
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:1AAB2E68
< End of report >
[/log]
Dziękuję

Gość
komentarz
komentarz (edytowane)

[b]1.[/b] Uruchom [b]OTL[/b] i w oknie [b]Custom Scans/Fixes[/b] wklej to:
[quote]
:OTL
@Alternate Data Stream - 48 bytes -> C:\Documents and Settings\All Users\DRM:مايكروسوفت
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:1AAB2E68
O33 - MountPoints2\{13b477ff-47f2-11df-9416-00006043af17}\Shell - "" = AutoRun
O33 - MountPoints2\{13b477ff-47f2-11df-9416-00006043af17}\Shell\AutoRun\command - "" = F:\AutoRunCardDetector.exe -- File not found
O4 - HKLM..\Run: [WinSys2] C:\WINDOWS\system32\WinSys2.exe ()
O4 - HKLM..\Run: [RelevantKnowledge] C:\Program Files\RelevantKnowledge\rlvknlg.exe (TMRG, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
MOD - [2010-04-15 22:38:27 | 000,389,760 | ---- | M] (TMRG, Inc.) -- C:\Program Files\RelevantKnowledge\rlls.dll
MOD - [2007-03-16 22:10:44 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\RelevantKnowledge\MSVCP71.DLL
MOD - [2007-03-16 22:10:44 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\RelevantKnowledge\MSVCR71.DLL


:Files
C:\Program Files\SnadBoy's Revelation v2
C:\Program Files\RelevantKnowledge

:Commands
[emptytemp]
[Reboot]
[/quote]
Kliknij w [b][color=red]Run Fix[/b][/color]. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.

Następnie uruchom [b]OTL[/b] ponownie, tym razem kliknij "[b][color=blue]Run Scan[/b][/color]".

Pokaż nowy log OTL.txt oraz raport z usuwania.

[b]2.[/b] Pokaż logi z [url=http://www.forumpc.pl/index.php?showtopic=116175&st=0&p=810100&#entry810100][b][color=blue][u]GMERa[/url][/b][/color][/u].

  • Dobra wypowiedź 1
Filo1
komentarz
komentarz

Log OTL po Fix
[log]All processes killed
========== OTL ==========
ADS C:\Documents and Settings\All Users\DRM:مايكروسوفت deleted successfully.
ADS C:\Documents and Settings\All Users\Dane aplikacji\TEMP:1AAB2E68 deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{13b477ff-47f2-11df-9416-00006043af17}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{13b477ff-47f2-11df-9416-00006043af17}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{13b477ff-47f2-11df-9416-00006043af17}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{13b477ff-47f2-11df-9416-00006043af17}\ not found.
File F:\AutoRunCardDetector.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinSys2 deleted successfully.
C:\WINDOWS\system32\WinSys2.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RelevantKnowledge deleted successfully.
C:\Program Files\RelevantKnowledge\rlvknlg.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
========== FILES ==========
C:\Program Files\SnadBoy's Revelation v2 folder moved successfully.
C:\Program Files\RelevantKnowledge folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: Filo
->Temp folder emptied: 119188016 bytes
->Temporary Internet Files folder emptied: 2383550 bytes
->Java cache emptied: 603011 bytes
->FireFox cache emptied: 49480539 bytes
->Flash cache emptied: 2006217 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2129157 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9136438 bytes
RecycleBin emptied: 44989339 bytes

Total Files Cleaned = 219,00 mb


OTL by OldTimer - Version 3.2.7.0 log created on 06252010_131458

Files\Folders moved on Reboot...
C:\WINDOWS\temp\Perflib_Perfdata_1a0.dat moved successfully.
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_cd8.dat not found!

Registry entries deleted on Reboot...
[/log]
zaraz zrobie 2 z GMER

Gość
komentarz
komentarz

all sie usunelo = czekamy na log z gmera

  • Dobra wypowiedź 1
Filo1
komentarz
komentarz

już go robię nie miałem czasu przepraszam

nie mogę po skanie
się system wiesza
i nic z loga już ze 3 razy tak

Tomek01
komentarz
komentarz

Miałeś również wrzucić nowy log OTL.txt a nie tylko log z usuwania.
Wydaje mi się, że jeszcze zostało coś do usunięcia więc proszę to wykonać.

  • Dobra wypowiedź 1
Filo1
komentarz
komentarz

nowy log
[log]OTL logfile created on: 2010-06-27 11:23:30 - Run 2
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Filo\Moje dokumenty\Pobieranie
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1 022,00 Mb Total Physical Memory | 160,00 Mb Available Physical Memory | 16,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 37,17 Gb Free Space | 76,13% Space Free | Partition Type: NTFS
Drive D: | 184,05 Gb Total Space | 171,49 Gb Free Space | 93,17% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FILIP
Current User Name: Filo
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-06-27 11:21:24 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Filo\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2010-06-23 23:04:31 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-05-19 10:44:14 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2010-05-19 10:38:38 | 002,736,128 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
PRC - [2010-04-15 21:04:52 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-03-30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2010-03-24 20:17:47 | 000,952,768 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
PRC - [2010-03-12 00:14:00 | 011,792,992 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2010-03-09 04:52:49 | 000,015,872 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2010-02-26 07:10:20 | 021,979,992 | ---- | M] () -- C:\Documents and Settings\Filo\Dane aplikacji\Dropbox\bin\Dropbox.exe
PRC - [2010-02-26 02:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2009-12-20 00:00:00 | 006,095,504 | ---- | M] (MySQL AB) -- C:\Xampp\xampp\mysql\bin\mysqld.exe
PRC - [2009-12-20 00:00:00 | 000,029,416 | ---- | M] (Apache Software Foundation) -- C:\Xampp\xampp\apache\bin\httpd.exe
PRC - [2009-12-10 11:20:06 | 001,643,872 | ---- | M] (ClanServers Hosting LLC) -- C:\Program Files\GameTracker\GSInGameService.exe
PRC - [2009-11-20 10:17:12 | 000,434,176 | ---- | M] (Sony Ericsson Mobile Communications AB) -- D:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
PRC - [2009-06-25 08:07:40 | 017,887,232 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2009-04-30 11:23:26 | 000,090,112 | ---- | M] () -- D:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
PRC - [2008-10-24 19:27:40 | 000,069,632 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2008-10-14 12:07:14 | 000,274,432 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\ZTEMF636\CardDetector.exe
PRC - [2007-06-28 18:43:00 | 000,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2006-12-23 18:05:20 | 000,143,360 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006-12-23 18:04:42 | 000,905,216 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2006-12-23 17:54:04 | 000,262,144 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2006-05-13 21:30:40 | 000,571,392 | ---- | M] (No-IP.pl) -- C:\Program Files\No-IP Client\noipclient.exe
PRC - [2006-03-02 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2006-03-02 14:00:00 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2006-03-02 14:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2006-03-02 14:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2006-03-02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2006-03-02 14:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2006-03-02 14:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2006-03-02 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [BTHSVCS]
PRC - [2006-03-02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2006-03-02 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2005-11-09 11:35:58 | 003,063,808 | ---- | M] () -- C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe
PRC - [2005-06-11 01:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2004-10-13 18:24:37 | 001,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2004-08-11 01:45:04 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-06-27 11:21:24 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Filo\Moje dokumenty\Pobieranie\OTL.exe
MOD - [2010-03-09 04:55:54 | 000,004,608 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerHook.dll
MOD - [2007-06-28 18:43:00 | 001,474,560 | ---- | M] () -- C:\WINDOWS\system32\nview.dll
MOD - [2007-06-28 18:43:00 | 000,294,912 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwrspl.dll
MOD - [2007-06-28 18:43:00 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll
MOD - [2006-05-10 07:25:25 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2006-03-17 06:08:07 | 008,480,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2006-03-02 14:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2006-03-02 14:00:00 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2006-03-02 14:00:00 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2006-03-02 14:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2006-03-02 14:00:00 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2006-03-02 14:00:00 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2006-03-02 14:00:00 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2006-03-02 14:00:00 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2006-03-02 14:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2006-03-02 14:00:00 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2006-03-02 14:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2006-03-02 14:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2006-03-02 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2006-03-02 14:00:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2006-03-02 14:00:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2006-03-02 14:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2006-03-02 14:00:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2006-03-02 14:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2006-03-02 14:00:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2006-03-02 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2006-03-02 14:00:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2006-03-02 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2006-03-02 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2005-12-29 04:56:06 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2005-07-26 06:42:36 | 001,284,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2005-07-26 06:42:33 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2005-03-02 20:18:38 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-04-04 21:50:00 | 003,502,176 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2010-03-30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010-02-26 02:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe -- (NAV)
SRV - [2009-12-20 00:00:00 | 006,095,504 | ---- | M] (MySQL AB) [Auto | Running] -- C:\Xampp\xampp\mysql\bin\mysqld.exe -- (MySQL)
SRV - [2009-12-20 00:00:00 | 000,029,416 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Xampp\xampp\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2009-12-10 11:20:06 | 001,643,872 | ---- | M] (ClanServers Hosting LLC) [Auto | Running] -- C:\Program Files\GameTracker\GSInGameService.exe -- (GS In-Game Service)
SRV - [2009-04-30 11:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- D:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2008-10-24 19:27:40 | 000,069,632 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-06-12 12:18:53 | 001,347,504 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100626.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010-06-12 12:18:53 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010-06-12 12:18:53 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010-06-12 12:18:53 | 000,085,552 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100626.002\NAVENG.SYS -- (NAVENG)
DRV - [2010-05-28 21:33:19 | 000,331,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100625.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010-05-22 20:16:04 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100619.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010-05-06 06:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NAV\1107000.00C\SYMTDI.SYS -- (SYMTDI)
DRV - [2010-05-01 13:53:42 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010-04-29 07:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1107000.00C\Ironx86.SYS -- (SymIRON)
DRV - [2010-04-23 18:53:48 | 000,002,688 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\FortressMU\FortressMU 2010\fortressmu 2010 muguard\MuGuard\llck1.sys -- (LLRING0)
DRV - [2010-04-22 05:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1107000.00C\SYMEFA.SYS -- (SymEFA)
DRV - [2010-04-22 04:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\NAV\1107000.00C\SRTSP.SYS -- (SRTSP)
DRV - [2010-04-22 04:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1107000.00C\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010-04-21 14:41:15 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-02-26 02:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1107000.00C\ccHPx86.sys -- (ccHP)
DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009-08-30 02:17:18 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1107000.00C\SYMDS.SYS -- (SymDS)
DRV - [2009-06-29 13:59:14 | 000,142,592 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009-06-25 08:07:44 | 005,095,936 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009-06-25 08:07:40 | 001,684,736 | R--- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009-06-25 08:07:40 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2008-10-14 12:07:50 | 000,103,936 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2008-10-14 12:07:50 | 000,103,936 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmeaext.sys -- (ZTEusbnmeaext)
DRV - [2008-10-14 12:07:50 | 000,103,936 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2008-10-14 12:07:50 | 000,103,936 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2008-10-14 09:10:30 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2008-06-16 10:13:46 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2008-05-16 11:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008-05-16 11:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008-05-16 11:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008-05-16 11:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008-05-16 11:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008-05-16 11:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008-05-16 11:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2007-07-25 10:20:34 | 001,748,992 | R--- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\msicpl.dll -- (MSICPL)
DRV - [2007-06-28 18:43:00 | 006,807,328 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006-09-24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006-06-16 13:56:38 | 000,083,968 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006-03-02 14:00:00 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2005-03-02 12:44:00 | 000,465,988 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HCWBT8xx.sys -- (HCWBT8XX)
DRV - [2005-01-07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2005-01-07 17:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.pcf.pl/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pcf.pl/

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pcf.pl/

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pcf.pl/

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pcf.pl/

IE - HKU\S-1-5-21-484763869-1547161642-839522115-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pcf.pl/
IE - HKU\S-1-5-21-484763869-1547161642-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3

FF - HKLM\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\IPSFFPlgn\ [2010-05-26 14:40:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-06-24 22:58:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-06-23 23:04:35 | 000,000,000 | ---D | M]

