x-kom hosting

Błąd winlogon.exe i wirus TR/CryptXPACK.Gen2

darayavahus
utworzono
utworzono (edytowane)

Komputer po normalnym i awaryjnym włączaniu cały czas się restartował zaraz po zalogowaniu na koncie. Włączyłem kompa za pomocą opcji przywroc ostatnie dobre ustawienia. Przeskanowałem system szybkim i pełnym skanowaniem MAlwarebytes'. Na szybkim wykrył dwie infekcje (Backdoor.Bot), usunąłem. Na pełnym skanowaniu nic nie wykrył. Co ważne, przed rozpoczęciem skanowania maware (szybkim) włączał się komunikat "winlogon.exe" błąd aplikacji. Dodatkwowo avira nieustannie skanowała informując o wykryciu TR/CryptXPACK.Gen2 w katalogu C:/ProgramFiles/InternetExplorer/iexplorer.exe. Wyłączyłem avirę. W razie potrzeby umieszczę logi z Malware. Skanowanie OTL wykonałem po zakończeniu Malware. Po restarcie i próbie włączenia w normalnym trybie pojawił się niebieski ekran (po zalogowaniu, przez chwilę normalny ekran) i znowu restart. Obecnie włączyłem na przywróceniu do ostatniej konfiguracji. Proszę o sprawdzenie logów i w razie czego infomrcję o kolejnych krokach.

Log OTL
[log]OTL logfile created on: 2010-07-29 20:16:47 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\darek\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

511,00 Mb Total Physical Memory | 155,00 Mb Available Physical Memory | 30,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,65 Gb Total Space | 6,05 Gb Free Space | 41,31% Space Free | Partition Type: NTFS
Drive D: | 58,59 Gb Total Space | 35,72 Gb Free Space | 60,96% Space Free | Partition Type: NTFS
Drive E: | 29,29 Gb Total Space | 18,15 Gb Free Space | 61,95% Space Free | Partition Type: NTFS
Drive F: | 9,25 Gb Total Space | 2,82 Gb Free Space | 30,45% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME-DBNCR7L8CR
Current User Name: darek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-07-29 19:27:58 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\darek\Pulpit\OTL.exe
PRC - [2010-04-14 23:53:35 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-04-01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010-03-02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-02-24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010-01-14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009-08-06 20:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
PRC - [2009-03-08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 19:21:43 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HTTPFILTER]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 19:21:42 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 19:21:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 19:21:10 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 19:21:10 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 19:21:02 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-09-20 09:51:46 | 000,853,288 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
PRC - [2006-07-13 13:33:38 | 000,057,344 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
PRC - [2006-07-13 13:33:14 | 000,053,248 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
PRC - [2006-04-18 01:42:14 | 000,311,296 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\LEXBCES.EXE
PRC - [2006-04-18 01:41:24 | 000,174,592 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\LEXPPS.EXE
PRC - [2004-09-29 02:16:44 | 000,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2004-06-17 11:37:42 | 000,507,904 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-07-29 19:27:58 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\darek\Pulpit\OTL.exe
MOD - [2009-12-08 11:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 16:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-03-21 16:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 12:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-06-17 21:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 23:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 19:21:56 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 19:20:57 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 19:20:57 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 19:20:56 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 19:20:56 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 19:20:56 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 19:20:56 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 19:20:45 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 19:20:44 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 19:20:44 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 19:20:44 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 19:20:44 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 19:20:41 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 19:20:39 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 19:20:36 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 19:20:32 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 19:20:14 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 19:20:13 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 19:20:11 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 19:19:59 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008-04-14 19:16:32 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 19:12:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime
MOD - [2008-04-14 18:59:08 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2006-05-03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010-04-01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010-02-24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010-01-15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | Auto | Stopped] -- E:\PROGRA~1\DAP\SPEEDB~1\sbbotdi.sys -- (sbbotdi)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\axvdkbus.sys -- (axvdkbus)
DRV - [2010-03-13 21:51:29 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010-03-13 21:51:28 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010-03-01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010-02-16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009-07-09 15:43:00 | 000,030,720 | ---- | M] (ZTEIC Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ztpppoe.sys -- (ZTPPPOE) WAN Miniport (PPP over Ethernet Protocol)
DRV - [2009-05-11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009-05-11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008-10-17 21:45:39 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008-04-13 20:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008-04-13 20:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2006-08-28 23:54:56 | 000,010,664 | ---- | M] (Applied Networking Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gan_adapter.sys -- (hamachi_oem)
DRV - [2006-07-05 14:46:06 | 000,063,352 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01a.sys -- (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a)
DRV - [2006-06-14 16:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005-11-05 18:30:35 | 000,068,960 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Pcatip.sys -- (Pcatip)
DRV - [2004-09-29 02:22:22 | 000,800,256 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004-08-04 07:31:32 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2004-08-02 15:09:18 | 000,635,281 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004-06-03 04:40:50 | 000,068,224 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nvraid.sys -- (nvraid) NVIDIA NForce(tm)
DRV - [2004-06-03 04:40:46 | 000,079,360 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2004-05-17 08:00:54 | 000,012,928 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2004-05-17 08:00:52 | 000,033,280 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2004-02-24 05:08:52 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2004-02-07 12:20:58 | 000,030,208 | ---- | M] (Karalon) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Kar.sys -- (KAR)
DRV - [2003-12-30 08:38:52 | 000,028,080 | ---- | M] (Ahead Software AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\incdrm.sys -- (incdrm)
DRV - [2003-12-16 18:13:02 | 000,034,297 | ---- | M] (Generic) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StMp3Rec.sys -- (StMp3Rec)
DRV - [2003-10-29 07:02:00 | 000,021,120 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2003-10-10 16:06:26 | 000,062,720 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2003-10-10 15:06:24 | 000,052,128 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003-09-06 14:27:06 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003-04-15 11:16:48 | 000,008,236 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Program Files\Gigabyte\Gigabyte Windows Utility Manager\MARKFUN.W32 -- (MarkFun_NT)
DRV - [2001-08-17 23:55:58 | 000,012,032 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ws2ifsl.sys -- (WS2IFSL)
DRV - [2001-08-17 23:54:18 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001-08-17 23:54:18 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1844237615-527237240-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1844237615-527237240-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1844237615-527237240-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pajacyk.pl/
IE - HKU\S-1-5-21-1844237615-527237240-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1844237615-527237240-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.interia.pl/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {991A772A-BA13-4c1d-A9EF-F897F31DEC7D}:3.1
FF - prefs.js..extensions.enabledItems: {9CE11043-9A15-4207-A565-0C94C42D590D}:2.0
FF - prefs.js..extensions.enabledItems: redshift_V2@shift-themes.com:2.95
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=utf-8&fr=megaup&p="

