x-kom hosting

Komputer zamula Proszę o sprawdzenie logów

Gość
utworzono
utworzono (edytowane)

Włączyłem stary komputer, ale chodzi strasznie! Totalna zamuła. Format odpada chodź nie był od dwóch lat.
[log]OTL logfile created on: 2010-08-03 10:46:02 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Pawel\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

767,00 Mb Total Physical Memory | 271,00 Mb Available Physical Memory | 35,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,55 Gb Total Space | 19,23 Gb Free Space | 25,80% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KOMP1
Current User Name: Pawel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color="#e56717"]========== Processes (All) ==========[/color]

PRC - [2010-08-03 10:44:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pawel\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2010-08-01 10:37:45 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-08-01 10:37:38 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-04-12 17:29:29 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-04-01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010-03-02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-02-24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010-01-14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009-08-06 20:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
PRC - [2009-03-08 04:31:54 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msfeedssync.exe
PRC - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-05-03 05:46:00 | 000,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 19:21:43 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPDEVMGMT]
PRC - [2008-04-14 19:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 19:21:42 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 19:21:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 19:21:10 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 19:21:10 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 19:21:02 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2007-04-16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2006-11-13 13:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2006-11-13 13:39:34 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe


[color="#e56717"]========== Modules (All) ==========[/color]

MOD - [2010-08-03 10:44:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pawel\Moje dokumenty\Pobieranie\OTL.exe
MOD - [2009-12-08 11:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 16:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-03-21 16:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 12:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-06-17 21:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 19:21:56 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 19:20:57 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 19:20:56 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 19:20:56 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 19:20:56 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 19:20:56 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 19:20:44 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 19:20:44 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 19:20:44 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 19:20:44 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 19:20:39 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 19:20:36 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 19:20:32 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 19:20:14 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 19:20:13 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 19:20:11 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 19:16:32 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 19:12:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime
MOD - [2008-04-14 18:59:08 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2006-05-03 23:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll


[color="#e56717"]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2010-04-01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010-02-24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009-09-17 11:33:26 | 000,651,776 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)


[color="#e56717"]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\System32\Drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\System32\ZDCndis5.SYS -- (ZDCndis5)
DRV - File not found [Kernel | System | Stopped] -- C:\windows\System32\DRIVERS\VClone.sys -- (VClone)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\System32\DRIVERS\pctfw.sys -- (SFilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\System32\PCANDIS5.SYS -- (PCANDIS5)
DRV - File not found [File_System | Boot | Stopped] -- C:\windows\System32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\NSDriver.sys -- (Ad-Watch Connect Filter)
DRV - [2010-03-01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010-02-16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010-02-11 18:19:33 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2010-02-11 18:19:32 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010-02-11 18:19:32 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2010-01-21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2010-01-21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2010-01-21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2009-09-23 10:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009-06-10 21:50:30 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-05-12 15:53:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FlashUsb.sys -- (FlashUSB)
DRV - [2009-05-11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009-05-11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009-03-19 14:48:18 | 000,136,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009-03-19 14:48:12 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009-03-15 12:25:46 | 000,056,268 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009-02-09 08:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009-02-09 08:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009-02-09 08:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009-02-09 08:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008-12-23 17:33:17 | 000,004,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nocashio.sys -- (nocashio)
DRV - [2008-09-24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2008-09-13 15:17:40 | 000,028,672 | ---- | M] ([url="http://libusb-win32.sourceforge.net"]http://libusb-win32.sourceforge.net[/url]) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\libusb0.sys -- (libusb0)
DRV - [2008-09-13 15:17:40 | 000,003,328 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pspdisp.sys -- (pspdisp)
DRV - [2008-08-26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-05-03 05:46:00 | 006,554,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008-04-13 21:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2008-04-13 20:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008-04-13 20:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2006-11-04 06:45:48 | 000,178,913 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V0260Vid.sys -- (V0260VID)
DRV - [2006-07-24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006-03-22 19:57:44 | 000,073,984 | ---- | M] (Fuzhou Rockchip Electronics Co,Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rockusb.sys -- (rockusb)
DRV - [2005-10-16 08:00:00 | 000,012,928 | ---- | M] (Bo Brantén) [Kernel | System | Running] -- C:\windows\System32\drivers\filedisk.sys -- (FileDisk)
DRV - [2003-12-08 12:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
DRV - [2003-12-08 11:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2003-07-02 04:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2003-03-11 00:12:06 | 000,059,632 | R--- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qcusbser.sys -- (qcusbser)
DRV - [2003-03-11 00:12:06 | 000,059,632 | R--- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qcusbmdm.sys -- (qcusbmdm) Qualcomm Proprietary USB Driver (PID 3197)
DRV - [2002-10-15 14:48:46 | 000,012,964 | ---- | M] (WayTech Development, Inc.) [Kernel | System | Running] -- C:\windows\System32\drivers\kbfilter.sys -- (kbfilter)
DRV - [2002-01-29 03:43:14 | 000,370,382 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci) C-Media PCI Audio Driver (WDM)
DRV - [2001-12-18 14:45:04 | 000,003,279 | ---- | M] (VIA Technologies. Inc.) [Kernel | System | Running] -- C:\windows\System32\Drivers\VIAPFD.SYS -- (VIAPFD)