[2010-04-14 21:40:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filo\Dane aplikacji\Mozilla\Extensions
[2010-06-26 21:51:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filo\Dane aplikacji\Mozilla\Firefox\Profiles\6ck0ha1d.default\extensions
[2010-05-06 15:36:12 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Filo\Dane aplikacji\Mozilla\Firefox\Profiles\6ck0ha1d.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010-05-06 15:22:22 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Filo\Dane aplikacji\Mozilla\Firefox\Profiles\6ck0ha1d.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010-06-26 21:51:14 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-05-04 20:46:10 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010-04-15 21:04:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-04-15 21:04:52 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-04-01 19:33:11 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-04-01 19:33:11 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-04-01 19:33:11 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-04-01 19:33:11 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-04-01 19:33:11 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-04-01 19:33:11 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2006-03-02 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (Steganos Internet Anonym) - {00000000-5736-4205-0008-f7ed0776fb27} - c:\Program Files\Steganos Internet Anonym 2006\SIA2006iep.dll ()
O3 - HKU\S-1-5-21-484763869-1547161642-839522115-1005\..\Toolbar\WebBrowser: (Steganos Internet Anonym) - {00000000-5736-4205-0008-F7ED0776FB27} - c:\Program Files\Steganos Internet Anonym 2006\SIA2006iep.dll ()
O4 - HKLM..\Run: [BEWINTERNET-PL-IEWSessionManager] D:\Orange\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [CardDetectorZTEMF636] C:\Program Files\CardDetector\ZTEMF636\CardDetector.exe (France Telecom SA)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [No-IP Client 1.42] C:\Program Files\No-IP Client\noipclient.exe (No-IP.pl)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RelevantKnowledge] C:\Program Files\RelevantKnowledge\rlvknlg.exe File not found
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKU\S-1-5-21-484763869-1547161642-839522115-1005..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-484763869-1547161642-839522115-1005..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-484763869-1547161642-839522115-1005..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-484763869-1547161642-839522115-1005..\Run: [GameTracker] C:\Program Files\GameTracker\GTLite.exe (ClanServers Hosting LLC)
O4 - HKU\S-1-5-21-484763869-1547161642-839522115-1005..\Run: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe ()
O4 - HKU\S-1-5-21-484763869-1547161642-839522115-1005..\Run: [Sony Ericsson PC Suite] D:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - HKU\.DEFAULT..\RunOnce: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe ()
O4 - HKU\S-1-5-18..\RunOnce: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe ()
O4 - HKU\S-1-5-20..\RunOnce: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe ()
O4 - Startup: C:\Documents and Settings\Filo\Menu Start\Programy\Autostart\Dropbox.lnk = C:\Documents and Settings\Filo\Dane aplikacji\Dropbox\bin\Dropbox.exe ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-484763869-1547161642-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Secure Surfing Engine\sselsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Secure Surfing Engine\sselsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Secure Surfing Engine\sselsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Secure Surfing Engine\sselsp.dll ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab (Java Plug-in 1.5.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-04-14 20:08:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010-04-14 20:08:08 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-06-25 20:58:49 | 000,000,000 | ---D | C] -- C:\Program Files\BigBrotherBot_1.3.2
[2010-06-25 20:58:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\BigBrotherBot
[2010-06-25 13:14:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-06-22 19:36:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010-06-21 20:51:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2010-06-21 20:51:13 | 000,130,048 | R--- | C] (www.madshi.net) -- C:\WINDOWS\System32\MadCHook.dll
[2010-06-21 20:51:04 | 000,114,688 | R--- | C] (Crystal Dew World) -- C:\WINDOWS\System32\sysinfo.dll
[2010-06-21 20:51:01 | 001,748,992 | R--- | C] (MSI) -- C:\WINDOWS\System32\msicpl.dll
[2010-06-21 15:24:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Pulpit\Nowy folder
[2010-06-21 15:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Pulpit\extplugins
[2010-06-16 16:16:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010-06-12 12:43:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Moje dokumenty\My SureThing Projects
[2010-06-12 12:42:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\MicroVision Applications
[2010-06-12 12:42:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SureThing Shared
[2010-06-12 12:42:40 | 000,000,000 | ---D | C] -- C:\Program Files\SureThing CD Labeler 5
[2010-05-26 15:24:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Hewlett-Packard
[2010-05-25 15:09:01 | 000,000,000 | ---D | C] -- C:\Program Files\ChrisTV Lite
[2010-05-25 14:18:31 | 000,065,536 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\hcwdlg.ocx
[2010-05-25 14:17:01 | 000,524,353 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\HCWTVWND.dll
[2010-05-25 14:17:01 | 000,077,824 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\hcwsplit.ax
[2010-05-25 14:17:01 | 000,069,632 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\hcwfread.ax
[2010-05-25 14:17:01 | 000,011,264 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\hcwhook.dll
[2010-05-25 14:17:01 | 000,000,000 | ---D | C] -- C:\MyVideos
[2010-05-25 14:17:00 | 000,465,988 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\drivers\HCWBT8xx.sys
[2010-05-25 14:17:00 | 000,393,216 | ---- | C] (Snowbound Software Corporation (www.Snowbnd.com)) -- C:\WINDOWS\System32\hcwsnbd9.dll
[2010-05-25 14:17:00 | 000,213,050 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\Hcwchan.dll
[2010-05-25 14:17:00 | 000,192,568 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\hcwpnp32.dll
[2010-05-25 14:17:00 | 000,106,559 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\Hcwtvdlg.dll
[2010-05-25 14:17:00 | 000,090,174 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\bt848wst.dll
[2010-05-25 14:17:00 | 000,086,072 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\hcwi2c32.dll
[2010-05-25 14:17:00 | 000,073,728 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\Hcwsnap.ax
[2010-05-25 14:17:00 | 000,045,056 | ---- | C] (DScaler Project, see http://www.dscaler.org/) -- C:\WINDOWS\System32\Hcwdlace.ax
[2010-05-25 14:17:00 | 000,012,288 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\btgpio32.dll
[2010-05-25 14:16:53 | 000,036,921 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\Hcwutl32.dll
[2010-05-25 14:16:53 | 000,000,000 | ---D | C] -- C:\Program Files\WinTV
[2010-05-25 05:13:38 | 000,361,904 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symtdi.sys
[2010-05-25 05:13:38 | 000,339,504 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symtdiv.sys
[2010-05-25 05:13:38 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symds.sys
[2010-05-25 05:13:38 | 000,325,680 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\srtsp.sys
[2010-05-25 05:13:38 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symefa.sys
[2010-05-25 05:13:38 | 000,116,784 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\ironx86.sys
[2010-05-25 05:13:38 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\srtspx.sys
[2010-05-25 05:13:37 | 000,501,888 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\cchpx86.sys
[2010-05-25 05:13:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NAV\1107000.00C
[2010-05-22 23:14:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010-05-20 18:46:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Dane aplikacji\NWPS
[2010-05-20 18:46:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NWPS
[2010-05-20 18:46:03 | 000,000,000 | ---D | C] -- C:\Program Files\nwps
[2010-05-19 19:57:38 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune
[2010-05-19 19:36:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-05-19 19:36:52 | 000,000,000 | ---D | C] -- C:\Program Files\HDD Regenerator
[2010-05-19 19:35:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\Downloaded Installations
[2010-05-16 19:27:53 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Filo\Moje dokumenty\My Dropbox
[2010-05-16 19:26:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Dane aplikacji\Dropbox
[2010-05-16 19:09:06 | 000,000,000 | ---D | C] -- C:\totalcmd
[2010-05-16 19:09:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Dane aplikacji\GHISLER
[2010-05-15 23:45:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010-05-14 20:03:28 | 000,000,000 | ---D | C] -- C:\Program Files\No-IP Client
[2010-05-14 14:03:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010-05-14 14:02:14 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010-05-14 14:02:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
[2010-05-14 14:02:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010-05-14 13:58:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\Adobe
[2010-05-14 13:35:28 | 000,000,000 | ---D | C] -- C:\Xampp
[2010-05-12 22:29:00 | 000,000,000 | ---D | C] -- C:\glog
[2010-05-12 22:28:52 | 000,000,000 | ---D | C] -- C:\log
[2010-05-12 20:46:57 | 000,000,000 | ---D | C] -- C:\effbot.exe
[2010-05-12 20:44:28 | 000,000,000 | ---D | C] -- C:\Program Files\MySQL
[2010-05-12 20:44:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\MySQL
[2010-05-11 22:49:03 | 000,000,000 | ---D | C] -- C:\Python27
[2010-05-11 19:27:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Dane aplikacji\TeamViewer
[2010-05-11 19:27:08 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2010-05-10 18:31:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2010-05-10 18:31:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2010-05-10 18:30:40 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2010-05-09 11:34:16 | 002,292,736 | ---- | C] (Python Software Foundation) -- C:\WINDOWS\System32\python27.dll
[2010-05-08 23:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2010-05-06 23:27:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Moje dokumenty\OCCT
[2010-05-06 23:24:48 | 000,000,000 | ---D | C] -- C:\Program Files\OCCT
[2010-05-06 23:23:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010-05-06 23:04:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2010-05-06 22:11:55 | 001,684,736 | R--- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys
[2010-05-06 22:11:46 | 000,290,816 | R--- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2010-05-06 22:11:45 | 000,122,880 | R--- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe
[2010-05-06 22:10:22 | 000,142,592 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtenicxp.sys
[2010-05-06 15:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\dwhelper
[2010-05-06 15:27:56 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid
[2010-05-06 15:27:54 | 000,000,000 | ---D | C] -- C:\Program Files\FDRLab
[2010-05-04 20:46:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Dane aplikacji\skypePM
[2010-05-04 20:46:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Dane aplikacji\Skype
[2010-05-04 20:45:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010-05-04 20:45:41 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010-05-04 20:45:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype
[2010-05-04 20:21:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Moje dokumenty\GTA San Andreas User Files
[2010-05-04 20:17:56 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2010-05-01 13:55:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Moje dokumenty\Symantec
[2010-05-01 13:53:42 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010-05-01 13:53:42 | 000,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010-05-01 13:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010-05-01 13:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010-05-01 13:53:16 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2010-05-01 13:53:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NAV
[2010-05-01 13:53:13 | 000,000,000 | ---D | C] -- C:\Program Files\Norton AntiVirus
[2010-05-01 13:53:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton
[2010-05-01 13:53:04 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010-05-01 13:53:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-06-27 11:15:40 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-06-27 11:15:40 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-06-27 11:15:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-06-27 11:15:34 | 1072,156,672 | -HS- | M] () -- C:\hiberfil.sys
[2010-06-26 23:45:03 | 003,407,872 | -H-- | M] () -- C:\Documents and Settings\Filo\NTUSER.DAT
[2010-06-26 23:44:14 | 002,112,400 | -H-- | M] () -- C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-06-26 22:31:01 | 000,000,916 | ---- | M] () -- C:\Documents and Settings\Filo\status.xml
[2010-06-26 12:36:53 | 000,134,475 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\sjd.png
[2010-06-26 11:28:25 | 000,000,639 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\favicon.ico
[2010-06-25 22:10:47 | 000,003,174 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\minia.jpg
[2010-06-25 21:54:43 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Filo\Korea.bat
[2010-06-25 21:52:05 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Filo\Gadu-Gadu.bat
[2010-06-25 21:46:32 | 000,056,107 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\logo.jpg
[2010-06-25 21:46:04 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Filo\logo.jpg
[2010-06-25 21:15:22 | 000,001,051 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\plugin_adv.xml
[2010-06-25 20:36:27 | 000,009,151 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\plugin_admin.xml
[2010-06-25 20:31:47 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Filo\plugin_admin.xml
[2010-06-25 14:28:46 | 000,004,458 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\b3.xml
[2010-06-25 13:14:13 | 000,004,498 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\b3(1).xml
[2010-06-25 13:13:55 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Filo\b3.xml
[2010-06-25 12:28:05 | 000,000,895 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\plugin_adv.xml
[2010-06-25 12:05:22 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Filo\plugin_adv.xml
[2010-06-25 10:51:10 | 000,013,536 | ---- | M] () -- C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-06-24 22:29:30 | 000,006,199 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\php-fusion-logo.png
[2010-06-24 16:17:05 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\Gta San Andreas.lnk
[2010-06-23 10:14:58 | 000,000,834 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\Skrót do samp.lnk
[2010-06-21 20:57:37 | 000,000,000 | ---- | M] () -- C:\WINDOWS\msicpl.ini
[2010-06-21 20:56:32 | 000,127,254 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-06-21 20:47:48 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-06-18 15:45:14 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Filo\011.jpg
[2010-06-17 15:51:08 | 004,358,135 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\15. hemp gru - dr.joint (droga).mp31260296438_[mp3.teledyski.info].mp3
[2010-06-17 15:35:58 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\Filo\default.pls
[2010-06-17 15:34:55 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-06-17 11:16:56 | 009,961,055 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\hemp gru-Wyrok Ulicy.mp3
[2010-06-16 16:04:03 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\Skrót do ioUrTded.lnk
[2010-06-14 15:52:22 | 000,011,412 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\q3config.cfg
[2010-06-13 19:54:37 | 015,930,202 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\ut4_happyjumptutorial_beta3.pk3
[2010-06-13 11:58:25 | 000,095,864 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-06-12 14:24:35 | 000,100,834 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\Nowy312.ncd
[2010-06-12 14:02:14 | 000,240,097 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\office07.gif
[2010-06-12 13:17:19 | 000,077,446 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\fcdh.std
[2010-06-12 12:46:35 | 000,096,618 | -H-- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\mvstcdxx.lst
[2010-06-12 12:42:53 | 000,000,756 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\SureThing CD Labeler Deluxe Trial 5.lnk
[2010-06-12 12:33:33 | 000,001,774 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\LightScribe.lnk
[2010-06-12 12:28:51 | 000,049,233 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\Nowy45.ncd
[2010-06-12 12:25:34 | 000,040,758 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\1039_57_1256019757_ms off.jpg
[2010-06-12 12:20:12 | 000,002,385 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart Essentials.lnk
[2010-06-12 12:20:12 | 000,002,305 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero Home Essentials SE.lnk
[2010-06-12 12:20:12 | 000,001,901 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Uaktualnienie online pakietu Nero.lnk
[2010-06-12 12:13:35 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010-06-02 09:07:36 | 006,250,624 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\Hemp_gru-sami_swoi_(feat._ka.mp3
[2010-05-26 21:03:01 | 000,529,978 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\Cat.DB
[2010-05-25 15:09:04 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\ChrisTV Lite.lnk
[2010-05-25 14:26:58 | 000,000,653 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-05-25 14:18:32 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\WinTV2000.lnk
[2010-05-25 14:13:05 | 000,001,885 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Norton AntiVirus.LNK
[2010-05-24 22:55:21 | 000,019,156 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\Kopia dziejkop56.jpg.png
[2010-05-24 22:53:35 | 000,029,870 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\dziejkop56.jpg.png
[2010-05-24 22:39:52 | 000,033,009 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\haha.png
[2010-05-24 22:38:50 | 000,033,009 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\hahaje.png
[2010-05-24 22:08:08 | 000,211,471 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\tlo.PNG
[2010-05-24 22:02:16 | 000,046,493 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\tlo.jpg
[2010-05-24 21:48:03 | 000,389,394 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\bez tytułu.bmp
[2010-05-24 21:12:43 | 000,000,293 | ---- | M] () -- C:\Documents and Settings\Filo\.jupload.properties
[2010-05-23 22:45:53 | 000,000,264 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\Nowy Dokument sformatowany.rtf
[2010-05-20 18:46:10 | 000,001,630 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Managed Switch Port Mapping Tool.lnk
[2010-05-19 19:57:39 | 000,000,613 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\HD Tune.lnk
[2010-05-19 19:36:54 | 000,001,778 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\HDD Regenerator.lnk
[2010-05-16 20:06:56 | 000,001,500 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\XAMPP Control Panel.lnk
[2010-05-16 19:27:54 | 000,000,981 | ---- | M] () -- C:\Documents and Settings\Filo\Menu Start\Programy\Autostart\Dropbox.lnk
[2010-05-16 19:27:53 | 000,000,981 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\Dropbox.lnk
[2010-05-16 19:09:08 | 000,000,548 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\Total Commander.lnk
[2010-05-15 14:27:25 | 000,001,917 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-05-15 14:27:09 | 000,945,112 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-05-15 14:27:09 | 000,436,322 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-05-15 14:27:09 | 000,380,486 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-05-15 14:27:09 | 000,067,298 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-05-15 14:27:09 | 000,052,900 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-05-14 22:00:14 | 000,003,592 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\b3.xml
[2010-05-14 16:02:01 | 000,004,346 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\Nowy Archiwum WinRAR-a (ZIP).zip
[2010-05-14 15:33:32 | 000,008,673 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\server.cfg
[2010-05-14 14:04:07 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-05-14 14:02:15 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Acrobat_com.lnk
[2010-05-14 08:36:08 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\isolate.ini
[2010-05-11 19:27:15 | 000,000,879 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 5.lnk
[2010-05-10 18:32:21 | 000,011,827 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\q3config.cfg
[2010-05-10 18:30:42 | 000,000,685 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\LogMeIn Hamachi.lnk
[2010-05-09 11:34:16 | 002,292,736 | ---- | M] (Python Software Foundation) -- C:\WINDOWS\System32\python27.dll
[2010-05-08 23:05:00 | 000,001,256 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\eBay.lnk
[2010-05-06 23:24:51 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\OCCT.lnk
[2010-05-06 23:04:37 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2010-05-06 23:04:37 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2010-05-06 22:32:14 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2010-05-06 22:08:20 | 000,000,010 | ---- | M] () -- C:\WINDOWS\GSetup.ini
[2010-05-06 15:40:56 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-05-06 15:30:16 | 000,000,695 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\save2pc.lnk
[2010-05-06 15:27:55 | 000,000,727 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\save2pc Light.lnk
[2010-05-06 06:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symtdi.sys
[2010-05-06 06:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symtdiv.sys
[2010-05-06 06:01:43 | 000,001,473 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symnetv.inf
[2010-05-06 06:01:43 | 000,001,445 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symnet.inf
[2010-05-04 20:46:40 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010-05-04 20:45:44 | 000,001,880 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-05-04 20:17:56 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2010-05-04 20:05:32 | 000,000,657 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\GTA San Andreas.lnk
[2010-05-03 20:41:33 | 000,000,832 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\ISO1.nri
[2010-05-03 15:07:00 | 695,396,470 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\Image.nrg
[2010-05-01 13:53:42 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010-05-01 13:53:42 | 000,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010-05-01 13:53:42 | 000,007,443 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010-05-01 13:53:42 | 000,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010-04-29 12:04:12 | 000,001,134 | -H-- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\Default.rdp
[2010-04-29 07:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\ironx86.sys
[2010-04-29 07:03:51 | 000,007,438 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\iron.cat
[2010-04-29 07:03:51 | 000,000,741 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\iron.inf