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-07-06 00:19:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-07-06 00:19:01 | 000,000,000 | ---D | M]

[2008-09-02 14:27:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Mozilla\Extensions
[2010-07-20 20:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Mozilla\Firefox\Profiles\jxmae4cv.default\extensions
[2009-12-22 20:55:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\darek\Dane aplikacji\Mozilla\Firefox\Profiles\jxmae4cv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-07-13 19:32:33 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\darek\Dane aplikacji\Mozilla\Firefox\Profiles\jxmae4cv.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2007-09-06 00:07:32 | 000,000,000 | ---D | M] (Mega Manager Integration) -- C:\Documents and Settings\darek\Dane aplikacji\Mozilla\Firefox\Profiles\jxmae4cv.default\extensions\{40a1f5d7-afc2-498f-b264-02668d616ff6}
[2007-12-02 18:02:55 | 000,000,000 | ---D | M] (Aquatint Black) -- C:\Documents and Settings\darek\Dane aplikacji\Mozilla\Firefox\Profiles\jxmae4cv.default\extensions\{526fd696-27a0-11dc-8314-0800200c9a66}
[2008-08-01 08:16:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\darek\Dane aplikacji\Mozilla\Firefox\Profiles\jxmae4cv.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D}
[2009-02-15 22:32:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Mozilla\Firefox\Profiles\jxmae4cv.default\extensions\redshift_V2@shift-themes.com
[2007-11-14 15:43:12 | 000,000,276 | ---- | M] () -- C:\Documents and Settings\darek\Dane aplikacji\Mozilla\Firefox\Profiles\jxmae4cv.default\searchplugins\search.xml
[2010-07-20 20:00:06 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2006-12-17 17:26:09 | 000,000,000 | ---D | M] (New.net Quick! Search) -- C:\Program Files\Mozilla Firefox\extensions\{AF8637B0-18E3-44D3-86B7-55E09D9C4261}
[2010-03-16 13:57:46 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll
[2010-06-13 17:12:45 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-06-13 17:12:45 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-06-13 17:12:45 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-06-13 17:12:45 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-06-13 17:12:45 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-06-13 17:12:45 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-07-20 01:31:10 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
O2 - BHO: (no name) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - No CLSID value found.
O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O3 - HKU\S-1-5-21-1844237615-527237240-839522115-1003\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1844237615-527237240-839522115-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1844237615-527237240-839522115-1003\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Lexmark 1200 Series] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe (Ralink Technology, Corp.)
O4 - Startup: C:\Documents and Settings\darek\Menu Start\Programy\Autostart\Last.fm Helper.lnk = F:\Last.fm\LastFMHelper.exe File not found
O4 - Startup: C:\Documents and Settings\darek\Menu Start\Programy\Autostart\MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1844237615-527237240-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1844237615-527237240-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1844237615-527237240-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1844237615-527237240-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O12 - Plugin for: .IE5 - Reg Error: Value error. File not found
O15 - HKU\S-1-5-21-1844237615-527237240-839522115-1003\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540001} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\darek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\darek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002-11-01 14:07:08 | 000,090,112 | ---- | M] (Ulead Systems, Inc.) - C:\autoenh.dll -- [ NTFS ]
O32 - AutoRun File - [2005-01-29 21:52:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002-11-01 15:25:20 | 000,106,496 | ---- | M] (Ulead Systems, Inc.) - C:\AutoRen.dll -- [ NTFS ]
O32 - AutoRun File - [2002-11-03 01:43:00 | 000,020,043 | ---- | M] () - C:\AutoRen.hlp -- [ NTFS ]
O32 - AutoRun File - [2002-11-01 15:25:30 | 000,036,864 | ---- | M] (Ulead Systems, Inc.) - C:\AutoRen_RES.DLL -- [ NTFS ]
O32 - AutoRun File - [2010-05-17 15:44:55 | 000,000,000 | ---D | M] - D:\AutoCad -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - Services: "AntiVirService"
MsConfig - Services: "AntiVirScheduler"
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-07-29 19:27:56 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\darek\Pulpit\OTL.exe
[2010-07-29 19:03:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\darek\Dane aplikacji\Avira
[2010-07-29 19:01:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\darek\Recent
[2010-07-27 01:55:53 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010-07-27 01:55:52 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010-07-27 01:55:52 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010-07-27 01:55:52 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010-07-27 01:55:52 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010-07-27 01:55:50 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010-07-27 01:55:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Avira
[2010-07-20 17:34:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\darek\Dane aplikacji\Malwarebytes
[2010-07-20 17:33:51 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-07-20 17:33:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-07-20 17:33:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-07-20 17:33:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2010-07-19 22:01:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010-07-17 16:35:12 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010-07-17 15:49:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Ahead
[2010-07-17 15:30:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-07-17 15:30:16 | 000,000,000 | ---D | C] -- C:\Program Files\JRTwine Software