[color="#e56717"]========== Standard Registry (SafeList) ==========[/color]


[color="#e56717"]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [url="http://www.google.com/ie"]http://www.google.com/ie[/url]


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-823518204-492894223-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-823518204-492894223-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [url="http://www.google.com/search?q=%7BsearchTerms%7D"]http://www.google.co...q={searchTerms}[/url]
IE - HKU\S-1-5-21-823518204-492894223-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.pl/"]http://www.google.pl/[/url]
IE - HKU\S-1-5-21-823518204-492894223-839522115-1003\..\URLSearchHook: {cd36797a-70f3-4acd-8825-623d3b896881} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-823518204-492894223-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color="#e56717"]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.google.pl"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-08-03 00:24:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-08-01 10:38:01 | 000,000,000 | ---D | M]

[2009-04-16 09:51:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\Mozilla\Extensions
[2010-08-02 13:31:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\Mozilla\Firefox\Profiles\v08cass0.default\extensions
[2010-07-02 19:59:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Pawel\Dane aplikacji\Mozilla\Firefox\Profiles\v08cass0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-08-02 13:31:52 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-05-14 18:15:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-08-01 10:37:50 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-08-01 10:37:50 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-08-01 10:37:50 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-08-01 10:37:50 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-08-01 10:37:50 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-08-01 10:37:50 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009-05-10 10:30:35 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (YouTube To ALLPlayer) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLPlayer\YouTubeToALLPlayer.dll (ALLPlayer.org)
O2 - BHO: (no name) - {cd36797a-70f3-4acd-8825-623d3b896881} - No CLSID value found.
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (no name) - {cd36797a-70f3-4acd-8825-623d3b896881} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-823518204-492894223-839522115-1003\..\Toolbar\WebBrowser: (no name) - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - No CLSID value found.
O3 - HKU\S-1-5-21-823518204-492894223-839522115-1003\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Cmaudio] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMan] C:\windows\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-823518204-492894223-839522115-1003..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-823518204-492894223-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-823518204-492894223-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-823518204-492894223-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra Button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - Reg Error: Key error. File not found
O16 - DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} [url="http://83.12.158.44/RtspVaPgDec.cab"]http://83.12.158.44/RtspVaPgDec.cab[/url] (RtspVaPgCtrlNew Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [url="http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab"]http://platformdl.ad...Plus/1.6/gp.cab[/url] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O21 - SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - CLSID or File not found.
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O28 - HKLM ShellExecuteHooks: {BB4C402F-882A-4526-8C08-51278EA437C1} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-01-29 21:52:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0ff8c060-1bd4-11de-9e23-000e50d931b6}\Shell\AutoRun\command - "" = G:\husyu8n.exe -- File not found
O33 - MountPoints2\{0ff8c060-1bd4-11de-9e23-000e50d931b6}\Shell\open\Command - "" = G:\husyu8n.exe -- File not found
O33 - MountPoints2\{0ff8c061-1bd4-11de-9e23-000e50d931b6}\Shell\AutoRun\command - "" = H:\husyu8n.exe -- File not found
O33 - MountPoints2\{0ff8c061-1bd4-11de-9e23-000e50d931b6}\Shell\open\Command - "" = H:\husyu8n.exe -- File not found
O33 - MountPoints2\{2a9ce100-e8c9-11de-a05c-000e50d931b6}\Shell\AutoRun\command - "" = H:\mbvd.exe -- File not found
O33 - MountPoints2\{2a9ce100-e8c9-11de-a05c-000e50d931b6}\Shell\open\Command - "" = H:\mbvd.exe -- File not found
O33 - MountPoints2\{a97c2dc5-fc91-11de-a082-000e50d931b6}\Shell\AutoRun\command - "" = I:\e9naq.exe -- File not found
O33 - MountPoints2\{a97c2dc5-fc91-11de-a082-000e50d931b6}\Shell\open\Command - "" = I:\e9naq.exe -- File not found
O33 - MountPoints2\{bde31d37-a9e0-11de-9fcf-000e50d931b6}\Shell\AutoRun\command - "" = F:\w9uxx92.exe -- File not found
O33 - MountPoints2\{bde31d37-a9e0-11de-9fcf-000e50d931b6}\Shell\open\Command - "" = F:\w9uxx92.exe -- File not found
O33 - MountPoints2\{cad98640-9e36-11de-9fb8-000e50d931b6}\Shell\AutoRun\command - "" = F:\ph.exe -- File not found
O33 - MountPoints2\{cad98640-9e36-11de-9fb8-000e50d931b6}\Shell\open\Command - "" = F:\ph.exe -- File not found
O33 - MountPoints2\{e3be78b2-a37b-11de-9fbe-000e50d931b6}\Shell\AutoRun\command - "" = F:\9jyhdim8.exe -- File not found
O33 - MountPoints2\{e3be78b2-a37b-11de-9fbe-000e50d931b6}\Shell\open\Command - "" = F:\9jyhdim8.exe -- File not found
O33 - MountPoints2\{e3be78b3-a37b-11de-9fbe-000e50d931b6}\Shell\AutoRun\command - "" = H:\9jyhdim8.exe -- File not found
O33 - MountPoints2\{e3be78b3-a37b-11de-9fbe-000e50d931b6}\Shell\open\Command - "" = H:\9jyhdim8.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (aswBoot.exe /M:228a00e4) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpReg: [b]ctfmon.exe[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]NvCplDaemon[/b] - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm - Service
SafeBootNet: nm.sys - Driver
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color="#e56717"]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-08-03 10:54:57 | 000,000,000 | ---D | C] -- C:\windows\LastGood
[2010-08-03 00:21:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Moje dokumenty\Alcohol 120%
[2010-08-01 11:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Dane aplikacji\Avira
[2010-08-01 11:23:15 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avipbb.sys
[2010-08-01 11:23:15 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avgntdd.sys
[2010-08-01 11:23:15 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\ssmdrv.sys
[2010-08-01 11:23:15 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avgntmgr.sys
[2010-08-01 11:23:14 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010-08-01 11:23:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Avira
[2010-08-01 11:10:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\Deployment
[2010-07-14 19:50:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Pulpit\Nieużywane skróty pulpitu
[2010-07-02 22:11:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010-07-02 22:10:57 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010-06-22 22:39:17 | 000,000,000 | ---D | C] -- C:\Sounds
[2010-06-22 22:33:23 | 000,419,240 | ---- | C] (VideoSoft) -- C:\windows\System32\Vsflex7L.ocx
[2010-06-22 22:33:22 | 001,164,728 | ---- | C] (NuMedia Soft, Inc.) -- C:\windows\System32\NMSDVDXU.dll
[2010-06-22 22:33:21 | 000,630,784 | ---- | C] (ComponentOne) -- C:\windows\System32\vsflex8u.ocx
[2010-06-22 22:32:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Dane aplikacji\LG Electronics
[2010-06-22 22:32:52 | 000,000,000 | ---D | C] -- C:\Program Files\LG PC Suite II
[2010-06-22 20:42:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Moje dokumenty\GTA San Andreas User Files
[2010-06-22 20:06:46 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2010-06-20 12:12:38 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Pawel\Recent
[2010-06-19 23:54:02 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2010-06-19 18:24:13 | 000,012,928 | ---- | C] (Bo Brantén) -- C:\windows\System32\drivers\filedisk.sys
[2010-06-19 18:23:57 | 000,000,000 | ---D | C] -- C:\Program Files\WinImage
[2010-06-06 12:54:07 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97
[2010-06-06 12:42:44 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[7 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[3 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]