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-06-26 12:36:31 | 000,134,475 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\sjd.png
[2010-06-26 11:28:24 | 000,000,639 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\favicon.ico
[2010-06-25 22:10:47 | 000,003,174 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\minia.jpg
[2010-06-25 21:54:43 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Filo\Korea.bat
[2010-06-25 21:52:05 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Filo\Gadu-Gadu.bat
[2010-06-25 21:46:17 | 000,056,107 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\logo.jpg
[2010-06-25 21:46:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Filo\logo.jpg
[2010-06-25 21:15:09 | 000,001,051 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\plugin_adv.xml
[2010-06-25 20:48:56 | 000,004,458 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\b3.xml
[2010-06-25 20:31:54 | 000,009,151 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\plugin_admin.xml
[2010-06-25 20:31:47 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Filo\plugin_admin.xml
[2010-06-25 13:14:00 | 000,004,498 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\b3(1).xml
[2010-06-25 13:13:55 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Filo\b3.xml
[2010-06-25 12:05:27 | 000,000,895 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\plugin_adv.xml
[2010-06-25 12:05:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Filo\plugin_adv.xml
[2010-06-24 16:16:10 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\Gta San Andreas.lnk
[2010-06-21 20:57:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2010-06-21 20:56:15 | 1072,156,672 | -HS- | C] () -- C:\hiberfil.sys
[2010-06-21 20:52:42 | 000,127,254 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2010-06-21 20:51:53 | 000,018,521 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2010-06-21 20:51:11 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\smdll.dll
[2010-06-21 20:51:05 | 000,262,144 | R--- | C] () -- C:\WINDOWS\System32\HookMAp.dll
[2010-06-21 20:51:05 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\Auxiliary.dll
[2010-06-21 20:51:04 | 000,266,240 | R--- | C] () -- C:\WINDOWS\System32\HookShield.dll
[2010-06-21 20:51:04 | 000,008,883 | R--- | C] () -- C:\WINDOWS\System32\sysinfo.vxd
[2010-06-21 20:51:03 | 000,009,728 | R--- | C] () -- C:\WINDOWS\System32\sysinfoX64.sys
[2010-06-21 20:51:02 | 000,200,704 | R--- | C] () -- C:\WINDOWS\System32\WinSys.exe
[2010-06-21 20:51:02 | 000,008,192 | R--- | C] () -- C:\WINDOWS\System32\sysinfo.sys
[2010-06-21 20:51:01 | 000,208,896 | R--- | C] () -- C:\WINDOWS\System32\sw20.exe
[2010-06-21 20:51:01 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\sw24.exe
[2010-06-18 15:45:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Filo\011.jpg
[2010-06-17 11:16:56 | 009,961,055 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\hemp gru-Wyrok Ulicy.mp3
[2010-06-15 10:50:44 | 004,358,135 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\15. hemp gru - dr.joint (droga).mp31260296438_[mp3.teledyski.info].mp3
[2010-06-14 15:52:49 | 000,011,412 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\q3config.cfg
[2010-06-13 19:45:12 | 015,930,202 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\ut4_happyjumptutorial_beta3.pk3
[2010-06-12 14:24:34 | 000,100,834 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\Nowy312.ncd
[2010-06-12 14:02:14 | 000,240,097 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\office07.gif
[2010-06-12 13:17:19 | 000,077,446 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\fcdh.std
[2010-06-12 12:46:35 | 000,096,618 | -H-- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\mvstcdxx.lst
[2010-06-12 12:42:53 | 000,000,756 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\SureThing CD Labeler Deluxe Trial 5.lnk
[2010-06-12 12:33:33 | 000,001,774 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\LightScribe.lnk
[2010-06-12 12:28:50 | 000,049,233 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\Nowy45.ncd
[2010-06-12 12:25:33 | 000,040,758 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\1039_57_1256019757_ms off.jpg
[2010-06-02 09:07:36 | 006,250,624 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\Hemp_gru-sami_swoi_(feat._ka.mp3
[2010-05-26 15:24:28 | 000,000,335 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log
[2010-05-25 15:09:04 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\ChrisTV Lite.lnk
[2010-05-25 14:18:32 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\WinTV2000.lnk
[2010-05-25 14:12:18 | 000,529,978 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\Cat.DB
[2010-05-25 05:13:38 | 000,007,873 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symefa.cat
[2010-05-25 05:13:38 | 000,007,787 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symnetv.cat
[2010-05-25 05:13:38 | 000,007,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\srtspx.cat
[2010-05-25 05:13:38 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\srtsp.cat
[2010-05-25 05:13:38 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\iron.cat
[2010-05-25 05:13:38 | 000,007,425 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symds.cat
[2010-05-25 05:13:38 | 000,007,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symnet.cat
[2010-05-25 05:13:38 | 000,003,373 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symefa.inf
[2010-05-25 05:13:38 | 000,002,793 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symds.inf
[2010-05-25 05:13:38 | 000,001,473 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symnetv.inf
[2010-05-25 05:13:38 | 000,001,445 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symnet.inf
[2010-05-25 05:13:38 | 000,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\srtspx.inf
[2010-05-25 05:13:38 | 000,001,382 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\srtsp.inf
[2010-05-25 05:13:38 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\iron.inf
[2010-05-25 05:13:37 | 000,007,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\cchpx86.cat
[2010-05-25 05:13:37 | 000,001,754 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\cchpx86.inf
[2010-05-25 05:13:26 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\isolate.ini
[2010-05-24 22:55:00 | 000,019,156 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\Kopia dziejkop56.jpg.png
[2010-05-24 22:50:23 | 000,029,870 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\dziejkop56.jpg.png
[2010-05-24 22:39:38 | 000,033,009 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\haha.png
[2010-05-24 22:38:49 | 000,033,009 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\hahaje.png
[2010-05-24 22:03:53 | 000,211,471 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\tlo.PNG
[2010-05-24 21:47:41 | 000,046,493 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\tlo.jpg
[2010-05-24 21:39:35 | 000,006,199 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\php-fusion-logo.png
[2010-05-24 21:12:16 | 000,000,293 | ---- | C] () -- C:\Documents and Settings\Filo\.jupload.properties
[2010-05-24 20:47:32 | 000,389,394 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\bez tytułu.bmp
[2010-05-23 22:43:12 | 000,000,264 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\Nowy Dokument sformatowany.rtf
[2010-05-20 18:46:10 | 000,001,630 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Managed Switch Port Mapping Tool.lnk
[2010-05-19 19:57:39 | 000,000,613 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\HD Tune.lnk
[2010-05-19 19:36:54 | 000,001,778 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\HDD Regenerator.lnk
[2010-05-16 19:27:54 | 000,000,981 | ---- | C] () -- C:\Documents and Settings\Filo\Menu Start\Programy\Autostart\Dropbox.lnk
[2010-05-16 19:27:53 | 000,000,981 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\Dropbox.lnk
[2010-05-16 19:09:08 | 000,000,548 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\Total Commander.lnk
[2010-05-16 19:09:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\UC.PIF
[2010-05-16 19:09:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\RAR.PIF
[2010-05-16 19:09:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKZIP.PIF
[2010-05-16 19:09:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKUNZIP.PIF
[2010-05-16 19:09:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\NOCLOSE.PIF
[2010-05-16 19:09:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\LHA.PIF
[2010-05-16 19:09:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\ARJ.PIF
[2010-05-14 22:20:08 | 000,003,592 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\b3.xml
[2010-05-14 20:29:51 | 000,001,500 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\XAMPP Control Panel.lnk
[2010-05-14 16:01:32 | 000,004,346 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\Nowy Archiwum WinRAR-a (ZIP).zip
[2010-05-14 15:24:54 | 000,008,673 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\server.cfg
[2010-05-14 14:04:07 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-05-14 14:02:15 | 000,000,732 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Acrobat_com.lnk
[2010-05-13 14:57:00 | 000,000,916 | ---- | C] () -- C:\Documents and Settings\Filo\status.xml
[2010-05-11 19:27:15 | 000,000,879 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 5.lnk
[2010-05-10 18:38:07 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\Skrót do ioUrTded.lnk
[2010-05-10 18:33:44 | 000,011,827 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\q3config.cfg
[2010-05-10 18:30:42 | 000,000,685 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\LogMeIn Hamachi.lnk
[2010-05-08 23:05:00 | 000,001,256 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\eBay.lnk
[2010-05-06 23:24:51 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\OCCT.lnk
[2010-05-06 23:04:37 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2010-05-06 23:04:36 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2010-05-06 22:32:17 | 000,013,646 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2010-05-06 22:10:22 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010-05-06 22:08:20 | 000,207,400 | R--- | C] () -- C:\WINDOWS\GSetup.exe
[2010-05-06 22:08:20 | 000,000,010 | ---- | C] () -- C:\WINDOWS\GSetup.ini
[2010-05-06 21:49:39 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-05-06 15:35:36 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-05-06 15:30:16 | 000,000,695 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\save2pc.lnk
[2010-05-06 15:27:56 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-05-06 15:27:56 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-05-06 15:27:56 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax
[2010-05-06 15:27:55 | 000,000,727 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\save2pc Light.lnk
[2010-05-04 20:46:40 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010-05-04 20:45:44 | 000,001,880 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-05-04 20:12:21 | 000,000,834 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\Skrót do samp.lnk
[2010-05-04 20:05:32 | 000,000,657 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\GTA San Andreas.lnk
[2010-05-03 20:41:33 | 000,000,832 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\ISO1.nri
[2010-05-03 15:06:25 | 695,396,470 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\Image.nrg
[2010-05-01 13:53:42 | 000,007,443 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010-05-01 13:53:42 | 000,000,805 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010-05-01 13:53:36 | 000,001,885 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Norton AntiVirus.LNK
[2010-04-22 13:48:21 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010-04-21 14:41:15 | 000,685,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-04-14 20:14:27 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2007-06-28 18:43:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007-06-28 18:43:00 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007-06-28 18:43:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007-06-28 18:43:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007-06-28 18:43:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006-03-02 14:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2006-03-02 14:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2006-03-02 14:00:00 | 000,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[1996-04-03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