[2010-07-17 15:30:15 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{93F12E73-5AED-46C1-AE84-4E311A4255D1}
[2010-07-15 16:44:20 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010-07-12 09:46:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\McAfee
[2010-07-06 12:21:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Adobe
[2010-07-01 20:28:30 | 000,000,000 | ---D | C] -- C:\Program Files\Ganymede
[2010-06-11 13:45:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\darek\Ustawienia lokalne\Dane aplikacji\PCHealth
[2010-06-10 23:59:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\darek\Dane aplikacji\InstallShield
[2010-06-09 16:18:00 | 000,030,720 | ---- | C] (ZTEIC Corporation) -- C:\WINDOWS\System32\drivers\ztpppoe.sys
[2010-06-09 16:17:59 | 000,030,720 | ---- | C] (ZTEIC Corporation) -- C:\WINDOWS\System32\ztpppoe.sys
[2010-06-09 16:17:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System\catroot
[2010-06-09 16:17:56 | 000,000,000 | ---D | C] -- C:\Program Files\ZTE
[2005-01-29 22:08:17 | 000,163,840 | R--- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-07-29 19:27:58 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\darek\Pulpit\OTL.exe
[2010-07-29 18:32:01 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{EE54A468-2675-4B62-A06E-A5AA217749BB}.job
[2010-07-29 18:27:06 | 000,000,374 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2010-07-29 18:26:25 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-07-29 18:26:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-07-29 18:26:18 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2010-07-29 18:23:33 | 014,680,064 | ---- | M] () -- C:\Documents and Settings\darek\ntuser.dat
[2010-07-29 04:17:03 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\darek\ntuser.ini
[2010-07-29 04:15:31 | 002,107,070 | -H-- | M] () -- C:\Documents and Settings\darek\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-07-29 01:50:25 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-07-29 01:50:23 | 000,145,920 | ---- | M] () -- C:\Documents and Settings\darek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-07-28 15:56:21 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-07-28 03:40:58 | 000,000,372 | ---- | M] () -- C:\Documents and Settings\darek\Moje dokumenty\spider.sav
[2010-07-27 01:56:09 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Avira AntiVir Control Center.lnk
[2010-07-26 15:53:57 | 000,000,578 | ---- | M] () -- C:\Documents and Settings\darek\Pulpit\Skrót do spider.lnk
[2010-07-21 14:14:58 | 000,173,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-07-20 17:33:54 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-07-20 17:32:21 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\darek\Pulpit\CCleaner.lnk
[2010-07-20 01:31:16 | 000,000,254 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-07-20 01:31:10 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010-07-19 22:24:10 | 000,001,039 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-07-19 22:24:10 | 000,000,351 | RHS- | M] () -- C:\boot.ini
[2010-07-19 21:04:38 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-07-17 23:17:52 | 000,000,483 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Barbarian Invasion.lnk
[2010-07-17 23:17:51 | 000,000,466 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Rome - Total War.lnk
[2010-07-12 09:46:03 | 000,001,619 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\McAfee Security Scan Plus.lnk
[2010-07-10 14:47:23 | 000,000,290 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2010-07-05 23:52:51 | 000,000,351 | ---- | M] () -- C:\Boot.bak
[2010-07-01 16:53:53 | 000,036,560 | ---- | M] () -- C:\Documents and Settings\darek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-06-28 10:16:18 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2010-06-25 23:04:36 | 001,140,782 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-06-25 23:04:36 | 000,524,388 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-06-25 23:04:36 | 000,464,984 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-06-25 23:04:36 | 000,099,112 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-06-25 23:04:36 | 000,080,818 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-06-09 16:18:00 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\darek\Pulpit\EasyDialer .lnk
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-07-29 18:23:03 | 536,399,872 | -HS- | C] () -- C:\hiberfil.sys
[2010-07-27 01:56:09 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Avira AntiVir Control Center.lnk
[2010-07-26 15:53:57 | 000,000,578 | ---- | C] () -- C:\Documents and Settings\darek\Pulpit\Skrót do spider.lnk
[2010-07-26 15:52:42 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010-07-20 17:33:54 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-07-20 17:32:21 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\darek\Pulpit\CCleaner.lnk
[2010-07-19 21:04:38 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-07-17 23:17:52 | 000,000,483 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Barbarian Invasion.lnk
[2010-07-17 23:17:51 | 000,000,466 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Rome - Total War.lnk
[2010-07-10 02:12:58 | 000,001,619 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\McAfee Security Scan Plus.lnk
[2010-07-05 23:52:48 | 000,262,400 | ---- | C] () -- C:\cmldr
[2010-07-05 23:48:16 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010-07-05 23:48:15 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010-06-09 16:18:00 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\darek\Pulpit\EasyDialer .lnk
[2010-06-09 16:17:58 | 000,389,120 | ---- | C] () -- C:\WINDOWS\System32\actskn43.ocx
[2010-03-13 21:51:29 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010-03-13 21:51:28 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009-10-26 17:07:37 | 000,000,741 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2009-08-16 22:13:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ssakibkm.ini
[2009-08-16 22:08:04 | 000,000,340 | ---- | C] () -- C:\WINDOWS\ssaki.ini