[color="#e56717"]========== Files - Modified Within 60 Days ==========[/color]

[2010-08-03 10:57:32 | 000,000,462 | -H-- | M] () -- C:\windows\tasks\User_Feed_Synchronization-{51D530C1-226F-4A81-8B3C-DDCD2799F591}.job
[2010-08-03 10:39:49 | 000,000,104 | ---- | M] () -- C:\windows\System32\nvapps.xml
[2010-08-03 10:39:45 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2010-08-03 10:39:42 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2010-08-03 01:20:44 | 008,912,896 | ---- | M] () -- C:\Documents and Settings\Pawel\NTUSER.DAT
[2010-08-03 01:20:44 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\Pawel\ntuser.ini
[2010-08-01 22:55:46 | 001,096,188 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI
[2010-08-01 22:55:46 | 000,493,500 | ---- | M] () -- C:\windows\System32\perfh015.dat
[2010-08-01 22:55:46 | 000,435,260 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2010-08-01 22:55:46 | 000,084,916 | ---- | M] () -- C:\windows\System32\perfc015.dat
[2010-08-01 22:55:46 | 000,068,156 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2010-08-01 15:30:29 | 000,000,550 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Neostrada TP.lnk
[2010-08-01 11:23:31 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Avira AntiVir Control Center.lnk
[2010-08-01 11:07:00 | 000,000,472 | ---- | M] () -- C:\windows\tasks\Ad-Aware Update (Weekly).job
[2010-08-01 10:33:49 | 000,002,596 | ---- | M] () -- C:\windows\System32\CONFIG.NT
[2010-08-01 10:01:39 | 000,000,587 | ---- | M] () -- C:\Documents and Settings\Pawel\Pulpit\Skrót do Incoming.lnk
[2010-07-31 15:21:48 | 000,002,206 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2010-07-20 20:09:06 | 000,015,285 | ---- | M] () -- C:\Documents and Settings\Pawel\Pulpit\Kontakty_1871027.xml
[2010-07-20 13:46:24 | 000,045,280 | ---- | M] () -- C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-07-09 21:04:40 | 000,041,872 | ---- | M] () -- C:\windows\System32\xfcodec.dll
[2010-07-08 14:16:49 | 001,579,380 | -H-- | M] () -- C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-07-07 23:22:25 | 000,000,116 | ---- | M] () -- C:\windows\NeroDigital.ini
[2010-06-23 12:57:32 | 086,601,728 | ---- | M] () -- C:\windows\MEMORY.DMP
[2010-06-22 22:30:41 | 000,002,413 | ---- | M] () -- C:\windows\System32\lgAxconfig.ini
[2010-06-22 22:14:34 | 000,212,880 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2010-06-21 19:42:04 | 000,001,041 | ---- | M] () -- C:\Documents and Settings\Pawel\Pulpit\LGMobile update.lnk
[2010-06-20 12:15:46 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\Pawel\Pulpit\Defraggler.lnk
[2010-06-20 12:14:59 | 000,001,374 | ---- | M] () -- C:\windows\imsins.BAK
[2010-06-20 10:57:46 | 000,023,392 | ---- | M] () -- C:\windows\System32\nscompat.tlb
[2010-06-20 10:57:46 | 000,016,832 | ---- | M] () -- C:\windows\System32\amcompat.tlb
[2010-06-19 23:54:15 | 000,000,740 | ---- | M] () -- C:\windows\win.ini
[2010-06-19 18:01:25 | 000,084,240 | ---- | M] () -- C:\Documents and Settings\Pawel\Pulpit\uhfuwf.gif
[2010-06-19 18:01:22 | 000,086,530 | ---- | M] () -- C:\Documents and Settings\Pawel\Pulpit\sduafa.gif
[2010-06-18 20:12:39 | 000,020,536 | ---- | M] () -- C:\Documents and Settings\Pawel\Pulpit\1076468872.jpeg
[2010-06-18 10:01:32 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_Kernel_ggflt_01007.Wdf
[2010-06-06 20:54:32 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2010-06-06 19:20:09 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Pawel\Pulpit\CCleaner.lnk
[2010-06-06 12:54:45 | 000,000,452 | ---- | M] () -- C:\Documents and Settings\Pawel\Moje dokumenty\spider.sav
[7 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[3 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]