[color=#E56717]========== LOP Check ==========[/color]

[2010-06-25 20:58:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BigBrotherBot
[2010-04-15 21:29:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software
[2010-04-18 11:27:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-04-14 21:37:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe
[2010-05-12 20:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MySQL
[2010-05-20 18:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NWPS
[2010-05-19 19:38:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-06-27 11:15:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filo\Dane aplikacji\Dropbox
[2010-05-24 23:03:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filo\Dane aplikacji\Gadu-Gadu 10
[2010-06-27 11:15:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filo\Dane aplikacji\GameTracker
[2010-05-16 19:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filo\Dane aplikacji\GHISLER
[2010-05-20 18:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filo\Dane aplikacji\NWPS
[2010-05-11 19:30:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filo\Dane aplikacji\TeamViewer
[2010-06-27 11:16:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\GameTracker

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-04-14 20:08:31 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-04-14 20:01:18 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2006-03-02 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010-04-14 20:08:31 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-05-25 14:16:57 | 000,000,034 | ---- | M] () -- C:\hcwclear.txt
[2010-06-27 11:15:34 | 1072,156,672 | -HS- | M] () -- C:\hiberfil.sys
[2010-04-14 20:08:31 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-04-14 20:08:31 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2006-03-02 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2006-03-02 14:00:00 | 000,250,624 | RHS- | M] () -- C:\ntldr
[2010-06-27 11:15:33 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2006-03-02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2006-03-02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll
[2009-12-20 00:00:00 | 000,037,520 | ---- | M] (perl.org) MD5=2852D57385C4709EAAE2F9DB01AD3672 -- C:\Xampp\xampp\perl\site\lib\auto\Win32\EventLog\EventLog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2006-03-02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2006-03-02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 48 bytes -> C:\Documents and Settings\All Users\DRM:مايكروسوفت
< End of report >
[/log]

Sohei
komentarz
komentarz (edytowane)

C:\Program Files\BigBrotherBot_1.3.2---> proponuej sie tego pozbyc : >

[code]:OTL
PRC - [2006-03-02 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
O4 - HKLM..\Run: [RelevantKnowledge] C:\Program Files\RelevantKnowledge\rlvknlg.exe File not found

:files
C:\Program Files\RelevantKnowledge\rlvknlg.exe
C:\Program Files\RelevantKnowledge

:services
RelevantKnowledge

:commands
[emptytemp]
[start explorer]
[reboot]
[/code]
do otl i run fix. potem log z usuwania
Wykonaj pełny skan [url=http://dobreprogramy.pl/index.php?dz=2&id=1998][b]DR WEB CureIt[/b][/url]
Wykonaj pełny skan[url=http://www.dobreprogramy.pl/Malwarebytes-AntiMalware,Program,Windows,13117.html][b]MBAM[/b][/url]
Co znajda usun po czym daj logi z usuwania + nowy log OTL



C:\WINDOWS\System32\drivers\SYMEVENT.CAT -- przeskanuj na virustotal.
Elfbota radze wywalic z kompa gdyż prawdopodobnie on jest powodem twojej infekcji

Co do GMER to odznacz sekcje i ponow skan

  • Dobra wypowiedź 1
Filo1
komentarz
komentarz

[quote]C:\Program Files\BigBrotherBot_1.3.2---> proponuej sie tego pozbyc : >[/quote]
niestety to jest bot do mojego servera :P jest on czysty napewno
już robie loga i OTL

Usuwanie OTL [log]All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RelevantKnowledge deleted successfully.
========== FILES ==========
File\Folder C:\Program Files\RelevantKnowledge\rlvknlg.exe not found.
File\Folder C:\Program Files\RelevantKnowledge not found.
========== SERVICES/DRIVERS ==========
Error: No service named RelevantKnowledge was found to stop!
Service\Driver key RelevantKnowledge not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Filo
->Temp folder emptied: 3097925 bytes
->Temporary Internet Files folder emptied: 216243 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 100477634 bytes
->Flash cache emptied: 1209 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 131072 bytes
RecycleBin emptied: 761515 bytes

Total Files Cleaned = 100,00 mb


OTL by OldTimer - Version 3.2.7.0 log created on 06272010_140547

Files\Folders moved on Reboot...
C:\WINDOWS\temp\Perflib_Perfdata_a40.dat moved successfully.

Registry entries deleted on Reboot...
[/log]
zara wrzuce reszte

VirusTotal
[log]Antywirus Wersja Ostatnia aktualizacja Wynik
a-squared 5.0.0.26 2010.06.18 -
AhnLab-V3 2010.06.18.05 2010.06.18 -
AntiVir 8.2.2.6 2010.06.18 -
Antiy-AVL 2.0.3.7 2010.06.18 -
Authentium 5.2.0.5 2010.06.18 -
Avast 4.8.1351.0 2010.06.18 -
Avast5 5.0.332.0 2010.06.18 -
AVG 9.0.0.787 2010.06.18 -
BitDefender 7.2 2010.06.19 -
CAT-QuickHeal 10.00 2010.06.18 -
ClamAV 0.96.0.3-git 2010.06.18 -
Comodo 5146 2010.06.18 -
DrWeb 5.0.2.03300 2010.06.18 -
eSafe 7.0.17.0 2010.06.17 -
eTrust-Vet 36.1.7646 2010.06.18 -
F-Prot 4.6.1.107 2010.06.18 -
F-Secure 9.0.15370.0 2010.06.19 -
Fortinet 4.1.133.0 2010.06.18 -
GData 21 2010.06.18 -
Ikarus T3.1.1.84.0 2010.06.18 -
Jiangmin 13.0.900 2010.06.15 -
Kaspersky 7.0.0.125 2010.06.18 -
McAfee 5.400.0.1158 2010.06.19 -
McAfee-GW-Edition 2010.1 2010.06.18 -
Microsoft 1.5902 2010.06.18 -
NOD32 5208 2010.06.18 -
Norman 6.05.06 2010.06.18 -
nProtect 2010-06-18.01 2010.06.18 -
Panda 10.0.2.7 2010.06.18 -
PCTools 7.0.3.5 2010.06.18 -
Prevx 3.0 2010.06.19 -
Rising 22.52.04.04 2010.06.18 -
Sophos 4.54.0 2010.06.18 -
Sunbelt 6468 2010.06.18 -
Symantec 20101.1.0.89 2010.06.18 -
TheHacker 6.5.2.0.300 2010.06.18 -
TrendMicro 9.120.0.1004 2010.06.18 -
TrendMicro-HouseCall 9.120.0.1004 2010.06.19 -
VBA32 3.12.12.5 2010.06.18 -
ViRobot 2010.6.14.3884 2010.06.18 -
VirusBuster 5.0.27.0 2010.06.18 -
Dodatkowe informacje
File size: 124976 bytes
MD5 : 961b48b86f94d4cc8ceb483f8aa89374
SHA1 : 7f8c90127e81d5111f866d86833bd8fb1a4d2309
SHA256: 722e4d37096edbcfdface04a9bbc86b52284fa3b1ea4bd9a2bc3b7da5f0411ad
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x210A7
timedatestamp.....: 0x4A849231 (Fri Aug 14 00:22:41 2009)
machinetype.......: 0x14C (Intel I386)

