x-kom hosting

Prosze o sprawdzenie log OTL

Bomaw
utworzono
utworzono

Witam
Mam prosbe o sprawdzenie log z OTL , bylem pare dni bez antywirusa i sie boje czy nie zlapalem czegos.
[log]OTL logfile created on: 2010-08-07 11:54:41 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Tomek\Downloads
64bit- Enterprise Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 74,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148,95 Gb Total Space | 123,47 Gb Free Space | 82,90% Space Free | Partition Type: NTFS
Drive D: | 149,04 Gb Total Space | 148,95 Gb Free Space | 99,94% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DOM
Current User Name: Tomek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-08-07 11:53:41 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Tomek\Downloads\OTL.exe
PRC - [2010-08-06 16:11:40 | 000,407,336 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2010-08-06 16:11:19 | 001,238,352 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2009-11-20 15:34:08 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-08-07 11:53:41 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Tomek\Downloads\OTL.exe
MOD - [2010-08-06 21:35:43 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2009-07-14 03:17:51 | 001,289,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2009-07-14 03:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2009-07-14 03:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009-07-14 03:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 03:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009-07-14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2009-07-14 03:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2009-07-14 03:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2009-07-14 03:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-07-14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2009-07-14 03:16:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2009-07-14 03:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2009-07-14 03:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2009-07-14 03:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2009-07-14 03:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2009-07-14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 03:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2009-07-14 03:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 03:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 03:11:24 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2009-07-14 03:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2009-07-14 03:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2009-07-14 03:11:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 03:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2009-07-14 03:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2010-04-07 21:10:42 | 000,042,336 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV:[b]64bit:[/b] - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:[b]64bit:[/b] - [2009-12-09 19:15:06 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2009-11-02 12:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:[b]64bit:[/b] - [2009-09-21 16:24:40 | 001,420,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:[b]64bit:[/b] - [2009-09-21 16:00:44 | 000,831,760 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:54 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\StorSvc.dll -- (StorSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:[b]64bit:[/b] - [2009-03-27 12:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2010-08-06 16:11:40 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2010-05-06 11:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:[b]64bit:[/b] - [2010-04-07 21:08:30 | 000,050,600 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:[b]64bit:[/b] - [2010-04-07 21:08:28 | 000,033,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis)
DRV:[b]64bit:[/b] - [2010-04-07 21:08:26 | 000,169,592 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:[b]64bit:[/b] - [2010-04-07 21:07:10 | 000,139,704 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:[b]64bit:[/b] - [2010-04-07 21:03:52 | 000,163,888 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:[b]64bit:[/b] - [2010-01-22 03:13:24 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2010-01-22 02:07:56 | 000,161,280 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2009-12-09 21:40:30 | 006,179,328 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2009-11-11 17:44:26 | 000,034,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64k.sys -- (Point64)
DRV:[b]64bit:[/b] - [2009-11-06 12:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2009-11-02 12:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:[b]64bit:[/b] - [2009-09-17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:[b]64bit:[/b] - [2009-08-13 05:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:[b]64bit:[/b] - [2009-08-05 22:43:58 | 000,320,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 01:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:[b]64bit:[/b] - [2009-07-14 01:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:[b]64bit:[/b] - [2009-07-14 01:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:[b]64bit:[/b] - [2009-06-24 12:23:24 | 000,205,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:[b]64bit:[/b] - [2009-06-10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-05-24 13:57:42 | 000,243,760 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-08-06 15:51:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010-08-06 21:41:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-08-07 09:42:18 | 000,000,000 | ---D | M]

[2010-08-06 21:41:19 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\mozilla\Extensions
[2010-08-06 21:41:19 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\mozilla\Firefox\Profiles\fixz9gmf.default\extensions
[2010-08-06 16:02:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010-08-06 16:02:46 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010-07-23 02:41:44 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2010-07-23 02:41:44 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2010-07-23 02:41:44 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2010-07-23 02:41:44 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2010-07-23 02:41:44 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-07-23 02:41:44 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-08-06 21:35:38 | 000,000,921 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 genuine.microsoft.com
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O1 - Hosts: 127.0.0.1 sls.microsoft.com
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4:[b]64bit:[/b] - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:[b]64bit:[/b] - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Steam] c:\program files (x86)\steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 86.63.64.48 86.63.64.49
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{b2a89773-a190-11df-ad96-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b2a89773-a190-11df-ad96-806e6f6e6963}\Shell\AutoRun\command - "" = E:\.\AutorunX\AutorunX.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

MsConfig:64bit - StartUpReg: [b]Gadu-Gadu 10[/b] - hkey= - key= - C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.)