[color="#e56717"]========== Files Created - No Company Name ==========[/color]

[2010-08-01 15:30:29 | 000,000,550 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Neostrada TP.lnk
[2010-08-01 11:23:31 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Avira AntiVir Control Center.lnk
[2010-08-01 10:01:39 | 000,000,587 | ---- | C] () -- C:\Documents and Settings\Pawel\Pulpit\Skrót do Incoming.lnk
[2010-07-20 20:09:06 | 000,015,285 | ---- | C] () -- C:\Documents and Settings\Pawel\Pulpit\Kontakty_1871027.xml
[2010-07-09 21:04:40 | 000,041,872 | ---- | C] () -- C:\windows\System32\xfcodec.dll
[2010-07-07 23:23:31 | 734,726,144 | ---- | C] () -- C:\Documents and Settings\Pawel\Pulpit\Eurotrip (Lektor PL).avi
[2010-06-20 12:13:21 | 000,001,374 | ---- | C] () -- C:\windows\imsins.BAK
[2010-06-19 23:54:05 | 000,023,392 | ---- | C] () -- C:\windows\System32\nscompat.tlb
[2010-06-19 23:54:05 | 000,016,832 | ---- | C] () -- C:\windows\System32\amcompat.tlb
[2010-06-19 18:01:24 | 000,084,240 | ---- | C] () -- C:\Documents and Settings\Pawel\Pulpit\uhfuwf.gif
[2010-06-19 18:01:21 | 000,086,530 | ---- | C] () -- C:\Documents and Settings\Pawel\Pulpit\sduafa.gif
[2010-06-18 20:12:37 | 000,020,536 | ---- | C] () -- C:\Documents and Settings\Pawel\Pulpit\1076468872.jpeg
[2010-06-18 10:01:32 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_Kernel_ggflt_01007.Wdf
[2010-06-06 20:54:32 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2010-06-06 19:20:09 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\Pawel\Pulpit\CCleaner.lnk
[2010-06-06 12:54:37 | 000,049,152 | ---- | C] () -- C:\windows\System32\ChCfg.exe
[2010-06-06 12:54:07 | 000,141,016 | ---- | C] () -- C:\windows\System32\alsndmgr.wav
[2010-06-06 12:54:04 | 000,147,456 | ---- | C] () -- C:\windows\System32\RtlCPAPI.dll
[2010-05-27 18:53:42 | 000,053,248 | ---- | C] () -- C:\windows\System32\CommonDL.dll
[2010-05-27 18:53:42 | 000,002,413 | ---- | C] () -- C:\windows\System32\lgAxconfig.ini
[2010-05-15 13:09:09 | 000,000,092 | ---- | C] () -- C:\windows\CMISETUP.INI
[2010-05-15 13:09:09 | 000,000,026 | ---- | C] () -- C:\windows\CMCDPLAY.INI
[2010-05-15 13:09:06 | 000,000,000 | ---- | C] () -- C:\windows\Wininit.ini
[2010-05-15 13:09:04 | 001,900,544 | ---- | C] () -- C:\windows\System32\cmiwcnfg.dll
[2010-05-15 13:09:04 | 000,028,672 | ---- | C] () -- C:\windows\System32\cmirmdrv.dll
[2010-05-15 13:08:54 | 000,028,672 | ---- | C] () -- C:\windows\CMIRmDriver.dll
[2010-01-28 12:45:34 | 000,005,632 | ---- | C] () -- C:\windows\System32\drivers\StarOpen.sys
[2010-01-08 14:36:45 | 000,000,036 | ---- | C] () -- C:\windows\DaemonPlugin.INI
[2010-01-07 21:51:10 | 000,354,816 | ---- | C] () -- C:\windows\System32\psisdecd.dll
[2009-07-06 15:48:58 | 000,000,070 | ---- | C] () -- C:\windows\st_affiliate.ini
[2009-05-20 17:57:29 | 003,596,288 | ---- | C] () -- C:\windows\System32\qt-dx331.dll
[2009-05-20 17:57:29 | 000,795,648 | ---- | C] () -- C:\windows\System32\xvidcore.dll
[2009-05-20 17:57:27 | 000,067,584 | ---- | C] () -- C:\windows\System32\ff_vfw.dll
[2009-05-20 17:57:27 | 000,000,547 | ---- | C] () -- C:\windows\System32\ff_vfw.dll.manifest
[2009-05-02 23:58:20 | 000,000,118 | ---- | C] () -- C:\windows\System32\MRT.INI
[2009-05-02 12:48:38 | 000,000,525 | ---- | C] () -- C:\windows\QIII.INI
[2008-12-30 12:29:49 | 000,114,688 | ---- | C] () -- C:\windows\System32\WLANUTL.dll
[2008-12-23 17:33:17 | 000,004,096 | ---- | C] () -- C:\windows\System32\drivers\nocashio.sys
[2008-11-03 22:38:17 | 002,041,363 | ---- | C] () -- C:\windows\System32\x264vfw.dll
[2008-10-29 14:46:39 | 000,108,032 | ---- | C] () -- C:\windows\System32\avi.dll
