Bomaw utworzono 7 sierpnia 2010 utworzono 7 sierpnia 2010 Witam Mam prosbe o sprawdzenie log z OTL , bylem pare dni bez antywirusa i sie boje czy nie zlapalem czegos. [log]OTL logfile created on: 2010-08-07 11:54:41 - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Tomek\Downloads 64bit- Enterprise Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 74,00% Memory free 8,00 Gb Paging File | 7,00 Gb Available in Paging File | 85,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 148,95 Gb Total Space | 123,47 Gb Free Space | 82,90% Space Free | Partition Type: NTFS Drive D: | 149,04 Gb Total Space | 148,95 Gb Free Space | 99,94% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DOM Current User Name: Tomek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-08-07 11:53:41 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Tomek\Downloads\OTL.exe PRC - [2010-08-06 16:11:40 | 000,407,336 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe PRC - [2010-08-06 16:11:19 | 001,238,352 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe PRC - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe PRC - [2009-11-20 15:34:08 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-08-07 11:53:41 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Tomek\Downloads\OTL.exe MOD - [2010-08-06 21:35:43 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2009-07-14 03:17:51 | 001,289,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2009-07-14 03:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2009-07-14 03:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2009-07-14 03:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-07-14 03:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2009-07-14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2009-07-14 03:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2009-07-14 03:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2009-07-14 03:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009-07-14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll MOD - [2009-07-14 03:16:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2009-07-14 03:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2009-07-14 03:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2009-07-14 03:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2009-07-14 03:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-07-14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2009-07-14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009-07-14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-07-14 03:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2009-07-14 03:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009-07-14 03:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009-07-14 03:11:24 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2009-07-14 03:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2009-07-14 03:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2009-07-14 03:11:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009-07-14 03:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2009-07-14 03:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2010-04-07 21:10:42 | 000,042,336 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV:[b]64bit:[/b] - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn) SRV:[b]64bit:[/b] - [2009-12-09 19:15:06 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2009-11-02 12:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV:[b]64bit:[/b] - [2009-09-21 16:24:40 | 001,420,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV:[b]64bit:[/b] - [2009-09-21 16:00:44 | 000,831,760 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService) SRV:[b]64bit:[/b] - [2009-07-14 03:41:54 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\StorSvc.dll -- (StorSvc) SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 03:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:[b]64bit:[/b] - [2009-03-27 12:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio) SRV - [2010-08-06 16:11:40 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2010-05-06 11:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:[b]64bit:[/b] - [2010-04-07 21:08:30 | 000,050,600 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp) DRV:[b]64bit:[/b] - [2010-04-07 21:08:28 | 000,033,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis) DRV:[b]64bit:[/b] - [2010-04-07 21:08:26 | 000,169,592 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw) DRV:[b]64bit:[/b] - [2010-04-07 21:07:10 | 000,139,704 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:[b]64bit:[/b] - [2010-04-07 21:03:52 | 000,163,888 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:[b]64bit:[/b] - [2010-01-22 03:13:24 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2010-01-22 02:07:56 | 000,161,280 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2009-12-09 21:40:30 | 006,179,328 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2009-11-11 17:44:26 | 000,034,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64k.sys -- (Point64) DRV:[b]64bit:[/b] - [2009-11-06 12:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2009-11-02 12:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:[b]64bit:[/b] - [2009-09-17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R) DRV:[b]64bit:[/b] - [2009-08-13 05:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:[b]64bit:[/b] - [2009-08-05 22:43:58 | 000,320,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM) DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 01:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap) DRV:[b]64bit:[/b] - [2009-07-14 01:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID) DRV:[b]64bit:[/b] - [2009-07-14 01:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC) DRV:[b]64bit:[/b] - [2009-06-24 12:23:24 | 000,205,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:[b]64bit:[/b] - [2009-06-10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-05-24 13:57:42 | 000,243,760 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-08-06 15:51:29 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010-08-06 21:41:56 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-08-07 09:42:18 | 000,000,000 | ---D | M] [2010-08-06 21:41:19 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\mozilla\Extensions [2010-08-06 21:41:19 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\mozilla\Firefox\Profiles\fixz9gmf.default\extensions [2010-08-06 16:02:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2010-08-06 16:02:46 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-07-23 02:41:44 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2010-07-23 02:41:44 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2010-07-23 02:41:44 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2010-07-23 02:41:44 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2010-07-23 02:41:44 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2010-07-23 02:41:44 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-08-06 21:35:38 | 000,000,921 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 genuine.microsoft.com O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O1 - Hosts: 127.0.0.1 sls.microsoft.com O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O4:[b]64bit:[/b] - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.) O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4:[b]64bit:[/b] - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [Steam] c:\program files (x86)\steam\steam.exe (Valve Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 86.63.64.48 86.63.64.49 O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{b2a89773-a190-11df-ad96-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{b2a89773-a190-11df-ad96-806e6f6e6963}\Shell\AutoRun\command - "" = E:\.\AutorunX\AutorunX.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) MsConfig:64bit - StartUpReg: [b]Gadu-Gadu 10[/b] - hkey= - key= - C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.) MsConfig:64bit - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] WudfRd - Driver SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WudfRd - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfRd - Driver SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfRd - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-08-07 09:43:06 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\ESET [2010-08-07 09:43:06 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\ESET [2010-08-07 09:42:17 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET [2010-08-07 09:42:17 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2010-08-07 09:41:34 | 000,000,000 | ---D | C] -- C:\Users\Tomek\Desktop\ESET Smart Security 4.2.58.3 PL x64 by mj [2010-08-06 22:27:22 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2010-08-06 21:42:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2010-08-06 21:42:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Launch Manager [2010-08-06 21:41:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2010-08-06 21:41:17 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Mozilla [2010-08-06 21:41:17 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\Mozilla [2010-08-06 21:41:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2010-08-06 21:40:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2010-08-06 21:40:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2010-08-06 21:35:39 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll [2010-08-06 21:35:39 | 000,001,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppcomapi.dll [2010-08-06 21:34:20 | 000,000,000 | R--D | C] -- C:\Users\Tomek\Searches [2010-08-06 21:34:06 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Identities [2010-08-06 21:34:00 | 000,000,000 | R--D | C] -- C:\Users\Tomek\Contacts [2010-08-06 21:33:54 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\VirtualStore [2010-08-06 21:33:30 | 000,000,000 | --SD | C] -- C:\Users\Tomek\AppData\Roaming\Microsoft [2010-08-06 21:33:30 | 000,000,000 | R--D | C] -- C:\Users\Tomek\Videos [2010-08-06 21:33:30 | 000,000,000 | R--D | C] -- C:\Users\Tomek\Saved Games [2010-08-06 21:33:30 | 000,000,000 | R--D | C] -- C:\Users\Tomek\Pictures [2010-08-06 21:33:30 | 000,000,000 | R--D | C] -- C:\Users\Tomek\Music [2010-08-06 21:33:30 | 000,000,000 | R--D | C] -- C:\Users\Tomek\Links [2010-08-06 21:33:30 | 000,000,000 | R--D | C] -- C:\Users\Tomek\Favorites [2010-08-06 21:33:30 | 000,000,000 | R--D | C] -- C:\Users\Tomek\Downloads [2010-08-06 21:33:30 | 000,000,000 | R--D | C] -- C:\Users\Tomek\Documents [2010-08-06 21:33:30 | 000,000,000 | R--D | C] -- C:\Users\Tomek\Desktop [2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\Ustawienia lokalne [2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\AppData\Local\Temporary Internet Files [2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\Szablony [2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\SendTo [2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\Recent [2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\PrintHood [2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\NetHood [2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\Documents\Moje wideo [2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\Documents\Moje obrazy [2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\Moje dokumenty [2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\Documents\Moja muzyka [2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\Menu Start [2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\AppData\Local\Historia [2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\Dane aplikacji [2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\AppData\Local\Dane aplikacji [2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\Cookies [2010-08-06 21:33:30 | 000,000,000 | -H-D | C] -- C:\Users\Tomek\AppData [2010-08-06 21:33:30 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\Temp [2010-08-06 21:33:30 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\Microsoft [2010-08-06 21:33:30 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Media Center Programs [2010-08-06 21:33:21 | 000,000,000 | -HSD | C] -- C:\Recovery [2010-08-06 21:33:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione [2010-08-06 21:33:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2010-08-06 21:33:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2010-08-06 21:33:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2010-08-06 21:33:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2010-08-06 21:33:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2010-08-06 21:33:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2010-08-06 21:33:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2010-08-06 21:33:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [2010-08-06 21:31:02 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2010-08-06 21:28:19 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2010-08-06 21:27:55 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2010-08-06 19:52:54 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\Diagnostics [2010-08-06 18:50:30 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Ventrilo [2010-08-06 18:50:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ventrilo [2010-08-06 18:50:16 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\mIRC [2010-08-06 18:50:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mIRC [2010-08-06 18:50:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2010-08-06 17:33:50 | 000,000,000 | ---D | C] -- C:\Users\Tomek\Documents\My Games [2010-08-06 17:33:31 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll [2010-08-06 17:33:31 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2010-08-06 17:33:31 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll [2010-08-06 17:33:31 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll [2010-08-06 17:33:31 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll [2010-08-06 17:33:31 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll [2010-08-06 17:33:30 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll [2010-08-06 17:33:30 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll [2010-08-06 17:33:30 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll [2010-08-06 17:33:30 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll [2010-08-06 17:33:29 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll [2010-08-06 17:33:29 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2010-08-06 17:33:29 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2010-08-06 17:33:29 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2010-08-06 17:31:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts [2010-08-06 17:01:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint [2010-08-06 17:01:25 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2010-08-06 16:31:38 | 001,658,880 | ---- | C] (SuYin) -- C:\Windows\Acer Crystal Eye webcam.EXE [2010-08-06 16:31:13 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Intel [2010-08-06 16:30:26 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\ATI [2010-08-06 16:30:26 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\ATI [2010-08-06 16:30:26 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2010-08-06 16:30:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel [2010-08-06 16:30:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel [2010-08-06 16:30:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco [2010-08-06 16:29:32 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom [2010-08-06 16:28:37 | 001,550,848 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys [2010-08-06 16:28:37 | 001,550,848 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\athrx.sys [2010-08-06 16:28:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atheros [2010-08-06 16:28:15 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\InstallShield [2010-08-06 16:26:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2010-08-06 16:26:22 | 000,446,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll [2010-08-06 16:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2010-08-06 16:22:49 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics [2010-08-06 16:22:43 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01009.dll [2010-08-06 16:20:36 | 000,000,000 | ---D | C] -- C:\ProgramData\AmUStor [2010-08-06 16:20:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AmIcoSingLun [2010-08-06 16:19:44 | 000,014,848 | ---- | C] (LSI Corporation) -- C:\Windows\SysWow64\agrsco64.dll [2010-08-06 16:19:41 | 000,000,000 | ---D | C] -- C:\Program Files\LSI SoftModem [2010-08-06 16:19:40 | 000,064,000 | ---- | C] (LSI Corporation) -- C:\Windows\agrsmdel.exe [2010-08-06 16:19:40 | 000,030,720 | ---- | C] (LSI Corporation) -- C:\Windows\agrdel64.exe [2010-08-06 16:19:40 | 000,014,848 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\agrsco64.dll [2010-08-06 16:19:35 | 000,000,000 | ---D | C] -- C:\Windows\Options [2010-08-06 16:19:20 | 000,000,000 | ---D | C] -- C:\Program Files\Apoint2K [2010-08-06 16:19:18 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01007.dll [2010-08-06 16:19:18 | 000,243,760 | ---- | C] (Alps Electric Co., Ltd.) -- C:\Windows\SysNative\drivers\Apfiltr.sys [2010-08-06 16:19:18 | 000,098,816 | ---- | C] (Alps Electric Co., Ltd.) -- C:\Windows\SysNative\Vxdif.dll [2010-08-06 16:17:05 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\skypePM [2010-08-06 16:12:13 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys [2010-08-06 16:11:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2010-08-06 16:11:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2010-08-06 16:10:00 | 000,055,296 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll [2010-08-06 16:04:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2010-08-06 16:04:47 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2010-08-06 16:04:46 | 001,604,128 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkHDM64.dll [2010-08-06 16:04:46 | 001,291,808 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHDMEx64.dll [2010-08-06 16:04:46 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll [2010-08-06 16:04:46 | 000,205,472 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys [2010-08-06 16:04:46 | 000,058,912 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHCoInst64.dll [2010-08-06 16:04:45 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll [2010-08-06 16:04:44 | 000,513,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2010-08-06 16:04:44 | 000,211,376 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2010-08-06 16:04:44 | 000,193,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2010-08-06 16:04:44 | 000,150,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2010-08-06 16:04:43 | 001,680,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll [2010-08-06 16:04:43 | 000,611,872 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl [2010-08-06 16:04:43 | 000,332,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll [2010-08-06 16:04:42 | 001,638,432 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll [2010-08-06 16:04:42 | 001,200,672 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll [2010-08-06 16:04:42 | 000,436,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll [2010-08-06 16:04:42 | 000,363,008 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2010-08-06 16:04:42 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2010-08-06 16:04:42 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2010-08-06 16:04:42 | 000,198,656 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2010-08-06 16:04:42 | 000,149,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll [2010-08-06 16:04:42 | 000,095,744 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2010-08-06 16:04:42 | 000,073,216 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2010-08-06 16:04:42 | 000,066,592 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll [2010-08-06 16:04:40 | 000,320,512 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2010-08-06 