( 7 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x16AFC 0x16C00 6.29 6a7f6a37cda4296aba09e4ff90f825ae
.rdata 0x18000 0x2584 0x2600 6.46 cd7828b7aecaeebf665d8fe98de29f54
.data 0x1B000 0x4C18 0x400 3.39 df5d8541796f6bb40c85c62edc108522
.edata 0x20000 0x3EB 0x400 5.20 94a255d3adf7efccce0457e0da9a8b98
INIT 0x21000 0xE18 0x1000 5.35 69666b8c0622eac48ecc31ff60416a8d
.rsrc 0x22000 0x378 0x400 2.94 e62e72f648e24fe367b50dd11ab19993
.reloc 0x23000 0x1B0E 0x1C00 6.07 c6aa6e41e86011256611494f9a2e20f1

( 2 imports )

> hal.dll: KfReleaseSpinLock, KeGetCurrentIrql, ExAcquireFastMutex, ExReleaseFastMutex, KfAcquireSpinLock
> ntoskrnl.exe: ExAllocatePoolWithTag, RtlInitUnicodeString, ExFreePoolWithTag, memcpy, wcschr, _wcsnicmp, _purecall, RtlAppendUnicodeToString, memset, KeInitializeEvent, IoDetachDevice, ZwClose, ObReferenceObjectByHandle, ZwOpenFile, NtBuildNumber, ObfDereferenceObject, MmIsAddressValid, ZwQuerySymbolicLinkObject, ZwOpenSymbolicLinkObject, ExInitializeResourceLite, ExDeleteResourceLite, ObQueryNameString, KeLeaveCriticalRegion, ExAcquireResourceSharedLite, KeEnterCriticalRegion, ExAcquireResourceExclusiveLite, ExReleaseResourceLite, RtlCompareUnicodeString, RtlAnsiStringToUnicodeString, RtlInitAnsiString, RtlFreeUnicodeString, KeWaitForSingleObject, KeSetEvent, KeDelayExecutionThread, IofCallDriver, IoBuildDeviceIoControlRequest, IoGetDeviceObjectPointer, PsTerminateSystemThread, PsCreateSystemThread, FsRtlMdlReadDev, FsRtlMdlReadCompleteDev, FsRtlPrepareMdlWriteDev, FsRtlMdlWriteCompleteDev, IoFreeIrp, IoCreateFile, KeGetCurrentThread, IoAllocateIrp, IoGetRelatedDeviceObject, ObOpenObjectByName, ZwSetInformationFile, RtlAppendUnicodeStringToString, _wcsicmp, swprintf, IoSetThreadHardErrorMode, IofCompleteRequest, RtlCopyUnicodeString, KeReleaseMutex, ProbeForWrite, ZwQueryDirectoryFile, KeTickCount, KeUnstackDetachProcess, KeStackAttachProcess, PsGetCurrentProcessId, ZwQueryInformationProcess, ZwOpenProcess, RtlPrefixUnicodeString, FsRtlDissectName, ExQueueWorkItem, PsSetLoadImageNotifyRoutine, PsSetCreateThreadNotifyRoutine, PsSetCreateProcessNotifyRoutine, MmGetSystemRoutineAddress, RtlImageNtHeader, ZwQuerySystemInformation, _stricmp, MmHighestUserAddress, ZwQueryValueKey, ZwOpenKey, IoAttachDeviceToDeviceStack, ObReferenceObjectByPointer, RtlVolumeDeviceToDosName, PsLookupProcessByProcessId, ExInterlockedPopEntrySList, ExInterlockedPushEntrySList, wcsncmp, ExDeletePagedLookasideList, ExAllocateFromPagedLookasideList, ExFreeToPagedLookasideList, ExInitializePagedLookasideList, KeNumberProcessors, ExAcquireFastMutexUnsafe, ExReleaseFastMutexUnsafe, RtlUpcaseUnicodeString, FsRtlIsNameInExpression, PsGetVersion, ZwQueryObject, ExGetPreviousMode, KeReleaseSemaphore, IoRegisterFsRegistrationChange, IoUnregisterFsRegistrationChange, ExInitializeNPagedLookasideList, IoGetCurrentProcess, IoFreeWorkItem, IoStopTimer, IoQueueWorkItem, IoAllocateWorkItem, IoStartTimer, IoInitializeTimer, MmMapIoSpace, MmGetPhysicalAddress, MmUnmapIoSpace, KeBugCheckEx, RtlUnwind, ProbeForRead, IoCreateDevice, IoCreateSymbolicLink, IoDeleteSymbolicLink, KeInitializeMutex, IoDeleteDevice

( 1 exports )

> EventObjectCreate, EventObjectDestroy, EventObjectQuery, SYMEvent_AllocOpenFileData, SYMEvent_AllocPersistentData, SYMEvent_AllocThreadData, SYMEvent_AllocVMData, SYMEvent_ExAllocatePoolWithTag, SYMEvent_FreeOpenFileData, SYMEvent_FreeProcessInformation, SYMEvent_FreeThreadData, SYMEvent_GetCurTask, SYMEvent_GetOpenFileDataPtr, SYMEvent_GetOpenFileFirstNext, SYMEvent_GetOpenFileName, SYMEvent_GetPersistentDataPtr, SYMEvent_GetProcessInformation, SYMEvent_GetSubTask, SYMEvent_GetSystemRootPathPtr, SYMEvent_GetThreadDataPtr, SYMEvent_GetVMDataPtr, SYMEvent_Get_Version, SYMEvent_IrpHandlerInstall, SYMEvent_IrpHandlerRemove, SYMEvent_LockThreadDataPtr, SYMEvent_Operation, SYMEvent_UnLockThreadDataPtr
TrID : File type identification
Win64 Executable Generic (87.2%)
Win32 Executable Generic (8.6%)
Generic Win/DOS Executable (2.0%)
DOS Executable Generic (2.0%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
ssdeep: 3072:GOeTSVXozxyscy8k0zo5uYxNRtRNRNGQX4rOJv:GOlZbkaXYxNRtRNRNGQXb
sigcheck: publisher....: Symantec Corporation
copyright....: Copyright (C) Symantec Corporation 1992-2007
product......: SYMEVENT
description..: Symantec Event Library
original name: SYMEVENT.SYS
internal name: SYMEVENT
file version.: 12.8.1.3
comments.....: n/a
signers......: Symantec Corporation
VeriSign Class 3 Code Signing 2004 CA
Class 3 Public Primary Certification Authority
signing date.: 11:06 PM 8/13/2009
verified.....: -
PEiD : -
RDS : NSRL Reference Data Set
-
[/log]

[quote]Elfbota [/quote]
co to?

nowy OTL
[log]OTL logfile created on: 2010-06-27 14:11:54 - Run 3
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Filo\Moje dokumenty\Pobieranie
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1 022,00 Mb Total Physical Memory | 253,00 Mb Available Physical Memory | 25,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 73,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 37,24 Gb Free Space | 76,28% Space Free | Partition Type: NTFS
Drive D: | 184,05 Gb Total Space | 171,47 Gb Free Space | 93,17% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FILIP
Current User Name: Filo
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-06-27 11:21:24 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Filo\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2010-06-23 23:04:31 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-05-19 10:44:14 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2010-05-19 10:38:38 | 002,736,128 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
PRC - [2010-04-15 21:04:52 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-03-30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2010-03-24 20:17:47 | 000,952,768 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
PRC - [2010-03-12 00:14:00 | 011,792,992 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2010-03-09 04:52:49 | 000,015,872 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2010-02-26 07:10:20 | 021,979,992 | ---- | M] () -- C:\Documents and Settings\Filo\Dane aplikacji\Dropbox\bin\Dropbox.exe
PRC - [2010-02-26 02:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2009-12-22 01:57:28 | 000,035,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
PRC - [2009-12-20 00:00:00 | 006,095,504 | ---- | M] (MySQL AB) -- C:\Xampp\xampp\mysql\bin\mysqld.exe
PRC - [2009-12-20 00:00:00 | 000,029,416 | ---- | M] (Apache Software Foundation) -- C:\Xampp\xampp\apache\bin\httpd.exe
PRC - [2009-12-10 11:20:06 | 001,643,872 | ---- | M] (ClanServers Hosting LLC) -- C:\Program Files\GameTracker\GSInGameService.exe
PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
PRC - [2009-06-25 08:07:40 | 017,887,232 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2009-04-30 11:23:26 | 000,090,112 | ---- | M] () -- D:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
PRC - [2008-10-24 19:27:40 | 000,069,632 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
PRC - [2008-10-24 19:21:24 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
PRC - [2008-10-14 12:07:14 | 000,274,432 | R--- | M] (France Telecom SA) -- C:\Program Files\CardDetector\ZTEMF636\CardDetector.exe
PRC - [2007-06-28 18:43:00 | 000,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2006-12-23 18:05:20 | 000,143,360 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006-12-23 18:04:42 | 000,905,216 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2006-12-23 17:54:04 | 000,262,144 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2006-05-13 21:30:40 | 000,571,392 | ---- | M] (No-IP.pl) -- C:\Program Files\No-IP Client\noipclient.exe
PRC - [2006-03-02 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2006-03-02 14:00:00 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2006-03-02 14:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2006-03-02 14:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2006-03-02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2006-03-02 14:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2006-03-02 14:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2006-03-02 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [BTHSVCS]
PRC - [2006-03-02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2006-03-02 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2005-06-11 01:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2004-10-13 18:24:37 | 001,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2004-08-11 01:45:04 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-06-27 11:21:24 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Filo\Moje dokumenty\Pobieranie\OTL.exe
MOD - [2010-03-09 04:55:54 | 000,004,608 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerHook.dll
MOD - [2007-06-28 18:43:00 | 001,474,560 | ---- | M] () -- C:\WINDOWS\system32\nview.dll
MOD - [2007-06-28 18:43:00 | 000,294,912 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwrspl.dll
MOD - [2007-06-28 18:43:00 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll
MOD - [2006-05-10 07:25:25 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2006-03-17 06:08:07 | 008,480,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2006-03-02 14:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2006-03-02 14:00:00 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2006-03-02 14:00:00 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2006-03-02 14:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2006-03-02 14:00:00 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2006-03-02 14:00:00 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2006-03-02 14:00:00 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2006-03-02 14:00:00 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2006-03-02 14:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2006-03-02 14:00:00 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2006-03-02 14:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2006-03-02 14:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2006-03-02 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2006-03-02 14:00:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2006-03-02 14:00:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2006-03-02 14:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2006-03-02 14:00:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2006-03-02 14:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2006-03-02 14:00:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2006-03-02 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2006-03-02 14:00:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2006-03-02 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2006-03-02 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2005-12-29 04:56:06 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2005-07-26 06:42:36 | 001,284,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2005-07-26 06:42:33 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2005-03-02 20:18:38 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-04-04 21:50:00 | 003,502,176 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2010-03-30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010-02-26 02:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe -- (NAV)
SRV - [2009-12-20 00:00:00 | 006,095,504 | ---- | M] (MySQL AB) [Auto | Running] -- C:\Xampp\xampp\mysql\bin\mysqld.exe -- (MySQL)
SRV - [2009-12-20 00:00:00 | 000,029,416 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Xampp\xampp\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2009-12-10 11:20:06 | 001,643,872 | ---- | M] (ClanServers Hosting LLC) [Auto | Running] -- C:\Program Files\GameTracker\GSInGameService.exe -- (GS In-Game Service)
SRV - [2009-04-30 11:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- D:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2008-10-24 19:27:40 | 000,069,632 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-06-12 12:18:53 | 001,347,504 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100626.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010-06-12 12:18:53 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010-06-12 12:18:53 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010-06-12 12:18:53 | 000,085,552 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100626.002\NAVENG.SYS -- (NAVENG)
DRV - [2010-05-28 21:33:19 | 000,331,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100625.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010-05-22 20:16:04 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100619.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010-05-06 06:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NAV\1107000.00C\SYMTDI.SYS -- (SYMTDI)
DRV - [2010-05-01 13:53:42 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010-04-29 07:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1107000.00C\Ironx86.SYS -- (SymIRON)
DRV - [2010-04-23 18:53:48 | 000,002,688 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\FortressMU\FortressMU 2010\fortressmu 2010 muguard\MuGuard\llck1.sys -- (LLRING0)
DRV - [2010-04-22 05:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1107000.00C\SYMEFA.SYS -- (SymEFA)
DRV - [2010-04-22 04:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\NAV\1107000.00C\SRTSP.SYS -- (SRTSP)
DRV - [2010-04-22 04:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1107000.00C\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010-04-21 14:41:15 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-02-26 02:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1107000.00C\ccHPx86.sys -- (ccHP)
DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009-08-30 02:17:18 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1107000.00C\SYMDS.SYS -- (SymDS)
DRV - [2009-06-29 13:59:14 | 000,142,592 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009-06-25 08:07:44 | 005,095,936 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009-06-25 08:07:40 | 001,684,736 | R--- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009-06-25 08:07:40 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2008-10-14 12:07:50 | 000,103,936 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2008-10-14 12:07:50 | 000,103,936 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmeaext.sys -- (ZTEusbnmeaext)
DRV - [2008-10-14 12:07:50 | 000,103,936 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2008-10-14 12:07:50 | 000,103,936 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2008-10-14 09:10:30 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2008-06-16 10:13:46 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2008-05-16 11:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008-05-16 11:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008-05-16 11:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008-05-16 11:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008-05-16 11:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008-05-16 11:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008-05-16 11:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2007-07-25 10:20:34 | 001,748,992 | R--- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\msicpl.dll -- (MSICPL)
DRV - [2007-06-28 18:43:00 | 006,807,328 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006-09-24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006-06-16 13:56:38 | 000,083,968 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006-03-02 14:00:00 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2005-03-02 12:44:00 | 000,465,988 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HCWBT8xx.sys -- (HCWBT8XX)
DRV - [2005-01-07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2005-01-07 17:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.pcf.pl/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pcf.pl/