[2008-10-29 14:46:38 | 000,141,312 | ---- | C] () -- C:\windows\System32\mp4.dll
[2008-10-29 14:46:35 | 000,148,992 | ---- | C] () -- C:\windows\System32\mkx.dll
[2008-10-29 14:46:32 | 000,159,744 | ---- | C] () -- C:\windows\System32\mmfinfo.dll
[2008-10-29 14:46:30 | 000,120,832 | ---- | C] () -- C:\windows\System32\ogm.dll
[2008-10-29 14:46:28 | 000,163,840 | ---- | C] () -- C:\windows\System32\ts.dll
[2008-10-29 14:46:26 | 000,079,360 | ---- | C] () -- C:\windows\System32\mkzlib.dll
[2008-10-29 14:46:25 | 000,023,552 | ---- | C] () -- C:\windows\System32\mkunicode.dll
[2008-10-29 14:45:19 | 000,118,784 | ---- | C] () -- C:\windows\System32\ff_realaac.dll
[2008-10-29 14:44:49 | 000,237,568 | ---- | C] () -- C:\windows\System32\OggDS.dll
[2008-10-29 14:44:47 | 000,921,600 | ---- | C] () -- C:\windows\System32\vorbisenc.dll
[2008-10-29 14:44:38 | 000,188,416 | ---- | C] () -- C:\windows\System32\vorbis.dll
[2008-10-29 14:44:36 | 000,045,056 | ---- | C] () -- C:\windows\System32\ogg.dll
[2008-10-29 14:44:16 | 000,009,216 | ---- | C] () -- C:\windows\System32\cpuinf32.dll
[2008-10-29 14:43:43 | 000,130,048 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2008-09-06 22:17:20 | 000,022,328 | ---- | C] () -- C:\windows\System32\drivers\PnkBstrK.sys
[2008-07-20 14:08:42 | 000,000,101 | ---- | C] () -- C:\windows\CMMIXER.INI
[2008-05-03 05:46:00 | 001,703,936 | ---- | C] () -- C:\windows\System32\nvwdmcpl.dll
[2008-05-03 05:46:00 | 001,486,848 | ---- | C] () -- C:\windows\System32\nview.dll
[2008-05-03 05:46:00 | 001,019,904 | ---- | C] () -- C:\windows\System32\nvwimg.dll
[2008-05-03 05:46:00 | 000,466,944 | ---- | C] () -- C:\windows\System32\nvshell.dll
[2008-05-03 05:46:00 | 000,286,720 | ---- | C] () -- C:\windows\System32\nvnt4cpl.dll
[2008-04-26 12:46:52 | 000,383,238 | ---- | C] () -- C:\windows\System32\libmp3lame-0.dll
[2008-04-19 19:59:49 | 000,000,034 | ---- | C] () -- C:\windows\cdplayer.ini
[2008-03-22 12:03:28 | 000,000,160 | ---- | C] () -- C:\windows\mafosav.INI
[2008-03-12 11:11:04 | 000,002,045 | -H-- | C] () -- C:\windows\System32\whlb32f.dll
[2008-03-05 10:21:50 | 000,001,124 | ---- | C] () -- C:\windows\ODBC.INI
[2008-03-03 22:57:47 | 000,000,751 | ---- | C] () -- C:\windows\Gfact.ini
[2008-03-03 22:57:47 | 000,000,027 | ---- | C] () -- C:\windows\gdx.ini
[2008-03-01 13:09:12 | 000,000,116 | ---- | C] () -- C:\windows\NeroDigital.ini
[2008-02-19 23:35:47 | 000,000,038 | ---- | C] () -- C:\windows\AviSplitter.INI
[2008-01-30 00:10:36 | 000,721,904 | ---- | C] () -- C:\windows\System32\drivers\sptd.sys
[2008-01-29 22:36:16 | 000,010,240 | ---- | C] () -- C:\windows\System32\vidx16.dll
[2008-01-29 22:36:06 | 000,004,333 | ---- | C] () -- C:\windows\mixerdef.ini
[2008-01-29 22:15:13 | 000,005,606 | ---- | C] () -- C:\windows\System32\stci.dll
[2005-12-07 12:31:00 | 000,202,752 | R--- | C] () -- C:\windows\System32\CddbCdda.dll
[2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\windows\System32\OUTLPERF.INI
[2002-10-16 00:54:04 | 000,153,088 | ---- | C] () -- C:\windows\System32\unrar.dll
[2002-02-27 18:50:00 | 000,197,120 | ---- | C] () -- C:\windows\System32\patchw32.dll
[1999-09-28 16:58:21 | 000,005,647 | ---- | C] () -- C:\windows\System32\HDK3CRYP.DLL
[1997-03-19 01:00:00 | 000,022,016 | ---- | C] () -- C:\windows\System32\ODBCSTF.DLL
[1997-03-19 01:00:00 | 000,022,016 | ---- | C] () -- C:\windows\System32\DOCOBJ.DLL
[1997-03-19 01:00:00 | 000,012,288 | ---- | C] () -- C:\windows\System32\VAPL232.DLL
[1997-03-19 01:00:00 | 000,012,288 | ---- | C] () -- C:\windows\System32\HLINKPRX.DLL
[1996-04-03 21:33:26 | 000,005,248 | ---- | C] () -- C:\windows\System32\giveio.sys