[2009-05-16 11:46:06 | 000,000,092 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2009-05-16 11:45:57 | 000,000,290 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2009-05-16 11:45:34 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll
[2009-05-16 11:44:48 | 000,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini
[2008-10-17 21:45:39 | 000,685,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008-04-09 20:14:19 | 000,000,065 | ---- | C] () -- C:\WINDOWS\LIVING~1.ini
[2008-04-09 00:38:09 | 000,000,004 | RHS- | C] () -- C:\WINDOWS\ab3pctm.dll
[2008-01-21 03:56:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\kspinet.INI
[2007-12-31 21:54:48 | 000,000,157 | ---- | C] () -- C:\WINDOWS\disney.ini
[2007-12-31 21:54:35 | 000,000,189 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2007-10-07 16:52:29 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007-09-05 17:43:22 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2007-09-05 17:43:22 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2007-09-05 17:43:21 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2007-09-05 17:43:21 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2007-09-02 20:56:30 | 000,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
[2007-05-28 18:13:09 | 000,003,766 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007-05-10 20:37:11 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2007-05-10 10:09:30 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\352CAC20D7.sys
[2007-04-03 18:54:36 | 000,729,088 | ---- | C] () -- C:\WINDOWS\System32\ympg.dll
[2007-04-03 18:53:56 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\ympgcdc.dll
[2006-08-26 18:16:39 | 000,000,004 | ---- | C] () -- C:\WINDOWS\todo.sys
[2006-08-12 18:27:33 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2006-05-26 20:59:02 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\APmpg4v1.dll
[2006-02-25 17:09:28 | 000,000,071 | ---- | C] () -- C:\WINDOWS\pex.INI
[2006-02-25 17:05:35 | 000,000,352 | ---- | C] () -- C:\WINDOWS\ULead32.ini
[2006-02-16 15:49:56 | 000,000,085 | ---- | C] () -- C:\WINDOWS\E-Res-Q.ini
[2006-02-04 20:47:30 | 000,000,083 | ---- | C] () -- C:\WINDOWS\WWP.INI
[2006-02-03 20:39:56 | 000,000,147 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005-12-16 09:22:31 | 000,000,530 | ---- | C] () -- C:\WINDOWS\EEPwnPl.ini
[2005-11-22 00:22:11 | 000,000,083 | ---- | C] () -- C:\WINDOWS\TBPlugin.INI
[2005-11-22 00:22:11 | 000,000,059 | ---- | C] () -- C:\WINDOWS\avconfig.ini
[2005-11-19 23:19:26 | 000,006,850 | R--- | C] () -- C:\WINDOWS\Disktool.INI
[2005-11-19 23:19:26 | 000,005,633 | R--- | C] () -- C:\WINDOWS\fwupgrade.ini
[2005-11-19 23:19:26 | 000,003,677 | R--- | C] () -- C:\WINDOWS\PlaySnd.INI
[2005-11-05 12:03:36 | 000,000,067 | ---- | C] () -- C:\WINDOWS\ASYM.INI
[2005-11-05 12:03:36 | 000,000,024 | ---- | C] () -- C:\WINDOWS\MTB40.INI
[2005-10-14 11:56:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2005-07-18 22:44:45 | 000,000,173 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2005-07-11 16:11:20 | 000,000,083 | ---- | C] () -- C:\WINDOWS\wa.INI
[2005-06-15 18:14:58 | 000,002,996 | ---- | C] () -- C:\WINDOWS\tlknw3.ini
[2005-06-15 15:41:58 | 000,000,204 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2005-04-28 06:22:34 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005-04-28 06:22:34 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005-03-16 00:48:19 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\sh33w32.dll
[2005-03-16 00:43:38 | 000,000,014 | ---- | C] () -- C:\WINDOWS\pagesuit.ini
[2005-03-16 00:43:02 | 000,000,012 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2005-03-16 00:43:02 | 000,000,007 | ---- | C] () -- C:\WINDOWS\BCR.INI
[2005-03-16 00:38:43 | 000,000,118 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005-03-13 20:11:49 | 000,001,378 | ---- | C] () -- C:\WINDOWS\ATICIM.INI
[2005-03-13 19:55:32 | 000,001,155 | ---- | C] () -- C:\WINDOWS\VPlayer.INI
[2005-03-11 23:27:16 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2005-02-16 21:10:49 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ungwum.dll
[2005-01-31 16:25:08 | 000,001,150 | ---- | C] () -- C:\WINDOWS\wbocx.ini
[2005-01-29 22:26:37 | 000,000,526 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005-01-29 22:15:02 | 000,000,155 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2005-01-29 22:10:20 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005-01-29 22:04:33 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2005-01-29 22:04:31 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2003-11-13 15:28:02 | 000,012,570 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2003-11-13 15:28:02 | 000,012,570 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2003-04-08 12:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002-05-04 16:19:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\avisynthEx.dll
[2002-03-26 21:18:28 | 000,091,136 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
[2002-03-21 13:51:52 | 000,503,808 | R--- | C] () -- C:\WINDOWS\System32\lt_xtrans.dll
[2002-03-21 13:51:52 | 000,286,720 | R--- | C] () -- C:\WINDOWS\System32\MrSIDD.dll
[2002-03-21 13:51:52 | 000,163,840 | R--- | C] () -- C:\WINDOWS\System32\lt_common.dll
[2002-03-21 13:51:52 | 000,126,976 | R--- | C] () -- C:\WINDOWS\System32\lt_trans.dll
[2002-03-21 13:51:52 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\lt_meta.dll
[2002-03-21 13:51:52 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\lt_encrypt.dll
[2002-03-21 13:51:52 | 000,020,480 | R--- | C] () -- C:\WINDOWS\System32\lt_messagetext.dll
[2002-03-20 22:01:06 | 000,006,688 | R--- | C] () -- C:\WINDOWS\System32\Digita.sys
[2002-03-20 22:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportUSB.dll
[2002-03-20 22:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportSerial.dll
[2002-03-20 22:00:18 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportIrDA.dll
[2002-03-20 22:00:18 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportIrCOMM.dll
[2002-01-20 14:26:36 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\SimpleResize.dll
[2001-08-17 23:55:58 | 000,012,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\ws2ifsl.sys