16:04:39 | 000,310,784 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2010-08-06 16:04:39 | 000,166,400 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll [2010-08-06 16:04:39 | 000,108,032 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll [2010-08-06 16:04:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2010-08-06 16:04:37 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2010-08-06 16:04:36 | 000,831,488 | R--- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2010-08-06 16:04:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2010-08-06 16:03:21 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Adobe [2010-08-06 16:02:54 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Skype [2010-08-06 16:02:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2010-08-06 16:02:37 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2010-08-06 16:02:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2010-08-06 16:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2010-08-06 16:02:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2010-08-06 15:59:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI [2010-08-06 15:59:10 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2010-08-06 15:58:57 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2010-08-06 15:58:21 | 000,000,000 | ---D | C] -- C:\ATI [2010-08-06 15:55:58 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2010-08-06 15:55:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros [2010-08-06 15:54:36 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll [2010-08-06 15:54:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2010-08-06 15:53:23 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\cache [2010-08-06 15:53:22 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Macromedia [2010-08-06 15:53:18 | 000,000,000 | ---D | C] -- C:\Intel [2010-08-06 15:51:40 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Gadu-Gadu 10 [2010-08-06 15:50:14 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mscomctl.ocx [2010-08-06 15:50:14 | 000,526,184 | ---- | C] (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) -- C:\Windows\SysWow64\XceedCry.dll [2010-08-06 15:50:14 | 000,456,536 | ---- | C] (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) -- C:\Windows\SysWow64\XCEEDZIP.DLL [2010-08-06 15:50:14 | 000,224,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Tabctl32.ocx [2010-08-06 15:50:14 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Comdlg32.ocx [2010-08-06 15:50:14 | 000,132,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Msinet.ocx [2010-08-06 15:50:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver Magician [2010-08-06 15:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Gadu-Gadu 10 [2010-08-06 15:49:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gadu-Gadu 10 [2010-08-06 15:47:49 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\WinRAR [2010-08-06 15:47:43 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2010-08-06 15:47:00 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2010-08-06 15:46:25 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-08-07 11:54:40 | 000,786,432 | -HS- | M] () -- C:\Users\Tomek\NTUSER.DAT [2010-08-07 10:31:18 | 001,523,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010-08-07 10:31:18 | 000,687,828 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2010-08-07 10:31:18 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010-08-07 10:31:18 | 000,131,382 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2010-08-07 10:31:18 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010-08-07 10:24:59 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010-08-07 10:24:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-08-07 10:24:44 | 3111,518,208 | -HS- | M] () -- C:\hiberfil.sys [2010-08-07 10:24:14 | 000,009,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010-08-07 10:24:13 | 000,009,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010-08-07 10:04:55 | 001,994,679 | -H-- | M] () -- C:\Users\Tomek\AppData\Local\IconCache.db [2010-08-07 09:44:29 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempJT2868.html [2010-08-06 21:57:06 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempOH1780.html [2010-08-06 21:44:12 | 000,000,997 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat.com.lnk [2010-08-06 21:42:25 | 000,000,000 | ---- | M] () -- C:\Windows\Setup.INI [2010-08-06 21:42:13 | 000,000,089 | ---- | M] () -- C:\Windows\LManager.UNI [2010-08-06 21:41:56 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010-08-06 21:41:15 | 000,001,939 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010-08-06 21:35:51 | 000,524,288 | -HS- | M] () -- C:\Users\Tomek\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2010-08-06 21:35:51 | 000,524,288 | -HS- | M] () -- C:\Users\Tomek\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2010-08-06 21:35:51 | 000,065,536 | -HS- | M] () -- C:\Users\Tomek\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2010-08-06 