MsConfig:64bit - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] WudfRd - Driver
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WudfRd - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfRd - Driver
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfRd - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-08-07 09:43:06 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\ESET
[2010-08-07 09:43:06 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\ESET
[2010-08-07 09:42:17 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2010-08-07 09:42:17 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010-08-07 09:41:34 | 000,000,000 | ---D | C] -- C:\Users\Tomek\Desktop\ESET Smart Security 4.2.58.3 PL x64 by mj
[2010-08-06 22:27:22 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010-08-06 21:42:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2010-08-06 21:42:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Launch Manager
[2010-08-06 21:41:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010-08-06 21:41:17 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Mozilla
[2010-08-06 21:41:17 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\Mozilla
[2010-08-06 21:41:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010-08-06 21:40:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010-08-06 21:40:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010-08-06 21:35:39 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll
[2010-08-06 21:35:39 | 000,001,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppcomapi.dll
[2010-08-06 21:34:20 | 000,000,000 | R--D | C] -- C:\Users\Tomek\Searches
[2010-08-06 21:34:06 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Identities
[2010-08-06 21:34:00 | 000,000,000 | R--D | C] -- C:\Users\Tomek\Contacts
[2010-08-06 21:33:54 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\VirtualStore
[2010-08-06 21:33:30 | 000,000,000 | --SD | C] -- C:\Users\Tomek\AppData\Roaming\Microsoft
[2010-08-06 21:33:30 | 000,000,000 | R--D | C] -- C:\Users\Tomek\Videos
[2010-08-06 21:33:30 | 000,000,000 | R--D | C] -- C:\Users\Tomek\Saved Games
[2010-08-06 21:33:30 | 000,000,000 | R--D | C] -- C:\Users\Tomek\Pictures
[2010-08-06 21:33:30 | 000,000,000 | R--D | C] -- C:\Users\Tomek\Music
[2010-08-06 21:33:30 | 000,000,000 | R--D | C] -- C:\Users\Tomek\Links
[2010-08-06 21:33:30 | 000,000,000 | R--D | C] -- C:\Users\Tomek\Favorites
[2010-08-06 21:33:30 | 000,000,000 | R--D | C] -- C:\Users\Tomek\Downloads
[2010-08-06 21:33:30 | 000,000,000 | R--D | C] -- C:\Users\Tomek\Documents
[2010-08-06 21:33:30 | 000,000,000 | R--D | C] -- C:\Users\Tomek\Desktop
[2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\Ustawienia lokalne
[2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\AppData\Local\Temporary Internet Files
[2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\Szablony
[2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\SendTo
[2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\Recent
[2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\PrintHood
[2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\NetHood
[2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\Documents\Moje wideo
[2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\Documents\Moje obrazy
[2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\Moje dokumenty
[2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\Documents\Moja muzyka
[2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\Menu Start
[2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\AppData\Local\Historia
[2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\Dane aplikacji
[2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\AppData\Local\Dane aplikacji
[2010-08-06 21:33:30 | 000,000,000 | -HSD | C] -- C:\Users\Tomek\Cookies
[2010-08-06 21:33:30 | 000,000,000 | -H-D | C] -- C:\Users\Tomek\AppData
[2010-08-06 21:33:30 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\Temp
[2010-08-06 21:33:30 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\Microsoft
[2010-08-06 21:33:30 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Media Center Programs
[2010-08-06 21:33:21 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010-08-06 21:33:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2010-08-06 21:33:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2010-08-06 21:33:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2010-08-06 21:33:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2010-08-06 21:33:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2010-08-06 21:33:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2010-08-06 21:33:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2010-08-06 21:33:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2010-08-06 21:33:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji
[2010-08-06 21:31:02 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010-08-06 21:28:19 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010-08-06 21:27:55 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010-08-06 19:52:54 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\Diagnostics
[2010-08-06 18:50:30 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Ventrilo
[2010-08-06 18:50:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ventrilo
[2010-08-06 18:50:16 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\mIRC
[2010-08-06 18:50:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mIRC
[2010-08-06 18:50:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010-08-06 17:33:50 | 000,000,000 | ---D | C] -- C:\Users\Tomek\Documents\My Games
[2010-08-06 17:33:31 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2010-08-06 17:33:31 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2010-08-06 17:33:31 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2010-08-06 17:33:31 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2010-08-06 17:33:31 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2010-08-06 17:33:31 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2010-08-06 17:33:30 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2010-08-06 17:33:30 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2010-08-06 17:33:30 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2010-08-06 17:33:30 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2010-08-06 17:33:29 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2010-08-06 17:33:29 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2010-08-06 17:33:29 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2010-08-06 17:33:29 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2010-08-06 17:31:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2010-08-06 17:01:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint
[2010-08-06 17:01:25 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010-08-06 16:31:38 | 001,658,880 | ---- | C] (SuYin) -- C:\Windows\Acer Crystal Eye webcam.EXE
[2010-08-06 16:31:13 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Intel
[2010-08-06 16:30:26 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\ATI
[2010-08-06 16:30:26 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\ATI
[2010-08-06 16:30:26 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010-08-06 16:30:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2010-08-06 16:30:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2010-08-06 16:30:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2010-08-06 16:29:32 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2010-08-06 16:28:37 | 001,550,848 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2010-08-06 16:28:37 | 001,550,848 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\athrx.sys
[2010-08-06 16:28:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atheros
[2010-08-06 16:28:15 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\InstallShield
[2010-08-06 16:26:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2010-08-06 16:26:22 | 000,446,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2010-08-06 16:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010-08-06 16:22:49 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2010-08-06 16:22:43 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01009.dll
[2010-08-06 16:20:36 | 000,000,000 | ---D | C] -- C:\ProgramData\AmUStor
[2010-08-06 16:20:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AmIcoSingLun
[2010-08-06 16:19:44 | 000,014,848 | ---- | C] (LSI Corporation) -- C:\Windows\SysWow64\agrsco64.dll
[2010-08-06 16:19:41 | 000,000,000 | ---D | C] -- C:\Program Files\LSI SoftModem
[2010-08-06 16:19:40 | 000,064,000 | ---- | C] (LSI Corporation) -- C:\Windows\agrsmdel.exe
[2010-08-06 16:19:40 | 000,030,720 | ---- | C] (LSI Corporation) -- C:\Windows\agrdel64.exe
[2010-08-06 16:19:40 | 000,014,848 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\agrsco64.dll
[2010-08-06 16:19:35 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2010-08-06 16:19:20 | 000,000,000 | ---D | C] -- C:\Program Files\Apoint2K
[2010-08-06 16:19:18 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01007.dll
[2010-08-06 16:19:18 | 000,243,760 | ---- | C] (Alps Electric Co., Ltd.) -- C:\Windows\SysNative\drivers\Apfiltr.sys
[2010-08-06 16:19:18 | 000,098,816 | ---- | C] (Alps Electric Co., Ltd.) -- C:\Windows\SysNative\Vxdif.dll
[2010-08-06 16:17:05 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\skypePM
[2010-08-06 16:12:13 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2010-08-06 16:11:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2010-08-06 16:11:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2010-08-06 16:10:00 | 000,055,296 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll
[2010-08-06 16:04:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2010-08-06 16:04:47 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010-08-06 16:04:46 | 001,604,128 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkHDM64.dll