[color=#E56717]========== LOP Check ==========[/color]

[2007-02-20 23:09:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ACD Systems
[2007-12-31 21:54:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Disney Interactive
[2010-04-02 10:09:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-05-20 21:41:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-01-21 00:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-01-27 01:48:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Solidshield
[2010-07-17 15:30:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2006-04-08 17:01:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems
[2010-07-17 15:30:17 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{93F12E73-5AED-46C1-AE84-4E311A4255D1}
[2008-10-10 15:33:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\acccore
[2005-02-16 23:48:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Acclaim Entertainment
[2008-06-06 13:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\ACD Systems
[2007-07-19 14:43:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Ankh
[2007-03-07 03:01:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Azureus
[2008-01-14 18:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\CDBurnerXPP
[2005-01-30 13:44:52 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Chromeflower
[2008-07-04 18:53:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\CopyToDvd
[2007-07-26 08:20:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Disney Interactive Studios
[2007-03-07 16:04:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\DMCache
[2008-05-08 23:48:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Fraunhofer
[2007-08-27 18:42:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Gadu-Gadu
[2010-05-13 22:08:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Gadu-Gadu 10
[2010-07-01 20:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\GanymedeNet
[2007-02-26 13:13:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\IDM
[2010-01-30 19:57:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Imperium Romanum
[2010-07-17 15:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\ipla
[2007-06-16 14:30:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Leadertech
[2007-09-02 15:51:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Megaupload
[2009-12-15 17:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Nowe Gadu-Gadu
[2009-09-19 19:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\OpenFM
[2007-10-11 23:34:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\OpenOffice.ux.pl2
[2005-01-29 22:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Opera
[2007-10-11 23:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\phonostar-Player
[2005-11-12 22:23:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Registry Cleaner
[2007-10-07 16:55:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Samsung
[2008-08-11 22:28:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Summer Athletics 2008
[2006-04-20 00:01:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Tlen.pl
[2006-02-25 17:09:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Ulead Systems
[2009-07-29 22:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\uTorrent
[2009-06-18 14:23:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Vso
[2006-07-28 09:42:35 | 000,000,738 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2010-07-29 18:32:01 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{EE54A468-2675-4B62-A06E-A5AA217749BB}.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2004-08-04 01:00:14 | 000,262,400 | R--- | M] () -- C:\$LDR$
[2005-02-17 01:38:12 | 000,000,004 | RHS- | M] () -- C:\ab3pctm.sys
[2003-02-27 19:51:08 | 000,073,794 | ---- | M] (Ulead Systems, Inc.) -- C:\AddStamp.dll
[2006-04-08 16:59:17 | 000,008,628 | -H-- | M] () -- C:\AddStamp.GID
[2002-10-01 17:28:40 | 000,011,671 | ---- | M] () -- C:\AddStamp.hlp
[2002-11-01 15:24:50 | 000,032,768 | ---- | M] (Ulead Systems, Inc.) -- C:\AddStamp_res.dll
[2002-10-01 18:08:20 | 000,025,582 | ---- | M] () -- C:\ADJUSTIMAGE.HLP
[2002-11-01 14:06:48 | 000,032,768 | ---- | M] (Ulead Systems, Inc.) -- C:\Aefilter.dll
[2010-07-01 22:17:39 | 000,000,000 | ---- | M] () -- C:\AILog.txt
[2006-07-31 12:57:28 | 000,170,631 | ---- | M] () -- C:\AnalysisLog.sr0
[2002-11-01 14:07:08 | 000,090,112 | ---- | M] (Ulead Systems, Inc.) -- C:\autoenh.dll
[2005-01-29 21:52:47 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2002-11-01 15:25:20 | 000,106,496 | ---- | M] (Ulead Systems, Inc.) -- C:\AutoRen.dll