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pcf.pl/

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pcf.pl/

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pcf.pl/

IE - HKU\S-1-5-21-484763869-1547161642-839522115-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pcf.pl/
IE - HKU\S-1-5-21-484763869-1547161642-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3

FF - HKLM\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\IPSFFPlgn\ [2010-05-26 14:40:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-06-24 22:58:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-06-23 23:04:35 | 000,000,000 | ---D | M]

[2010-04-14 21:40:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filo\Dane aplikacji\Mozilla\Extensions
[2010-06-26 21:51:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filo\Dane aplikacji\Mozilla\Firefox\Profiles\6ck0ha1d.default\extensions
[2010-05-06 15:36:12 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Filo\Dane aplikacji\Mozilla\Firefox\Profiles\6ck0ha1d.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010-05-06 15:22:22 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Filo\Dane aplikacji\Mozilla\Firefox\Profiles\6ck0ha1d.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010-06-26 21:51:14 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-05-04 20:46:10 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010-04-15 21:04:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-04-15 21:04:52 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-04-01 19:33:11 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-04-01 19:33:11 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-04-01 19:33:11 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-04-01 19:33:11 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-04-01 19:33:11 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-04-01 19:33:11 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2006-03-02 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (Steganos Internet Anonym) - {00000000-5736-4205-0008-f7ed0776fb27} - c:\Program Files\Steganos Internet Anonym 2006\SIA2006iep.dll ()
O3 - HKU\S-1-5-21-484763869-1547161642-839522115-1005\..\Toolbar\WebBrowser: (Steganos Internet Anonym) - {00000000-5736-4205-0008-F7ED0776FB27} - c:\Program Files\Steganos Internet Anonym 2006\SIA2006iep.dll ()
O4 - HKLM..\Run: [BEWINTERNET-PL-IEWSessionManager] D:\Orange\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [CardDetectorZTEMF636] C:\Program Files\CardDetector\ZTEMF636\CardDetector.exe (France Telecom SA)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [No-IP Client 1.42] C:\Program Files\No-IP Client\noipclient.exe (No-IP.pl)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKU\S-1-5-21-484763869-1547161642-839522115-1005..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-484763869-1547161642-839522115-1005..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-484763869-1547161642-839522115-1005..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-484763869-1547161642-839522115-1005..\Run: [GameTracker] C:\Program Files\GameTracker\GTLite.exe (ClanServers Hosting LLC)
O4 - HKU\S-1-5-21-484763869-1547161642-839522115-1005..\Run: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe ()
O4 - HKU\S-1-5-21-484763869-1547161642-839522115-1005..\Run: [Sony Ericsson PC Suite] D:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - HKU\.DEFAULT..\RunOnce: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe ()
O4 - HKU\S-1-5-18..\RunOnce: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe ()
O4 - HKU\S-1-5-20..\RunOnce: [SIA2006] C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe ()
O4 - Startup: C:\Documents and Settings\Filo\Menu Start\Programy\Autostart\Dropbox.lnk = C:\Documents and Settings\Filo\Dane aplikacji\Dropbox\bin\Dropbox.exe ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-484763869-1547161642-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Secure Surfing Engine\sselsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Secure Surfing Engine\sselsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Secure Surfing Engine\sselsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Secure Surfing Engine\sselsp.dll ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab (Java Plug-in 1.5.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-04-14 20:08:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010-04-14 20:08:08 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-06-25 20:58:49 | 000,000,000 | ---D | C] -- C:\Program Files\BigBrotherBot_1.3.2
[2010-06-25 20:58:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\BigBrotherBot
[2010-06-25 13:14:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-06-22 19:36:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010-06-21 20:51:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2010-06-21 20:51:13 | 000,130,048 | R--- | C] (www.madshi.net) -- C:\WINDOWS\System32\MadCHook.dll
[2010-06-21 20:51:04 | 000,114,688 | R--- | C] (Crystal Dew World) -- C:\WINDOWS\System32\sysinfo.dll
[2010-06-21 20:51:01 | 001,748,992 | R--- | C] (MSI) -- C:\WINDOWS\System32\msicpl.dll
[2010-06-21 15:24:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Pulpit\Nowy folder
[2010-06-21 15:23:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Pulpit\extplugins
[2010-06-16 16:16:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010-06-12 12:43:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Moje dokumenty\My SureThing Projects
[2010-06-12 12:42:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\MicroVision Applications
[2010-06-12 12:42:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SureThing Shared
[2010-06-12 12:42:40 | 000,000,000 | ---D | C] -- C:\Program Files\SureThing CD Labeler 5
[2010-05-26 15:24:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Hewlett-Packard
[2010-05-25 15:09:01 | 000,000,000 | ---D | C] -- C:\Program Files\ChrisTV Lite
[2010-05-25 14:18:31 | 000,065,536 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\hcwdlg.ocx
[2010-05-25 14:17:01 | 000,524,353 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\HCWTVWND.dll
[2010-05-25 14:17:01 | 000,077,824 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\hcwsplit.ax
[2010-05-25 14:17:01 | 000,069,632 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\hcwfread.ax
[2010-05-25 14:17:01 | 000,011,264 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\hcwhook.dll
[2010-05-25 14:17:01 | 000,000,000 | ---D | C] -- C:\MyVideos
[2010-05-25 14:17:00 | 000,465,988 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\drivers\HCWBT8xx.sys
[2010-05-25 14:17:00 | 000,393,216 | ---- | C] (Snowbound Software Corporation (www.Snowbnd.com)) -- C:\WINDOWS\System32\hcwsnbd9.dll
[2010-05-25 14:17:00 | 000,213,050 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\Hcwchan.dll
[2010-05-25 14:17:00 | 000,192,568 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\hcwpnp32.dll
[2010-05-25 14:17:00 | 000,106,559 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\Hcwtvdlg.dll
[2010-05-25 14:17:00 | 000,090,174 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\bt848wst.dll
[2010-05-25 14:17:00 | 000,086,072 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\hcwi2c32.dll
[2010-05-25 14:17:00 | 000,073,728 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\Hcwsnap.ax
[2010-05-25 14:17:00 | 000,045,056 | ---- | C] (DScaler Project, see http://www.dscaler.org/) -- C:\WINDOWS\System32\Hcwdlace.ax
[2010-05-25 14:17:00 | 000,012,288 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\btgpio32.dll
[2010-05-25 14:16:53 | 000,036,921 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\Hcwutl32.dll
[2010-05-25 14:16:53 | 000,000,000 | ---D | C] -- C:\Program Files\WinTV
[2010-05-25 05:13:38 | 000,361,904 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symtdi.sys
[2010-05-25 05:13:38 | 000,339,504 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symtdiv.sys
[2010-05-25 05:13:38 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symds.sys
[2010-05-25 05:13:38 | 000,325,680 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\srtsp.sys
[2010-05-25 05:13:38 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symefa.sys
[2010-05-25 05:13:38 | 000,116,784 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\ironx86.sys
[2010-05-25 05:13:38 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\srtspx.sys
[2010-05-25 05:13:37 | 000,501,888 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\cchpx86.sys
[2010-05-25 05:13:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NAV\1107000.00C
[2010-05-22 23:14:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010-05-20 18:46:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Dane aplikacji\NWPS
[2010-05-20 18:46:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NWPS
[2010-05-20 18:46:03 | 000,000,000 | ---D | C] -- C:\Program Files\nwps
[2010-05-19 19:57:38 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune
[2010-05-19 19:36:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-05-19 19:36:52 | 000,000,000 | ---D | C] -- C:\Program Files\HDD Regenerator
[2010-05-19 19:35:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\Downloaded Installations
[2010-05-16 19:27:53 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Filo\Moje dokumenty\My Dropbox
[2010-05-16 19:26:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Dane aplikacji\Dropbox
[2010-05-16 19:09:06 | 000,000,000 | ---D | C] -- C:\totalcmd
[2010-05-16 19:09:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Dane aplikacji\GHISLER
[2010-05-15 23:45:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010-05-14 20:03:28 | 000,000,000 | ---D | C] -- C:\Program Files\No-IP Client
[2010-05-14 14:03:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010-05-14 14:02:14 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010-05-14 14:02:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
[2010-05-14 14:02:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010-05-14 13:58:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\Adobe
[2010-05-14 13:35:28 | 000,000,000 | ---D | C] -- C:\Xampp
[2010-05-12 22:29:00 | 000,000,000 | ---D | C] -- C:\glog
[2010-05-12 22:28:52 | 000,000,000 | ---D | C] -- C:\log
[2010-05-12 20:46:57 | 000,000,000 | ---D | C] -- C:\effbot.exe
[2010-05-12 20:44:28 | 000,000,000 | ---D | C] -- C:\Program Files\MySQL
[2010-05-12 20:44:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\MySQL
[2010-05-11 22:49:03 | 000,000,000 | ---D | C] -- C:\Python27
[2010-05-11 19:27:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Dane aplikacji\TeamViewer
[2010-05-11 19:27:08 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2010-05-10 18:31:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2010-05-10 18:31:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2010-05-10 18:30:40 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2010-05-09 11:34:16 | 002,292,736 | ---- | C] (Python Software Foundation) -- C:\WINDOWS\System32\python27.dll
[2010-05-08 23:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2010-05-06 23:27:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Moje dokumenty\OCCT
[2010-05-06 23:24:48 | 000,000,000 | ---D | C] -- C:\Program Files\OCCT
[2010-05-06 23:23:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010-05-06 23:04:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2010-05-06 22:11:55 | 001,684,736 | R--- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys
[2010-05-06 22:11:46 | 000,290,816 | R--- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2010-05-06 22:11:45 | 000,122,880 | R--- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe
[2010-05-06 22:10:22 | 000,142,592 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtenicxp.sys
[2010-05-06 15:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\dwhelper
[2010-05-06 15:27:56 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid
[2010-05-06 15:27:54 | 000,000,000 | ---D | C] -- C:\Program Files\FDRLab
[2010-05-04 20:46:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Dane aplikacji\skypePM
[2010-05-04 20:46:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Dane aplikacji\Skype
[2010-05-04 20:45:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010-05-04 20:45:41 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010-05-04 20:45:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype
[2010-05-04 20:21:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Moje dokumenty\GTA San Andreas User Files
[2010-05-04 20:17:56 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2010-05-01 13:55:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Filo\Moje dokumenty\Symantec
[2010-05-01 13:53:42 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010-05-01 13:53:42 | 000,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010-05-01 13:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010-05-01 13:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010-05-01 13:53:16 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2010-05-01 13:53:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NAV
[2010-05-01 13:53:13 | 000,000,000 | ---D | C] -- C:\Program Files\Norton AntiVirus
[2010-05-01 13:53:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton
[2010-05-01 13:53:04 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010-05-01 13:53:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-06-27 14:07:44 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-06-27 14:07:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-06-27 14:07:39 | 1072,156,672 | -HS- | M] () -- C:\hiberfil.sys
[2010-06-27 14:06:28 | 003,407,872 | -H-- | M] () -- C:\Documents and Settings\Filo\NTUSER.DAT
[2010-06-27 14:05:01 | 000,000,916 | ---- | M] () -- C:\Documents and Settings\Filo\status.xml
[2010-06-27 11:40:58 | 000,004,006 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\logo2.png
[2010-06-27 11:15:40 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-06-26 23:44:14 | 002,112,400 | -H-- | M] () -- C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-06-26 12:36:53 | 000,134,475 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\sjd.png
[2010-06-26 11:28:25 | 000,000,639 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\favicon.ico
[2010-06-25 22:10:47 | 000,003,174 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\minia.jpg
[2010-06-25 21:54:43 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Filo\Korea.bat
[2010-06-25 21:52:05 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Filo\Gadu-Gadu.bat
[2010-06-25 21:46:32 | 000,056,107 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\logo.jpg
[2010-06-25 21:46:04 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Filo\logo.jpg
[2010-06-25 21:15:22 | 000,001,051 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\plugin_adv.xml
[2010-06-25 20:36:27 | 000,009,151 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\plugin_admin.xml
[2010-06-25 20:31:47 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Filo\plugin_admin.xml
[2010-06-25 14:28:46 | 000,004,458 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\b3.xml
[2010-06-25 13:14:13 | 000,004,498 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\b3(1).xml
[2010-06-25 13:13:55 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Filo\b3.xml
[2010-06-25 12:28:05 | 000,000,895 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\plugin_adv.xml
[2010-06-25 12:05:22 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Filo\plugin_adv.xml
[2010-06-25 10:51:10 | 000,013,536 | ---- | M] () -- C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-06-24 22:29:30 | 000,006,199 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\php-fusion-logo.png
[2010-06-24 16:17:05 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\Gta San Andreas.lnk
[2010-06-23 10:14:58 | 000,000,834 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\Skrót do samp.lnk
[2010-06-21 20:57:37 | 000,000,000 | ---- | M] () -- C:\WINDOWS\msicpl.ini
[2010-06-21 20:56:32 | 000,127,254 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-06-21 20:47:48 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-06-18 15:45:14 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Filo\011.jpg
[2010-06-17 15:51:08 | 004,358,135 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\15. hemp gru - dr.joint (droga).mp31260296438_[mp3.teledyski.info].mp3
[2010-06-17 15:35:58 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\Filo\default.pls
[2010-06-17 15:34:55 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-06-17 11:16:56 | 009,961,055 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\hemp gru-Wyrok Ulicy.mp3
[2010-06-16 16:04:03 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\Skrót do ioUrTded.lnk
[2010-06-14 15:52:22 | 000,011,412 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\q3config.cfg
[2010-06-13 19:54:37 | 015,930,202 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\ut4_happyjumptutorial_beta3.pk3
[2010-06-13 11:58:25 | 000,095,864 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-06-12 14:24:35 | 000,100,834 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\Nowy312.ncd
[2010-06-12 14:02:14 | 000,240,097 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\office07.gif
[2010-06-12 13:17:19 | 000,077,446 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\fcdh.std
[2010-06-12 12:46:35 | 000,096,618 | -H-- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\mvstcdxx.lst
[2010-06-12 12:42:53 | 000,000,756 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\SureThing CD Labeler Deluxe Trial 5.lnk
[2010-06-12 12:33:33 | 000,001,774 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\LightScribe.lnk
[2010-06-12 12:28:51 | 000,049,233 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\Nowy45.ncd
[2010-06-12 12:25:34 | 000,040,758 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\1039_57_1256019757_ms off.jpg
[2010-06-12 12:20:12 | 000,002,385 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart Essentials.lnk
[2010-06-12 12:20:12 | 000,002,305 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero Home Essentials SE.lnk
[2010-06-12 12:20:12 | 000,001,901 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Uaktualnienie online pakietu Nero.lnk
[2010-06-12 12:13:35 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010-06-02 09:07:36 | 006,250,624 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\Hemp_gru-sami_swoi_(feat._ka.mp3
[2010-05-26 21:03:01 | 000,529,978 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\Cat.DB
[2010-05-25 15:09:04 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\ChrisTV Lite.lnk
[2010-05-25 14:26:58 | 000,000,653 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-05-25 14:18:32 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\WinTV2000.lnk
[2010-05-25 14:13:05 | 000,001,885 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Norton AntiVirus.LNK
[2010-05-24 22:55:21 | 000,019,156 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\Kopia dziejkop56.jpg.png
[2010-05-24 22:53:35 | 000,029,870 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\dziejkop56.jpg.png
[2010-05-24 22:39:52 | 000,033,009 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\haha.png
[2010-05-24 22:38:50 | 000,033,009 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\hahaje.png
[2010-05-24 22:08:08 | 000,211,471 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\tlo.PNG
[2010-05-24 22:02:16 | 000,046,493 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\tlo.jpg
[2010-05-24 21:48:03 | 000,389,394 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\bez tytułu.bmp
[2010-05-24 21:12:43 | 000,000,293 | ---- | M] () -- C:\Documents and Settings\Filo\.jupload.properties
[2010-05-23 22:45:53 | 000,000,264 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\Nowy Dokument sformatowany.rtf
[2010-05-20 18:46:10 | 000,001,630 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Managed Switch Port Mapping Tool.lnk
[2010-05-19 19:57:39 | 000,000,613 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\HD Tune.lnk
[2010-05-19 19:36:54 | 000,001,778 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\HDD Regenerator.lnk
[2010-05-16 20:06:56 | 000,001,500 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\XAMPP Control Panel.lnk
[2010-05-16 19:27:54 | 000,000,981 | ---- | M] () -- C:\Documents and Settings\Filo\Menu Start\Programy\Autostart\Dropbox.lnk
[2010-05-16 19:27:53 | 000,000,981 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\Dropbox.lnk
[2010-05-16 19:09:08 | 000,000,548 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\Total Commander.lnk
[2010-05-15 14:27:25 | 000,001,917 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-05-15 14:27:09 | 000,945,112 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-05-15 14:27:09 | 000,436,322 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-05-15 14:27:09 | 000,380,486 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-05-15 14:27:09 | 000,067,298 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-05-15 14:27:09 | 000,052,900 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-05-14 22:00:14 | 000,003,592 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\b3.xml
[2010-05-14 16:02:01 | 000,004,346 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\Nowy Archiwum WinRAR-a (ZIP).zip
[2010-05-14 15:33:32 | 000,008,673 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\server.cfg
[2010-05-14 14:04:07 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-05-14 14:02:15 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Acrobat_com.lnk
[2010-05-14 08:36:08 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\isolate.ini
[2010-05-11 19:27:15 | 000,000,879 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 5.lnk
[2010-05-10 18:32:21 | 000,011,827 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\q3config.cfg
[2010-05-10 18:30:42 | 000,000,685 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\LogMeIn Hamachi.lnk
[2010-05-09 11:34:16 | 002,292,736 | ---- | M] (Python Software Foundation) -- C:\WINDOWS\System32\python27.dll
[2010-05-08 23:05:00 | 000,001,256 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\eBay.lnk
[2010-05-06 23:24:51 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\OCCT.lnk
[2010-05-06 23:04:37 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2010-05-06 23:04:37 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2010-05-06 22:32:14 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2010-05-06 22:08:20 | 000,000,010 | ---- | M] () -- C:\WINDOWS\GSetup.ini
[2010-05-06 15:40:56 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-05-06 15:30:16 | 000,000,695 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\save2pc.lnk
[2010-05-06 15:27:55 | 000,000,727 | ---- | M] () -- C:\Documents and Settings\Filo\Pulpit\save2pc Light.lnk
[2010-05-06 06:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symtdi.sys
[2010-05-06 06:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symtdiv.sys
[2010-05-06 06:01:43 | 000,001,473 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symnetv.inf
[2010-05-06 06:01:43 | 000,001,445 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symnet.inf
[2010-05-04 20:46:40 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010-05-04 20:45:44 | 000,001,880 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-05-04 20:17:56 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2010-05-04 20:05:32 | 000,000,657 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\GTA San Andreas.lnk
[2010-05-03 20:41:33 | 000,000,832 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\ISO1.nri
[2010-05-03 15:07:00 | 695,396,470 | ---- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\Image.nrg
[2010-05-01 13:53:42 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010-05-01 13:53:42 | 000,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010-05-01 13:53:42 | 000,007,443 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010-05-01 13:53:42 | 000,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010-04-29 12:04:12 | 000,001,134 | -H-- | M] () -- C:\Documents and Settings\Filo\Moje dokumenty\Default.rdp
[2010-04-29 07:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\ironx86.sys
[2010-04-29 07:03:51 | 000,007,438 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\iron.cat
[2010-04-29 07:03:51 | 000,000,741 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\iron.inf