[2010-08-06 16:04:46 | 001,291,808 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHDMEx64.dll
[2010-08-06 16:04:46 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll
[2010-08-06 16:04:46 | 000,205,472 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys
[2010-08-06 16:04:46 | 000,058,912 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHCoInst64.dll
[2010-08-06 16:04:45 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll
[2010-08-06 16:04:44 | 000,513,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2010-08-06 16:04:44 | 000,211,376 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2010-08-06 16:04:44 | 000,193,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2010-08-06 16:04:44 | 000,150,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2010-08-06 16:04:43 | 001,680,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2010-08-06 16:04:43 | 000,611,872 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2010-08-06 16:04:43 | 000,332,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2010-08-06 16:04:42 | 001,638,432 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2010-08-06 16:04:42 | 001,200,672 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2010-08-06 16:04:42 | 000,436,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2010-08-06 16:04:42 | 000,363,008 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2010-08-06 16:04:42 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2010-08-06 16:04:42 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2010-08-06 16:04:42 | 000,198,656 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2010-08-06 16:04:42 | 000,149,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2010-08-06 16:04:42 | 000,095,744 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2010-08-06 16:04:42 | 000,073,216 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2010-08-06 16:04:42 | 000,066,592 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2010-08-06 16:04:40 | 000,320,512 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2010-08-06 16:04:39 | 000,310,784 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2010-08-06 16:04:39 | 000,166,400 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2010-08-06 16:04:39 | 000,108,032 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2010-08-06 16:04:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2010-08-06 16:04:37 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2010-08-06 16:04:36 | 000,831,488 | R--- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010-08-06 16:04:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010-08-06 16:03:21 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Adobe
[2010-08-06 16:02:54 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Skype
[2010-08-06 16:02:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2010-08-06 16:02:37 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010-08-06 16:02:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010-08-06 16:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010-08-06 16:02:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010-08-06 15:59:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI
[2010-08-06 15:59:10 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2010-08-06 15:58:57 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010-08-06 15:58:21 | 000,000,000 | ---D | C] -- C:\ATI
[2010-08-06 15:55:58 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2010-08-06 15:55:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2010-08-06 15:54:36 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2010-08-06 15:54:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2010-08-06 15:53:23 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\cache
[2010-08-06 15:53:22 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Macromedia
[2010-08-06 15:53:18 | 000,000,000 | ---D | C] -- C:\Intel
[2010-08-06 15:51:40 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Gadu-Gadu 10
[2010-08-06 15:50:14 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mscomctl.ocx
[2010-08-06 15:50:14 | 000,526,184 | ---- | C] (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) -- C:\Windows\SysWow64\XceedCry.dll
[2010-08-06 15:50:14 | 000,456,536 | ---- | C] (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) -- C:\Windows\SysWow64\XCEEDZIP.DLL
[2010-08-06 15:50:14 | 000,224,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Tabctl32.ocx
[2010-08-06 15:50:14 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Comdlg32.ocx
[2010-08-06 15:50:14 | 000,132,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Msinet.ocx
[2010-08-06 15:50:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver Magician
[2010-08-06 15:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Gadu-Gadu 10
[2010-08-06 15:49:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gadu-Gadu 10
[2010-08-06 15:47:49 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\WinRAR