[2002-11-03 01:43:00 | 000,020,043 | ---- | M] () -- C:\AutoRen.hlp
[2002-11-01 15:25:30 | 000,036,864 | ---- | M] (Ulead Systems, Inc.) -- C:\AutoRen_RES.DLL
[2009-08-02 23:57:35 | 000,002,768 | ---- | M] () -- C:\bink_log.txt
[2010-07-05 23:52:51 | 000,000,351 | ---- | M] () -- C:\Boot.bak
[2010-07-19 22:24:10 | 000,000,351 | RHS- | M] () -- C:\boot.ini
[2001-07-22 02:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2002-11-01 14:34:58 | 000,036,864 | ---- | M] (Ulead Systems, Inc.) -- C:\Capmgr.dll
[2002-10-15 19:26:30 | 000,008,952 | ---- | M] () -- C:\CAPMGR.HLP
[2002-10-01 18:18:14 | 000,010,002 | ---- | M] () -- C:\cleanBKN.hlp
[2004-08-03 23:00:14 | 000,262,400 | ---- | M] () -- C:\cmldr
[2005-01-29 21:52:47 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2002-11-01 14:29:16 | 000,032,768 | ---- | M] (Ulead Systems, Inc.) -- C:\Convermpegpar.dll
[2002-11-01 13:31:22 | 000,019,968 | ---- | M] () -- C:\cpuinf32.dll
[2002-10-01 18:18:44 | 000,016,408 | ---- | M] () -- C:\DB.HLP
[2002-11-01 13:31:22 | 000,045,568 | ---- | M] (Eastman Kodak Company) -- C:\DC210.dll
[2002-11-01 13:31:22 | 000,114,688 | ---- | M] (Eastman Kodak Japan Limited) -- C:\DC240.dll
[2002-11-01 13:31:22 | 000,122,880 | ---- | M] (Eastman Kodak Company) -- C:\DC280.dll
[2003-02-27 19:55:50 | 000,073,728 | ---- | M] (Ulead Systems, Inc.) -- C:\download.dll
[2002-10-01 18:20:20 | 000,017,218 | ---- | M] () -- C:\DOWNLOAD.HLP
[2003-02-27 19:56:40 | 000,032,768 | ---- | M] (Ulead Systems, Inc.) -- C:\download_RES.DLL
[2003-02-27 19:53:22 | 000,122,880 | ---- | M] () -- C:\DSCWzrd.dll
[2002-10-15 18:00:00 | 000,015,616 | ---- | M] () -- C:\DSCWZRD.HLP
[2003-02-27 19:54:34 | 000,069,632 | ---- | M] (Ulead Systems, Inc.) -- C:\DSCWzrd_res.dll
[2003-02-27 19:43:42 | 000,221,184 | ---- | M] (Ulead Systems, Inc.) -- C:\DswPlug.dll
[2002-10-28 19:09:44 | 000,017,411 | ---- | M] () -- C:\DSWPLUG.HLP
[2002-11-01 14:29:06 | 000,061,440 | ---- | M] (Ulead Systems, Inc.) -- C:\DswRc.dll
[2002-11-01 14:34:20 | 000,225,280 | ---- | M] (Ulead Systems, Inc.) -- C:\dswUleadMpegCap.dll
[2006-02-26 15:17:28 | 000,778,257 | ---- | M] () -- C:\EasyShareInstall.log
[2002-11-01 13:31:22 | 000,071,168 | ---- | M] (Eastman Kodak Company) -- C:\ekexifio.dll
[2002-11-01 13:31:22 | 000,044,544 | ---- | M] (Eastman Kodak Company) -- C:\ekfpixaudio.dll
[2002-11-01 13:31:22 | 000,004,096 | ---- | M] (Eastman Kodak Company) -- C:\ekfpixguid.dll
[2002-11-01 13:31:22 | 000,449,536 | ---- | M] (Eastman Kodak Company) -- C:\ekfpixio130.dll
[2002-11-01 13:31:22 | 000,100,352 | ---- | M] (Eastman Kodak Company) -- C:\ekfpixjpeg.dll
[2002-11-01 13:31:22 | 000,067,584 | ---- | M] (Eastman Kodak Company) -- C:\ekfpixpsets.dll
[2003-02-27 19:53:50 | 000,106,496 | ---- | M] (Ulead Systems, Inc.) -- C:\EmbView.dll
[2002-11-01 13:31:22 | 000,294,912 | ---- | M] ( ) -- C:\EpExifUtil.dll
[2002-11-01 13:31:22 | 000,172,032 | ---- | M] (SEIKO EPSON CORPORATION.) -- C:\EpPIM2.dll
[2002-11-01 13:31:24 | 000,221,184 | ---- | M] ( ) -- C:\EpTiffUtil.dll
[2002-10-28 19:43:22 | 000,002,086 | ---- | M] () -- C:\eViewer.cnt
[2003-02-27 19:44:36 | 000,118,784 | ---- | M] (Ulead Systems, Inc.) -- C:\eviewer.exe
[2002-11-01 16:34:38 | 000,199,440 | ---- | M] () -- C:\EVIEWER.HLP
[2002-11-01 17:05:52 | 000,258,048 | ---- | M] (Ulead Systems, Inc.) -- C:\eviewer_RES.dll
[2002-11-01 13:31:24 | 000,036,864 | ---- | M] (Eastman Kodak Company) -- C:\F210.dll
[2010-07-29 18:26:18 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[1995-10-16 17:55:44 | 000,009,136 | ---- | M] () -- C:\INETWH16.DLL
[1999-01-28 16:44:20 | 000,049,152 | ---- | M] (Blue Sky Software Corporation.) -- C:\INETWH32.dll
[2005-01-29 21:52:47 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2002-11-01 15:27:30 | 000,020,480 | ---- | M] () -- C:\MailAPI.dll
[2002-11-01 15:27:40 | 000,024,576 | ---- | M] (Ulead Systems, Inc.) -- C:\MailAPI_res.dll
[2006-08-06 20:25:42 | 000,000,077 | ---- | M] () -- C:\moj_plik.ini
[2002-11-01 15:01:44 | 000,098,304 | ---- | M] (Ulead Systems, Inc.) -- C:\MpgSetin.dll
[2002-11-01 14:28:12 | 000,352,256 | ---- | M] (Ulead Systems, Inc.) -- C:\mpg_hvd.dll
[2005-01-29 21:52:47 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-04 00:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009-04-18 13:13:17 | 000,251,152 | RHS- | M] () -- C:\ntldr
[1998-12-23 01:00:00 | 000,598,288 | ---- | M] (Microsoft Corporation) -- C:\OLEAUT32.DLL