[color="#e56717"]========== LOP Check ==========[/color]

[2010-05-14 18:16:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2008-11-30 19:27:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BT
[2010-02-08 12:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BufferZone
[2009-09-26 13:50:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Downloaded Installations
[2009-06-18 19:33:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2008-04-12 18:10:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EnterNHelp
[2010-03-10 18:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2008-03-23 22:54:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IM
[2008-03-23 22:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IncrediMail
[2009-09-26 12:56:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2010-07-28 17:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-06-21 19:44:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LGMOBILEAX
[2008-12-26 15:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NFS Underground
[2008-04-12 18:10:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nikon
[2008-11-18 18:27:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2009-12-03 15:33:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaMusic
[2010-04-04 21:04:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2008-11-25 17:06:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2008-11-07 13:26:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\phenomedia
[2008-04-19 23:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SlySoft
[2008-02-15 19:56:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SongbirdVLC
[2008-02-10 17:53:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\stamina
[2008-11-06 19:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2008-04-12 18:10:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ultima_T15
[2008-07-04 16:34:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\aMule
[2009-01-31 21:56:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\BESTplayer
[2008-11-30 19:27:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\BT
[2009-05-23 18:47:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\Canneverbe_Limited
[2010-01-11 15:00:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\DAEMON Tools
[2009-12-02 18:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\Datalayer
[2010-05-15 14:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\eMule
[2010-03-31 23:34:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\EurekaLog
[2008-12-29 18:09:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\fltk.org
[2008-01-29 23:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\Gadu-Gadu
[2010-06-06 21:02:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\Gadu-Gadu 10
[2008-04-18 22:01:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\GanymedeNet
[2010-07-28 17:07:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\ipla
[2010-06-22 22:40:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\LG Electronics
[2008-07-08 19:39:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\LimeWire
[2008-04-12 18:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\Nikon
[2009-12-03 15:34:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\Nokia
[2009-05-03 19:56:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\Nowe Gadu-Gadu
[2009-09-22 14:17:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\OpenFM
[2008-07-30 09:34:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\Opera
[2009-01-09 23:19:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\PC Suite
[2008-11-06 19:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\PCToolsFirewallPlus
[2010-02-22 20:20:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\Qrix
[2008-02-15 19:56:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\Qtrax1
[2010-02-27 14:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\Samsung
[2008-12-30 19:03:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\Sony Setup
[2010-08-01 11:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pawel\Dane aplikacji\uTorrent
[2010-08-01 11:07:00 | 000,000,472 | ---- | M] () -- C:\windows\Tasks\Ad-Aware Update (Weekly).job
[2010-08-03 10:57:32 | 000,000,462 | -H-- | M] () -- C:\windows\Tasks\User_Feed_Synchronization-{51D530C1-226F-4A81-8B3C-DDCD2799F591}.job