[2010-08-06 15:47:43 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010-08-06 15:47:00 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010-08-06 15:46:25 | 000,000,000 | -HSD | C] -- C:\Windows\Installer

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-08-07 11:54:40 | 000,786,432 | -HS- | M] () -- C:\Users\Tomek\NTUSER.DAT
[2010-08-07 10:31:18 | 001,523,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010-08-07 10:31:18 | 000,687,828 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2010-08-07 10:31:18 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010-08-07 10:31:18 | 000,131,382 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2010-08-07 10:31:18 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010-08-07 10:24:59 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-08-07 10:24:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-08-07 10:24:44 | 3111,518,208 | -HS- | M] () -- C:\hiberfil.sys
[2010-08-07 10:24:14 | 000,009,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010-08-07 10:24:13 | 000,009,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010-08-07 10:04:55 | 001,994,679 | -H-- | M] () -- C:\Users\Tomek\AppData\Local\IconCache.db
[2010-08-07 09:44:29 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempJT2868.html
[2010-08-06 21:57:06 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempOH1780.html
[2010-08-06 21:44:12 | 000,000,997 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat.com.lnk
[2010-08-06 21:42:25 | 000,000,000 | ---- | M] () -- C:\Windows\Setup.INI
[2010-08-06 21:42:13 | 000,000,089 | ---- | M] () -- C:\Windows\LManager.UNI
[2010-08-06 21:41:56 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010-08-06 21:41:15 | 000,001,939 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-08-06 21:35:51 | 000,524,288 | -HS- | M] () -- C:\Users\Tomek\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010-08-06 21:35:51 | 000,524,288 | -HS- | M] () -- C:\Users\Tomek\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010-08-06 21:35:51 | 000,065,536 | -HS- | M] () -- C:\Users\Tomek\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010-08-06 21:35:44 | 000,002,048 | ---- | M] () -- C:\Windows\SysWow64\winver.exe
[2010-08-06 21:35:41 | 000,410,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll
[2010-08-06 21:35:40 | 000,001,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\sppcomapi.dll
[2010-08-06 21:35:39 | 000,113,543 | ---- | M] () -- C:\Windows\SysWow64\slmgr.vbs
[2010-08-06 21:33:30 | 000,000,020 | -HS- | M] () -- C:\Users\Tomek\ntuser.ini
[2010-08-06 21:31:41 | 000,000,803 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010-08-06 21:31:41 | 000,000,803 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010-08-06 21:13:41 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010-08-06 20:41:05 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempDk3572.html
[2010-08-06 20:41:05 | 000,002,089 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempWB3572.html
[2010-08-06 20:16:09 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempLu3016.html
[2010-08-06 19:55:05 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TemphUZ988.html
[2010-08-06 19:55:05 | 000,002,089 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempEea988.html
[2010-08-06 19:45:40 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempQX3396.html
[2010-08-06 19:29:25 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempPDa568.html
[2010-08-06 18:42:52 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\Temple1308.html
[2010-08-06 18:41:47 | 000,057,952 | ---- | M] () -- C:\Users\Tomek\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-08-06 18:34:01 | 000,276,272 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010-08-06 17:01:52 | 000,002,635 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Mouse.lnk
[2010-08-06 17:01:51 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64k_01009.Wdf
[2010-08-06 16:32:55 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010-08-06 16:32:04 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempaPR452.html
[2010-08-06 16:32:04 | 000,002,089 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempctK452.html
[2010-08-06 16:29:17 | 000,006,656 | ---- | M] () -- C:\Windows\SysNative\bcmwlrc.dll
[2010-08-06 16:22:52 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010-08-06 16:19:23 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01007.Wdf
[2010-08-06 16:17:06 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010-08-06 16:12:37 | 000,000,218 | ---- | M] () -- C:\Users\Tomek\Desktop\Counter-Strike.url
[2010-08-06 16:06:20 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempPl2024.html
[2010-08-06 16:00:25 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\Tempsf2812.html
[2010-08-06 16:00:25 | 000,002,089 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempcX2812.html
[2010-08-06 15:50:14 | 000,001,013 | ---- | M] () -- C:\Users\Tomek\Desktop\Driver Magician.lnk