[1998-05-11 21:01:00 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\OLEPRO32.DLL
[2010-07-29 18:26:13 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2002-11-01 14:14:34 | 000,040,960 | ---- | M] (Ulead Systems, Inc.) -- C:\pal.dll
[2008-06-18 19:49:49 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
[2002-11-14 19:11:00 | 000,017,128 | ---- | M] () -- C:\Pex.cnt
[2003-05-28 22:08:28 | 001,441,792 | ---- | M] (Ulead Systems, Inc.) -- C:\pex.exe
[2002-11-07 19:27:50 | 000,984,562 | ---- | M] () -- C:\PEX.HLP
[2002-11-05 19:38:08 | 003,365,434 | ---- | M] () -- C:\Pex8.pdf
[2003-03-25 20:06:38 | 000,045,056 | ---- | M] (Ulead Systems, Inc.) -- C:\pexbuf.dll
[2002-11-01 15:28:30 | 000,040,960 | ---- | M] (Ulead Systems, Inc.) -- C:\pexdesc.dll
[2003-03-27 16:40:28 | 000,053,248 | ---- | M] (Ulead Systems, Inc.) -- C:\pexexif.dll
[2002-11-01 15:28:40 | 000,024,576 | ---- | M] (Ulead Systems, Inc.) -- C:\pexexif_Res.dll
[2002-11-01 14:01:14 | 000,024,576 | ---- | M] (Ulead Systems, Inc.) -- C:\Pexmisc.dll
[2003-11-05 13:00:48 | 000,196,608 | ---- | M] (Ulead Systems, Inc.) -- C:\PexSlide.dll
[2002-10-21 18:52:24 | 000,012,429 | ---- | M] () -- C:\PEXSLIDE.HLP
[2003-06-06 19:50:48 | 000,110,592 | ---- | M] (Ulead Systems, Inc.) -- C:\PEXSLIDE_Res.dll
[2003-11-05 13:00:34 | 000,098,304 | ---- | M] (Ulead Systems, Inc.) -- C:\PEXVideo.dll
[2002-10-15 13:03:42 | 000,027,279 | ---- | M] () -- C:\PEXVIDEO.HLP
[2003-06-06 11:16:46 | 000,032,768 | ---- | M] (Ulead Systems, Inc.) -- C:\PEXVIDEO_Res.dll
[2003-11-05 13:01:02 | 000,155,648 | ---- | M] (Ulead Systems, Inc.) -- C:\pexWVCD.dll
[2002-10-30 19:28:24 | 000,014,664 | ---- | M] () -- C:\PEXWVCD.HLP
[2002-11-01 15:31:24 | 000,032,768 | ---- | M] (Ulead Systems, Inc.) -- C:\pexwvcd_res.dll
[2003-02-27 20:36:36 | 001,789,952 | ---- | M] (Ulead Systems, Inc.) -- C:\Pex_Res.dll
[2002-12-02 19:48:08 | 000,011,316 | ---- | M] () -- C:\ReadMe.htm
[2002-11-01 15:31:34 | 000,024,576 | ---- | M] (Ulead Systems, Inc.) -- C:\RefreshIcon.dll
[2002-11-01 14:28:26 | 000,024,576 | ---- | M] (Ulead Systems, Inc.) -- C:\regutil.dll
[2002-11-01 14:36:42 | 000,028,672 | ---- | M] (Ulead Systems, Inc.) -- C:\RenderPolicy.dll
[1999-10-15 13:50:10 | 001,056,768 | ---- | M] (Blue Sky Software Corporation.) -- C:\ROBOEX32.DLL
[2002-11-01 14:58:04 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Runslider.exe
[2002-11-01 14:36:36 | 000,077,824 | ---- | M] (Ulead Systems, Inc.) -- C:\S2REVideoConverter.dll
[2000-09-27 17:25:56 | 000,005,357 | ---- | M] () -- C:\SCANNER.CNT
[2002-05-08 17:40:36 | 002,324,498 | ---- | M] () -- C:\SCANNER.HLP
[2002-11-01 13:53:48 | 000,032,768 | ---- | M] (Ulead Systems, Inc.) -- C:\SCANRES.dll
[2002-11-01 14:23:12 | 000,311,350 | ---- | M] (Ulead Systems, Inc.) -- C:\Sepa.dll
[1996-08-28 07:48:46 | 000,004,528 | ---- | M] () -- C:\SETBROWS.EXE
[2009-08-02 23:57:35 | 000,000,320 | ---- | M] () -- C:\sound_bank_log.txt
[2002-11-01 14:39:06 | 000,036,864 | ---- | M] (Ulead Systems, Inc.) -- C:\SSPLAYER_Res.dll
[2006-05-13 17:05:04 | 000,430,498 | R--- | M] () -- C:\txtsetup.sif
[2005-01-30 17:55:30 | 000,086,016 | ---- | M] (Techland) -- C:\UNZIPPER.EXE
[2002-11-01 14:14:26 | 000,028,672 | ---- | M] (Ulead Systems, Inc.) -- C:\Vcvrt32.dll
[2002-11-01 14:14:56 | 000,032,768 | ---- | M] (Ulead Systems, Inc.) -- C:\Vepb40.dll
[2002-11-01 15:01:00 | 000,118,784 | ---- | M] (Ulead Systems, Inc.) -- C:\Veui32.dll
[2002-11-01 14:34:42 | 000,032,768 | ---- | M] (Ulead Systems, Inc.) -- C:\VfwPluin.dll
[2002-11-01 14:34:34 | 000,040,960 | ---- | M] (Ulead Systems, Inc.) -- C:\vfwuleadmpegcap.dll
[2002-11-01 14:58:20 | 000,045,056 | ---- | M] (Ulead Systems, Inc.) -- C:\VFX32.dll
[2003-06-06 02:01:08 | 000,172,032 | ---- | M] (Ulead Systems, Inc.) -- C:\VioRC.dll
[2002-11-01 14:37:52 | 000,053,248 | ---- | M] (Ulead Systems, Inc.) -- C:\VIPLIB.dll
[2003-04-01 11:17:44 | 000,200,704 | ---- | M] (Ulead Systems, Inc.) -- C:\WebPageOutput.dll
[2002-10-08 15:53:24 | 000,029,143 | ---- | M] () -- C:\WEBPAGEOUTPUT.HLP
[2003-02-27 20:05:26 | 000,188,416 | ---- | M] (Ulead Systems, Inc.) -- C:\WebPageOutput_RES.dll
[2003-03-21 17:20:00 | 000,028,672 | ---- | M] (Ulead Systems, Inc.) -- C:\WrapPIM.dll
[2002-11-01 14:28:42 | 000,061,440 | ---- | M] () -- C:\XBuf.dll
[2002-11-01 14:29:00 | 000,077,824 | ---- | M] (Ulead Systems, Inc.) -- C:\XBurnMgr.dll
[2002-11-01 14:28:36 | 000,036,864 | ---- | M] (Ulead Systems, Inc.) -- C:\XBurnMgrRC.dll