21:35:44 | 000,002,048 | ---- | M] () -- C:\Windows\SysWow64\winver.exe [2010-08-06 21:35:41 | 000,410,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll [2010-08-06 21:35:40 | 000,001,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\sppcomapi.dll [2010-08-06 21:35:39 | 000,113,543 | ---- | M] () -- C:\Windows\SysWow64\slmgr.vbs [2010-08-06 21:33:30 | 000,000,020 | -HS- | M] () -- C:\Users\Tomek\ntuser.ini [2010-08-06 21:31:41 | 000,000,803 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2010-08-06 21:31:41 | 000,000,803 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2010-08-06 21:13:41 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2010-08-06 20:41:05 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempDk3572.html [2010-08-06 20:41:05 | 000,002,089 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempWB3572.html [2010-08-06 20:16:09 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempLu3016.html [2010-08-06 19:55:05 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TemphUZ988.html [2010-08-06 19:55:05 | 000,002,089 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempEea988.html [2010-08-06 19:45:40 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempQX3396.html [2010-08-06 19:29:25 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempPDa568.html [2010-08-06 18:42:52 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\Temple1308.html [2010-08-06 18:41:47 | 000,057,952 | ---- | M] () -- C:\Users\Tomek\AppData\Local\GDIPFONTCACHEV1.DAT [2010-08-06 18:34:01 | 000,276,272 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010-08-06 17:01:52 | 000,002,635 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Mouse.lnk [2010-08-06 17:01:51 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64k_01009.Wdf [2010-08-06 16:32:55 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2010-08-06 16:32:04 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempaPR452.html [2010-08-06 16:32:04 | 000,002,089 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempctK452.html [2010-08-06 16:29:17 | 000,006,656 | ---- | M] () -- C:\Windows\SysNative\bcmwlrc.dll [2010-08-06 16:22:52 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf [2010-08-06 16:19:23 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01007.Wdf [2010-08-06 16:17:06 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat [2010-08-06 16:12:37 | 000,000,218 | ---- | M] () -- C:\Users\Tomek\Desktop\Counter-Strike.url [2010-08-06 16:06:20 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempPl2024.html [2010-08-06 16:00:25 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\Tempsf2812.html [2010-08-06 16:00:25 | 000,002,089 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempcX2812.html [2010-08-06 15:50:14 | 000,001,013 | ---- | M] () -- C:\Users\Tomek\Desktop\Driver Magician.lnk [2010-08-06 15:49:53 | 000,001,032 | ---- | M] () -- C:\Users\Public\Desktop\OpenFM.lnk [2010-08-06 15:49:53 | 000,001,003 | ---- | M] () -- C:\Users\Public\Desktop\Gadu-Gadu 10.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-08-07 09:03:07 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempJT2868.html [2010-08-06 21:49:49 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempOH1780.html [2010-08-06 21:44:12 | 000,000,997 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat.com.lnk [2010-08-06 21:42:25 | 000,000,000 | ---- | C] () -- C:\Windows\Setup.INI [2010-08-06 21:42:13 | 000,000,089 | ---- | C] () -- C:\Windows\LManager.UNI [2010-08-06 21:41:56 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010-08-06 21:41:15 | 000,001,939 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010-08-06 21:35:39 | 000,113,543 | ---- | C] () -- C:\Windows\SysWow64\slmgr.vbs [2010-08-06 21:35:39 | 000,002,048 | ---- | C] () -- C:\Windows\SysWow64\winver.exe [2010-08-06 21:33:30 | 000,786,432 | -HS- | C] () -- C:\Users\Tomek\NTUSER.DAT [2010-08-06 21:33:30 | 000,524,288 | -HS- | C] () -- C:\Users\Tomek\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2010-08-06 21:33:30 | 000,524,288 | -HS- | C] () -- C:\Users\Tomek\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2010-08-06 21:33:30 | 000,262,144 | -HS- | C] () -- C:\Users\Tomek\ntuser.dat.LOG1 [2010-08-06 21:33:30 | 000,065,536 | -HS- | C] () -- C:\Users\Tomek\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2010-08-06 21:33:30 | 000,000,020 | -HS- | C] () -- C:\Users\Tomek\ntuser.ini [2010-08-06 21:33:30 | 000,000,000 | -HS- | C] () -- C:\Users\Tomek\ntuser.dat.LOG2 [2010-08-06 21:27:55 | 3111,518,208 | -HS- | C] () -- C:\hiberfil.sys [2010-08-06 20:38:07 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempDk3572.html [2010-08-06 20:38:07 | 000,002,089 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempWB3572.html [2010-08-06 19:57:41 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempLu3016.html [2010-08-06 19:52:13 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TemphUZ988.html [2010-08-06 19:52:13 | 000,002,089 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempEea988.html [2010-08-06 19:45:25 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempQX3396.html [2010-08-06 19:22:41 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempPDa568.html [2010-08-06 18:41:16 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\Temple1308.html [2010-08-06 17:01:52 | 000,002,635 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Mouse.lnk [2010-08-06 17:01:51 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64k_01009.Wdf [2010-08-06 16:32:55 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010-08-06 16:31:38 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll [2010-08-06 16:31:38 | 000,222,382 | ---- | C] () -- C:\Windows\Acer Crystal Eye webcam.ico [2010-08-06 16:31:38 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe [2010-08-06 16:31:38 | 000,020,480 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe [2010-08-06 16:31:38 | 000,008,362 | ---- | C] () -- C:\Windows\Suyin.reg [2010-08-06 16:31:38 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini [2010-08-06 16:29:33 | 000,006,656 | ---- | C] () -- C:\Windows\SysNative\bcmwlrc.dll [2010-08-06 16:28:37 | 000,308,477 | ---- | C] () -- C:\Windows\SysNative\netathrx.inf [2010-08-06 16:28:37 | 000,051,232 | ---- | C] () -- C:\Windows\SysNative\athrextx.cat [2010-08-06 16:26:22 | 000,019,017 | ---- | C] () -- C:\Windows\atiogl.xml [2010-08-06 16:22:52 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf [2010-08-06 16:19:23 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01007.Wdf [2010-08-06 16:17:06 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010-08-06 16:12:37 | 000,000,218 | ---- | C] () -- C:\Users\Tomek\Desktop\Counter-Strike.url [2010-08-06 16:10:00 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010-08-06 16:10:00 | 000,001,035 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat [2010-08-06 16:08:51 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempaPR452.html [2010-08-06 16:08:51 | 000,002,089 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempctK452.html [2010-08-06 16:04:47 | 000,001,256 | R--- | C] () -- C:\Windows\SysNative\drivers\RTHDATEX.DAT [2010-08-06 16:04:47 | 000,000,520 | R--- | C] () -- C:\Windows\SysNative\drivers\RTEQEX2.DAT [2010-08-06 16:04:47 | 000,000,520 | R--- | C] () -- C:\Windows\SysNative\drivers\RTEQEX1.DAT [2010-08-06 16:04:47 | 000,000,520 | R--- | C] () -- C:\Windows\SysNative\drivers\RTEQEX0.DAT [2010-08-06 16:04:47 | 000,000,008 | R--- | C] () -- C:\Windows\SysNative\drivers\RTKHDAUD.DAT [2010-08-06 16:04:46 | 000,214,552 | R--- | C] () -- C:\Windows\SysNative\drivers\RTCONVEQ.DAT [2010-08-06 16:02:38 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2010-08-06 16:01:54 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempPl2024.html [2010-08-06 15:53:23 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\Tempsf2812.html [2010-08-06 15:53:23 | 000,002,089 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempcX2812.html [2010-08-06 15:50:14 | 000,110,602 | ---- | C] () -- C:\Windows\SysWow64\xcdsfx32.bin [2010-08-06 15:50:14 | 000,001,013 | ---- | C] () -- C:\Users\Tomek\Desktop\Driver Magician.lnk [2010-08-06 15:49:53 | 000,001,032 | ---- | C] () -- C:\Users\Public\Desktop\OpenFM.lnk [2010-08-06 15:49:53 | 000,001,003 | ---- | C] () -- C:\Users\Public\Desktop\Gadu-Gadu 10.lnk [2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [color=#E56717]========== LOP Check ==========[/color] [2010-08-07 09:43:06 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\ESET [2010-08-06 16:00:25 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Gadu-Gadu 10 [2009-07-14 07:08:49 | 000,003,814 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-08-07 10:24:44 | 3111,518,208 | -HS- | M] () -- C:\hiberfil.sys [2010-08-07 10:24:47 | 4148,690,944 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys [2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe < End of report >[/log] Za pomoc dziekuje
MarekM25 komentarz 7 sierpnia 2010 komentarz 7 sierpnia 2010 Uruchom OTL i w oknie Custom Scans/Fixes wklej następujący skrypt: [code] :OTL PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not foundO21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not foundO33 - MountPoints2\{b2a89773-a190-11df-ad96-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{b2a89773-a190-11df-ad96-806e6f6e6963}\Shell\AutoRun\command - "" = E:\.\AutorunX\AutorunX.exe -- File not found :Commands [emptytemp] [start explorer] [Reboot][/code] Kliknij w Run Fix. Zatwierdź restart komputera. Znasz te przekierowania: O1 - Hosts: 127.0.0.1 genuine.microsoft.com O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O1 - Hosts: 127.0.0.1 sls.microsoft.com Poza tym czysto.
Bomaw komentarz 7 sierpnia 2010 Autor komentarz 7 sierpnia 2010 Dzieki za sprawdzenie a co do przekierowan to nie mam pojecia
MarekM25 komentarz 7 sierpnia 2010 komentarz 7 sierpnia 2010 Więc otwórz plik: C:\Windows\SysNative\drivers\etc\hosts i usuń te przekierowania i tyle;)
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.