[color="#e56717"]========== Purity Check ==========[/color]



[color="#e56717"]========== Custom Scans ==========[/color]


[color="#a23bec"]< %systemdrive%\*.* >[/color]
[2008-01-29 21:52:30 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009-06-13 17:35:05 | 000,000,142 | -HS- | M] () -- C:\boot.ini
[2001-07-22 00:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2008-01-29 21:52:30 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009-10-12 15:44:37 | 000,003,532 | ---- | M] () -- C:\drmHeader.bin
[2010-01-07 22:12:10 | 000,001,693 | ---- | M] () -- C:\FIFA 07.lnk
[2010-04-04 21:05:51 | 000,013,130 | ---- | M] () -- C:\graph.log
[2010-08-01 11:13:19 | 000,003,025 | ---- | M] () -- C:\hackhound.txt
[2008-01-29 21:52:30 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008-01-29 21:52:30 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-03 23:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009-05-05 21:06:08 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-08-03 10:39:33 | 1207,148,544 | -HS- | M] () -- C:\pagefile.sys
[2010-02-12 20:53:02 | 000,004,939 | ---- | M] () -- C:\PERF.LOG


[color="#a23bec"]< MD5 for: AGP440.SYS >[/color]
[2004-08-04 01:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2009-05-05 21:01:00 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2009-05-05 21:01:00 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color="#a23bec"]< MD5 for: ATAPI.SYS >[/color]
[2004-08-04 01:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009-05-05 21:01:00 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009-05-05 21:01:00 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[color="#a23bec"]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color="#a23bec"]< MD5 for: CDROM.SYS >[/color]
[2004-08-04 01:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009-05-05 21:01:00 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009-05-05 21:01:00 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[color="#a23bec"]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-14 19:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 19:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color="#a23bec"]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color="#a23bec"]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

[color="#e56717"]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:C31F31E6
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2
< End of report >[/log]
[color="#ff0000"]
//poprawiam nazwę tematu
//raaz[/color]

Tomek01
komentarz
komentarz

Zastosuj [b][color=#0000CD][url=http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe]Flash Disinfector[/url][/color][/b], najlepiej z podpiętym pendrive'm.


W OTL, w oknie Custom scan/fixes wklej:

[code]:Processes
Explorer.exe

:OTL
O33 - MountPoints2\{0ff8c060-1bd4-11de-9e23-000e50d931b6}\Shell\AutoRun\command - "" = G:\husyu8n.exe -- File not found
O33 - MountPoints2\{0ff8c060-1bd4-11de-9e23-000e50d931b6}\Shell\open\Command - "" = G:\husyu8n.exe -- File not found
O33 - MountPoints2\{0ff8c061-1bd4-11de-9e23-000e50d931b6}\Shell\AutoRun\command - "" = H:\husyu8n.exe -- File not found
O33 - MountPoints2\{0ff8c061-1bd4-11de-9e23-000e50d931b6}\Shell\open\Command - "" = H:\husyu8n.exe -- File not found
O33 - MountPoints2\{2a9ce100-e8c9-11de-a05c-000e50d931b6}\Shell\AutoRun\command - "" = H:\mbvd.exe -- File not found
O33 - MountPoints2\{2a9ce100-e8c9-11de-a05c-000e50d931b6}\Shell\open\Command - "" = H:\mbvd.exe -- File not found
O33 - MountPoints2\{a97c2dc5-fc91-11de-a082-000e50d931b6}\Shell\AutoRun\command - "" = I:\e9naq.exe -- File not found
O33 - MountPoints2\{a97c2dc5-fc91-11de-a082-000e50d931b6}\Shell\open\Command - "" = I:\e9naq.exe -- File not found
O33 - MountPoints2\{bde31d37-a9e0-11de-9fcf-000e50d931b6}\Shell\AutoRun\command - "" = F:\w9uxx92.exe -- File not found
O33 - MountPoints2\{bde31d37-a9e0-11de-9fcf-000e50d931b6}\Shell\open\Command - "" = F:\w9uxx92.exe -- File not found
O33 - MountPoints2\{cad98640-9e36-11de-9fb8-000e50d931b6}\Shell\AutoRun\command - "" = F:\ph.exe -- File not found
O33 - MountPoints2\{cad98640-9e36-11de-9fb8-000e50d931b6}\Shell\open\Command - "" = F:\ph.exe -- File not found
O33 - MountPoints2\{e3be78b2-a37b-11de-9fbe-000e50d931b6}\Shell\AutoRun\command - "" = F:\9jyhdim8.exe -- File not found
O33 - MountPoints2\{e3be78b2-a37b-11de-9fbe-000e50d931b6}\Shell\open\Command - "" = F:\9jyhdim8.exe -- File not found
O33 - MountPoints2\{e3be78b3-a37b-11de-9fbe-000e50d931b6}\Shell\AutoRun\command - "" = H:\9jyhdim8.exe -- File not found
O33 - MountPoints2\{e3be78b3-a37b-11de-9fbe-000e50d931b6}\Shell\open\Command - "" = H:\9jyhdim8.exe -- File not found
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:C31F31E6
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2

:Files
C:\Documents and Settings\Pawel\Dane aplikacji\EurekaLog

:Commands
[emptytemp]
[start explorer]
[Reboot]
[/code]

Wrzucasz log OTL z usuwania oraz nowe logi OTL i RSIT.