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-06-27 11:34:59 | 000,004,006 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\logo2.png
[2010-06-26 12:36:31 | 000,134,475 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\sjd.png
[2010-06-26 11:28:24 | 000,000,639 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\favicon.ico
[2010-06-25 22:10:47 | 000,003,174 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\minia.jpg
[2010-06-25 21:54:43 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Filo\Korea.bat
[2010-06-25 21:52:05 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Filo\Gadu-Gadu.bat
[2010-06-25 21:46:17 | 000,056,107 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\logo.jpg
[2010-06-25 21:46:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Filo\logo.jpg
[2010-06-25 21:15:09 | 000,001,051 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\plugin_adv.xml
[2010-06-25 20:48:56 | 000,004,458 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\b3.xml
[2010-06-25 20:31:54 | 000,009,151 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\plugin_admin.xml
[2010-06-25 20:31:47 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Filo\plugin_admin.xml
[2010-06-25 13:14:00 | 000,004,498 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\b3(1).xml
[2010-06-25 13:13:55 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Filo\b3.xml
[2010-06-25 12:05:27 | 000,000,895 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\plugin_adv.xml
[2010-06-25 12:05:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Filo\plugin_adv.xml
[2010-06-24 16:16:10 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\Gta San Andreas.lnk
[2010-06-21 20:57:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2010-06-21 20:56:15 | 1072,156,672 | -HS- | C] () -- C:\hiberfil.sys
[2010-06-21 20:52:42 | 000,127,254 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2010-06-21 20:51:53 | 000,018,521 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2010-06-21 20:51:11 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\smdll.dll
[2010-06-21 20:51:05 | 000,262,144 | R--- | C] () -- C:\WINDOWS\System32\HookMAp.dll
[2010-06-21 20:51:05 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\Auxiliary.dll
[2010-06-21 20:51:04 | 000,266,240 | R--- | C] () -- C:\WINDOWS\System32\HookShield.dll
[2010-06-21 20:51:04 | 000,008,883 | R--- | C] () -- C:\WINDOWS\System32\sysinfo.vxd
[2010-06-21 20:51:03 | 000,009,728 | R--- | C] () -- C:\WINDOWS\System32\sysinfoX64.sys
[2010-06-21 20:51:02 | 000,200,704 | R--- | C] () -- C:\WINDOWS\System32\WinSys.exe
[2010-06-21 20:51:02 | 000,008,192 | R--- | C] () -- C:\WINDOWS\System32\sysinfo.sys
[2010-06-21 20:51:01 | 000,208,896 | R--- | C] () -- C:\WINDOWS\System32\sw20.exe
[2010-06-21 20:51:01 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\sw24.exe
[2010-06-18 15:45:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Filo\011.jpg
[2010-06-17 11:16:56 | 009,961,055 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\hemp gru-Wyrok Ulicy.mp3
[2010-06-15 10:50:44 | 004,358,135 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\15. hemp gru - dr.joint (droga).mp31260296438_[mp3.teledyski.info].mp3
[2010-06-14 15:52:49 | 000,011,412 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\q3config.cfg
[2010-06-13 19:45:12 | 015,930,202 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\ut4_happyjumptutorial_beta3.pk3
[2010-06-12 14:24:34 | 000,100,834 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\Nowy312.ncd
[2010-06-12 14:02:14 | 000,240,097 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\office07.gif
[2010-06-12 13:17:19 | 000,077,446 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\fcdh.std
[2010-06-12 12:46:35 | 000,096,618 | -H-- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\mvstcdxx.lst
[2010-06-12 12:42:53 | 000,000,756 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\SureThing CD Labeler Deluxe Trial 5.lnk
[2010-06-12 12:33:33 | 000,001,774 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\LightScribe.lnk
[2010-06-12 12:28:50 | 000,049,233 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\Nowy45.ncd
[2010-06-12 12:25:33 | 000,040,758 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\1039_57_1256019757_ms off.jpg
[2010-06-02 09:07:36 | 006,250,624 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\Hemp_gru-sami_swoi_(feat._ka.mp3
[2010-05-26 15:24:28 | 000,000,335 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log
[2010-05-25 15:09:04 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\ChrisTV Lite.lnk
[2010-05-25 14:18:32 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\WinTV2000.lnk
[2010-05-25 14:12:18 | 000,529,978 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\Cat.DB
[2010-05-25 05:13:38 | 000,007,873 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symefa.cat
[2010-05-25 05:13:38 | 000,007,787 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symnetv.cat
[2010-05-25 05:13:38 | 000,007,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\srtspx.cat
[2010-05-25 05:13:38 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\srtsp.cat
[2010-05-25 05:13:38 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\iron.cat
[2010-05-25 05:13:38 | 000,007,425 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symds.cat
[2010-05-25 05:13:38 | 000,007,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symnet.cat
[2010-05-25 05:13:38 | 000,003,373 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symefa.inf
[2010-05-25 05:13:38 | 000,002,793 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symds.inf
[2010-05-25 05:13:38 | 000,001,473 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symnetv.inf
[2010-05-25 05:13:38 | 000,001,445 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symnet.inf
[2010-05-25 05:13:38 | 000,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\srtspx.inf
[2010-05-25 05:13:38 | 000,001,382 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\srtsp.inf
[2010-05-25 05:13:38 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\iron.inf
[2010-05-25 05:13:37 | 000,007,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\cchpx86.cat
[2010-05-25 05:13:37 | 000,001,754 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\cchpx86.inf
[2010-05-25 05:13:26 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\isolate.ini
[2010-05-24 22:55:00 | 000,019,156 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\Kopia dziejkop56.jpg.png
[2010-05-24 22:50:23 | 000,029,870 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\dziejkop56.jpg.png
[2010-05-24 22:39:38 | 000,033,009 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\haha.png
[2010-05-24 22:38:49 | 000,033,009 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\hahaje.png
[2010-05-24 22:03:53 | 000,211,471 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\tlo.PNG
[2010-05-24 21:47:41 | 000,046,493 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\tlo.jpg
[2010-05-24 21:39:35 | 000,006,199 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\php-fusion-logo.png
[2010-05-24 21:12:16 | 000,000,293 | ---- | C] () -- C:\Documents and Settings\Filo\.jupload.properties
[2010-05-24 20:47:32 | 000,389,394 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\bez tytułu.bmp
[2010-05-23 22:43:12 | 000,000,264 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\Nowy Dokument sformatowany.rtf
[2010-05-20 18:46:10 | 000,001,630 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Managed Switch Port Mapping Tool.lnk
[2010-05-19 19:57:39 | 000,000,613 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\HD Tune.lnk
[2010-05-19 19:36:54 | 000,001,778 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\HDD Regenerator.lnk
[2010-05-16 19:27:54 | 000,000,981 | ---- | C] () -- C:\Documents and Settings\Filo\Menu Start\Programy\Autostart\Dropbox.lnk
[2010-05-16 19:27:53 | 000,000,981 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\Dropbox.lnk
[2010-05-16 19:09:08 | 000,000,548 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\Total Commander.lnk
[2010-05-16 19:09:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\UC.PIF
[2010-05-16 19:09:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\RAR.PIF
[2010-05-16 19:09:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKZIP.PIF
[2010-05-16 19:09:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKUNZIP.PIF
[2010-05-16 19:09:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\NOCLOSE.PIF
[2010-05-16 19:09:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\LHA.PIF
[2010-05-16 19:09:06 | 000,000,545 | ---- | C] () -- C:\WINDOWS\ARJ.PIF
[2010-05-14 22:20:08 | 000,003,592 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\b3.xml
[2010-05-14 20:29:51 | 000,001,500 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\XAMPP Control Panel.lnk
[2010-05-14 16:01:32 | 000,004,346 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\Nowy Archiwum WinRAR-a (ZIP).zip
[2010-05-14 15:24:54 | 000,008,673 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\server.cfg
[2010-05-14 14:04:07 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-05-14 14:02:15 | 000,000,732 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Acrobat_com.lnk
[2010-05-13 14:57:00 | 000,000,916 | ---- | C] () -- C:\Documents and Settings\Filo\status.xml
[2010-05-11 19:27:15 | 000,000,879 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 5.lnk
[2010-05-10 18:38:07 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\Skrót do ioUrTded.lnk
[2010-05-10 18:33:44 | 000,011,827 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\q3config.cfg
[2010-05-10 18:30:42 | 000,000,685 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\LogMeIn Hamachi.lnk
[2010-05-08 23:05:00 | 000,001,256 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\eBay.lnk
[2010-05-06 23:24:51 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\OCCT.lnk
[2010-05-06 23:04:37 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2010-05-06 23:04:36 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2010-05-06 22:32:17 | 000,013,646 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2010-05-06 22:10:22 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010-05-06 22:08:20 | 000,207,400 | R--- | C] () -- C:\WINDOWS\GSetup.exe
[2010-05-06 22:08:20 | 000,000,010 | ---- | C] () -- C:\WINDOWS\GSetup.ini
[2010-05-06 21:49:39 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-05-06 15:35:36 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Filo\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-05-06 15:30:16 | 000,000,695 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\save2pc.lnk
[2010-05-06 15:27:56 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-05-06 15:27:56 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-05-06 15:27:56 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax
[2010-05-06 15:27:55 | 000,000,727 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\save2pc Light.lnk
[2010-05-04 20:46:40 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010-05-04 20:45:44 | 000,001,880 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-05-04 20:12:21 | 000,000,834 | ---- | C] () -- C:\Documents and Settings\Filo\Pulpit\Skrót do samp.lnk
[2010-05-04 20:05:32 | 000,000,657 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\GTA San Andreas.lnk
[2010-05-03 20:41:33 | 000,000,832 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\ISO1.nri
[2010-05-03 15:06:25 | 695,396,470 | ---- | C] () -- C:\Documents and Settings\Filo\Moje dokumenty\Image.nrg
[2010-05-01 13:53:42 | 000,007,443 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010-05-01 13:53:42 | 000,000,805 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010-05-01 13:53:36 | 000,001,885 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Norton AntiVirus.LNK
[2010-04-22 13:48:21 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010-04-21 14:41:15 | 000,685,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-04-14 20:14:27 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2007-06-28 18:43:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007-06-28 18:43:00 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007-06-28 18:43:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007-06-28 18:43:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007-06-28 18:43:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006-03-02 14:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2006-03-02 14:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2006-03-02 14:00:00 | 000,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[1996-04-03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