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-04-18 13:09:59 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2009-04-18 13:09:59 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\erdnt\cache\agp440.sys
[2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004-08-04 08:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2002-09-20 19:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2009-04-18 13:09:59 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009-04-18 13:09:59 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2002-08-29 02:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys
[2002-08-29 02:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-04 07:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\erdnt\cache\beep.sys
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2002-09-20 19:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2009-04-18 13:09:59 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009-04-18 13:09:59 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004-08-04 07:59:52 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-04 09:43:57 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008-04-14 19:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008-04-14 19:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 19:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\erdnt\cache\ndis.sys
[2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004-08-04 08:14:28 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-04 09:44:28 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=4B191B10982297B19588394515007FFD -- C:\WINDOWS\system32\winlogon.exe
[2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
< End of report >
[/log]

Log extras
[log]OTL Extras logfile created on: 2010-07-29 20:16:47 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\darek\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

511,00 Mb Total Physical Memory | 155,00 Mb Available Physical Memory | 30,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,65 Gb Total Space | 6,05 Gb Free Space | 41,31% Space Free | Partition Type: NTFS
Drive D: | 58,59 Gb Total Space | 35,72 Gb Free Space | 60,96% Space Free | Partition Type: NTFS
Drive E: | 29,29 Gb Total Space | 18,15 Gb Free Space | 61,95% Space Free | Partition Type: NTFS
Drive F: | 9,25 Gb Total Space | 2,82 Gb Free Space | 30,45% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME-DBNCR7L8CR
Current User Name: darek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.jse [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.wsf [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.wsh [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-1844237615-527237240-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Odkurz tutaj] -- "C:\Program Files\Odkurzacz\odkurzacz.exe" "%1" (Franmo Software)
Directory [PlayWithVLC] -- "E:\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"8461:TCP" = 8461:TCP:*:Enabled:GoD High Port
"8462:TCP" = 8462:TCP:*:Enabled:GoD Low Port

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe" = C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter -- (Nero AG)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"\\MAG-XBH1A43YDSQ\ggggggg\GameData\jamp.exe" = \\MAG-XBH1A43YDSQ\ggggggg\GameData\jamp.exe:*:Enabled:jamp.exe
"E:\Program Files\GameSpy Arcade\Aphex.exe" = E:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade -- (IGN Entertainment, Inc.)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- File not found
"D:\GameSpy Arcade\Aphex.exe" = D:\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade -- (IGN Entertainment, Inc.)
"D:\gg\Gadu-Gadu\Gadu-Gadu 10\gg.exe" = D:\gg\Gadu-Gadu\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
"D:\Metin II\Metin2\metin2client.bin" = D:\Metin II\Metin2\metin2client.bin:*:Enabled:metin2client -- ()


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"@BIOS" = @BIOS
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{20F0F67B-CB0F-4C85-B6F2-133D9CB70614}" = Samsung PC Studio
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 19
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B}" = MP3 Player Utilities
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.5
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007
"{969B3B70-8765-11D5-9809-0050BACBF861}" = MP3PowerEncoder
"{99755640-9633-11D5-AB3C-0050DAB311CC}" = InterVideo MP3 + DVD XPack
"{9EDBB857-8028-49CD-B9C9-0B4D10CD1045}" = Nero 8 Demo
"{9FEF4EA5-025F-4D8B-9376-680CA8E77C9C}" = Delete FXP Files 2009 - Demo
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AAA66A0D-E610-40B8-9D51-C1854285773A}" = RT2500 Wireless LAN Card
"{AC76BA86-7AD7-1045-7B44-A70000000000}" = Adobe Reader 7.0 - Polish
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{E01662A1-BF0F-4DA8-A2FC-4E7F685884B8}" = Rome - Total War
"{F38696FB-DBCD-4F2E-8D71-DA46783DEDF4}" = Beowulf TM
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIDA32_is1" = AIDA32 v3.70
"All ATI Software" = Narzędzie Software Uninstall Utility firmy ATI
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Corel Applications" = Corel Applications
"D050D7362D214723AD585B541FFB6C11" = DivX Content Uploader
"Delete FXP Files 2009 - Demo" = Delete FXP Files 2009 - Demo
"DivXG400" = DivXG400
"EasyDialer_is1" = EasyDialer
"eduROM Demo12" = Multimedialny Niezbędnik_eduROM
"encyklopedia pwn.pl" = encyklopedia pwn.pl
"Gadu-Gadu 10" = Gadu-Gadu 10
"GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker
"GameSpy Arcade" = GameSpy Arcade
"Gigabyte Windows Utility Manager" = Gigabyte Windows Utility Manager
"Heroes III The Shadow of Death" = Heroes of Might and Magic® III The Shadow of Death(TM)
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Indeo® Software" = Indeo® Software
"Lexmark 1200 Series" = Lexmark 1200 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"MediaCoder" = MediaCoder 0.6.1
"Metin2_is1" = Metin2
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"MRW!UninstallKey" = InCD EasyWrite Reader
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NAPIPROJEKT_is1" = NAPIPROJEKT 1.0.6.2
"NVIDIA Drivers" = NVIDIA Drivers
"Odkurzacz 10.2 Pro_is1" = Odkurzacz 10.2.0806.1080 Pro
"QuickTime" = QuickTime
"SprawdzianySzostoklasisty2005" = Sprawdziany Szóstoklasisty 2005
"SprawdzianySzostoklasisty2006" = Sprawdziany Szóstoklasisty 2006
"ST4UNST #1" = Angielskie Slowka v1.0
"VLC media player" = VLC media player 0.9.9
"WGA" = Windows Genuine Advantage Validation Tool
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = Archiwizator WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Toolbar" = Yahoo! Toolbar
"YMPEG" = YMPEG: Fast MPEG-1/2/VCD/SVCD Codec

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1844237615-527237240-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III: wszystkie elementy

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
[/log]

No to mam problem, nie potrafię obecnie w ogóle włączyć kompa (komputer brata), nie pozwala się zalogować. W przypadku ostatniej dobrej konfiguracji przy próbie zalogowania zawiesza się. Co teraz?

Sohei
komentarz
komentarz

Pobierz i nagraj na płytkę [url=http://www.freedrweb.pl/livecd.php][b]DR Web LiveCD[/b][/url] i przeskanuj tym komputer. Co znajdzie usun.
Jeśli komputer wciąż nie będzie chciał się odpalić wykonaj [url=http://www.searchengines.pl/index.php?showtopic=24500&view=findpost&p=109540]instalację nakładkową Windows[/url].

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.