Gość
komentarz
komentarz

Gdzie jest ten LOG z usuwania?

Tomek01
komentarz
komentarz

Musi zostać wygenerowany po restarcie systemu.

Gość
komentarz
komentarz

no właśnie, jak się uruchomił ponownie to pokazał się LOG, ale nie chcący go zamknąłem.

Tomek01
komentarz
komentarz

Tam gdzie OTL zainstalował sobie katalogi. Jak nie znajdziesz, wygeneruj sobie nowego log'a. Otwórz go i w edycji masz opcję: otwórz katalog zawierający. Tam też powinien być log z usuwania.

Gość
komentarz
komentarz

[LOG]All processes killed
========== PROCESSES ==========
No active process named Explorer.exe was found!
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ff8c060-1bd4-11de-9e23-000e50d931b6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ff8c060-1bd4-11de-9e23-000e50d931b6}\ not found.
File G:\husyu8n.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ff8c060-1bd4-11de-9e23-000e50d931b6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ff8c060-1bd4-11de-9e23-000e50d931b6}\ not found.
File G:\husyu8n.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ff8c061-1bd4-11de-9e23-000e50d931b6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ff8c061-1bd4-11de-9e23-000e50d931b6}\ not found.
File H:\husyu8n.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ff8c061-1bd4-11de-9e23-000e50d931b6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ff8c061-1bd4-11de-9e23-000e50d931b6}\ not found.
File H:\husyu8n.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2a9ce100-e8c9-11de-a05c-000e50d931b6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2a9ce100-e8c9-11de-a05c-000e50d931b6}\ not found.
File H:\mbvd.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2a9ce100-e8c9-11de-a05c-000e50d931b6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2a9ce100-e8c9-11de-a05c-000e50d931b6}\ not found.
File H:\mbvd.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a97c2dc5-fc91-11de-a082-000e50d931b6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a97c2dc5-fc91-11de-a082-000e50d931b6}\ not found.
File I:\e9naq.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a97c2dc5-fc91-11de-a082-000e50d931b6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a97c2dc5-fc91-11de-a082-000e50d931b6}\ not found.
File I:\e9naq.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bde31d37-a9e0-11de-9fcf-000e50d931b6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bde31d37-a9e0-11de-9fcf-000e50d931b6}\ not found.
File F:\w9uxx92.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bde31d37-a9e0-11de-9fcf-000e50d931b6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bde31d37-a9e0-11de-9fcf-000e50d931b6}\ not found.
File F:\w9uxx92.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cad98640-9e36-11de-9fb8-000e50d931b6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cad98640-9e36-11de-9fb8-000e50d931b6}\ not found.
File F:\ph.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cad98640-9e36-11de-9fb8-000e50d931b6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cad98640-9e36-11de-9fb8-000e50d931b6}\ not found.
File F:\ph.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e3be78b2-a37b-11de-9fbe-000e50d931b6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e3be78b2-a37b-11de-9fbe-000e50d931b6}\ not found.
File F:\9jyhdim8.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e3be78b2-a37b-11de-9fbe-000e50d931b6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e3be78b2-a37b-11de-9fbe-000e50d931b6}\ not found.
File F:\9jyhdim8.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e3be78b3-a37b-11de-9fbe-000e50d931b6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e3be78b3-a37b-11de-9fbe-000e50d931b6}\ not found.
File H:\9jyhdim8.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e3be78b3-a37b-11de-9fbe-000e50d931b6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e3be78b3-a37b-11de-9fbe-000e50d931b6}\ not found.
File H:\9jyhdim8.exe not found.
ADS C:\Documents and Settings\All Users\Dane aplikacji\TEMP:C31F31E6 deleted successfully.
ADS C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2 deleted successfully.
========== FILES ==========
C:\Documents and Settings\Pawel\Dane aplikacji\EurekaLog folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 2857552 bytes
->Flash cache emptied: 405 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Gość
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 82245 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 586888 bytes

User: Pawel
->Temp folder emptied: 54560115 bytes
->Temporary Internet Files folder emptied: 52856689 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 117683312 bytes
->Opera cache emptied: 25463419 bytes
->Flash cache emptied: 2010445 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2630148 bytes
%systemroot%\System32 .tmp files removed: 17055268 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 929776 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 264,00 mb


OTL by OldTimer - Version 3.2.9.1 log created on 08032010_192350

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
[/log]

Tomek01
komentarz
komentarz

Czekam jednak wciąż na pozostałe logi.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.