[color=#E56717]========== LOP Check ==========[/color]

[2010-06-25 20:58:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BigBrotherBot
[2010-04-15 21:29:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software
[2010-04-18 11:27:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-04-14 21:37:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe
[2010-05-12 20:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MySQL
[2010-05-20 18:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NWPS
[2010-05-19 19:38:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-06-27 14:08:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filo\Dane aplikacji\Dropbox
[2010-05-24 23:03:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filo\Dane aplikacji\Gadu-Gadu 10
[2010-06-27 14:08:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filo\Dane aplikacji\GameTracker
[2010-05-16 19:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filo\Dane aplikacji\GHISLER
[2010-05-20 18:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filo\Dane aplikacji\NWPS
[2010-05-11 19:30:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Filo\Dane aplikacji\TeamViewer
[2010-06-27 14:07:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\GameTracker

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-04-14 20:08:31 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-04-14 20:01:18 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2006-03-02 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010-04-14 20:08:31 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-05-25 14:16:57 | 000,000,034 | ---- | M] () -- C:\hcwclear.txt
[2010-06-27 14:07:39 | 1072,156,672 | -HS- | M] () -- C:\hiberfil.sys
[2010-04-14 20:08:31 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-04-14 20:08:31 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2006-03-02 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2006-03-02 14:00:00 | 000,250,624 | RHS- | M] () -- C:\ntldr
[2010-06-27 14:07:39 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2006-03-02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2006-03-02 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2006-03-02 14:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2006-03-02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll
[2009-12-20 00:00:00 | 000,037,520 | ---- | M] (perl.org) MD5=2852D57385C4709EAAE2F9DB01AD3672 -- C:\Xampp\xampp\perl\site\lib\auto\Win32\EventLog\EventLog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2006-03-02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2006-03-02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 48 bytes -> C:\Documents and Settings\All Users\DRM:مايكروسوفت
< End of report >
[/log]

Sohei
komentarz
komentarz

C:\effbot.exe to tez do wywalenia chyba ze to znasz.
Poprosze skany z programow z mojego ostaniego posta

  • Dobra wypowiedź 1
Filo1
komentarz
komentarz

MBAM
[log]Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Wersja bazy: 4052

Windows 5.1.2600 Dodatek Service Pack 2
Internet Explorer 6.0.2900.2180

2010-06-27 14:52:35
mbam-log-2010-06-27 (14-52-35).txt

Typ skanowania: Pełne skanowanie (C:\|D:\|)
Przeskanowano obiektów: 191411
Upłynęło: 28 minut(y), 33 sekund(y)

Zainfekowanych procesów w pamięci: 0
Zainfekowanych modułów w pamięci: 0
Zainfekowanych kluczy rejestru: 1
Zainfekowanych wartości rejestru: 0
Zainfekowane informacje rejestru systemowego: 0
Zainfekowanych folderów: 1
Zainfekowanych plików: 4

Zainfekowanych procesów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych modułów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych kluczy rejestru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (Adware.RelevantKnowledge) -> No action taken.

Zainfekowanych wartości rejestru:
(Nie znaleziono zagrożeń)

Zainfekowane informacje rejestru systemowego:
(Nie znaleziono zagrożeń)

Zainfekowanych folderów:
C:\Documents and Settings\All Users\Menu Start\Programy\RelevantKnowledge (Spyware.MarketScore) -> No action taken.

Zainfekowanych plików:
C:\Documents and Settings\All Users\Menu Start\Programy\RelevantKnowledge\About RelevantKnowledge.lnk (Spyware.MarketScore) -> No action taken.
C:\Documents and Settings\All Users\Menu Start\Programy\RelevantKnowledge\Privacy Policy and User License Agreement.lnk (Spyware.MarketScore) -> No action taken.
C:\Documents and Settings\All Users\Menu Start\Programy\RelevantKnowledge\Support.lnk (Spyware.MarketScore) -> No action taken.
C:\Documents and Settings\All Users\Menu Start\Programy\RelevantKnowledge\Uninstall Instructions.lnk (Spyware.MarketScore) -> No action taken.
[/log]
wlasnie się skończyło

Gość
komentarz
komentarz

USUŃ TO CO ZNALAZŁ MBAM

to wszystko.

  • Dobra wypowiedź 1
Filo1
komentarz
komentarz

usunąłem od razu ten 1 program nic nie wykrył
CO Dalej?

Gość
komentarz
komentarz

no chyba nic.
czy polepszyło sie?

  • Dobra wypowiedź 1
Filo1
komentarz
komentarz

tak oczywiście
bo objawy to tylko dziwnie myszka i klawiatura w grze reagowała a wcześniej tak nie miałem
Dzięki wam wszystkim za pomoc :D
Temat uważam za rozwiązany : P Po plusiku dla każdego :D

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.