[2010-08-06 15:49:53 | 000,001,032 | ---- | M] () -- C:\Users\Public\Desktop\OpenFM.lnk
[2010-08-06 15:49:53 | 000,001,003 | ---- | M] () -- C:\Users\Public\Desktop\Gadu-Gadu 10.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-08-07 09:03:07 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempJT2868.html
[2010-08-06 21:49:49 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempOH1780.html
[2010-08-06 21:44:12 | 000,000,997 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat.com.lnk
[2010-08-06 21:42:25 | 000,000,000 | ---- | C] () -- C:\Windows\Setup.INI
[2010-08-06 21:42:13 | 000,000,089 | ---- | C] () -- C:\Windows\LManager.UNI
[2010-08-06 21:41:56 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010-08-06 21:41:15 | 000,001,939 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010-08-06 21:35:39 | 000,113,543 | ---- | C] () -- C:\Windows\SysWow64\slmgr.vbs
[2010-08-06 21:35:39 | 000,002,048 | ---- | C] () -- C:\Windows\SysWow64\winver.exe
[2010-08-06 21:33:30 | 000,786,432 | -HS- | C] () -- C:\Users\Tomek\NTUSER.DAT
[2010-08-06 21:33:30 | 000,524,288 | -HS- | C] () -- C:\Users\Tomek\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010-08-06 21:33:30 | 000,524,288 | -HS- | C] () -- C:\Users\Tomek\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010-08-06 21:33:30 | 000,262,144 | -HS- | C] () -- C:\Users\Tomek\ntuser.dat.LOG1
[2010-08-06 21:33:30 | 000,065,536 | -HS- | C] () -- C:\Users\Tomek\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010-08-06 21:33:30 | 000,000,020 | -HS- | C] () -- C:\Users\Tomek\ntuser.ini
[2010-08-06 21:33:30 | 000,000,000 | -HS- | C] () -- C:\Users\Tomek\ntuser.dat.LOG2
[2010-08-06 21:27:55 | 3111,518,208 | -HS- | C] () -- C:\hiberfil.sys
[2010-08-06 20:38:07 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempDk3572.html
[2010-08-06 20:38:07 | 000,002,089 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempWB3572.html
[2010-08-06 19:57:41 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempLu3016.html
[2010-08-06 19:52:13 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TemphUZ988.html
[2010-08-06 19:52:13 | 000,002,089 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempEea988.html
[2010-08-06 19:45:25 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempQX3396.html
[2010-08-06 19:22:41 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempPDa568.html
[2010-08-06 18:41:16 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\Temple1308.html
[2010-08-06 17:01:52 | 000,002,635 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Mouse.lnk
[2010-08-06 17:01:51 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64k_01009.Wdf
[2010-08-06 16:32:55 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010-08-06 16:31:38 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2010-08-06 16:31:38 | 000,222,382 | ---- | C] () -- C:\Windows\Acer Crystal Eye webcam.ico
[2010-08-06 16:31:38 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2010-08-06 16:31:38 | 000,020,480 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe
[2010-08-06 16:31:38 | 000,008,362 | ---- | C] () -- C:\Windows\Suyin.reg
[2010-08-06 16:31:38 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini
[2010-08-06 16:29:33 | 000,006,656 | ---- | C] () -- C:\Windows\SysNative\bcmwlrc.dll
[2010-08-06 16:28:37 | 000,308,477 | ---- | C] () -- C:\Windows\SysNative\netathrx.inf
[2010-08-06 16:28:37 | 000,051,232 | ---- | C] () -- C:\Windows\SysNative\athrextx.cat
[2010-08-06 16:26:22 | 000,019,017 | ---- | C] () -- C:\Windows\atiogl.xml
[2010-08-06 16:22:52 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010-08-06 16:19:23 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01007.Wdf
[2010-08-06 16:17:06 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010-08-06 16:12:37 | 000,000,218 | ---- | C] () -- C:\Users\Tomek\Desktop\Counter-Strike.url
[2010-08-06 16:10:00 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010-08-06 16:10:00 | 000,001,035 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2010-08-06 16:08:51 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempaPR452.html
[2010-08-06 16:08:51 | 000,002,089 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempctK452.html
[2010-08-06 16:04:47 | 000,001,256 | R--- | C] () -- C:\Windows\SysNative\drivers\RTHDATEX.DAT
[2010-08-06 16:04:47 | 000,000,520 | R--- | C] () -- C:\Windows\SysNative\drivers\RTEQEX2.DAT
[2010-08-06 16:04:47 | 000,000,520 | R--- | C] () -- C:\Windows\SysNative\drivers\RTEQEX1.DAT
[2010-08-06 16:04:47 | 000,000,520 | R--- | C] () -- C:\Windows\SysNative\drivers\RTEQEX0.DAT
[2010-08-06 16:04:47 | 000,000,008 | R--- | C] () -- C:\Windows\SysNative\drivers\RTKHDAUD.DAT
[2010-08-06 16:04:46 | 000,214,552 | R--- | C] () -- C:\Windows\SysNative\drivers\RTCONVEQ.DAT
[2010-08-06 16:02:38 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010-08-06 16:01:54 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempPl2024.html
[2010-08-06 15:53:23 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\Tempsf2812.html
[2010-08-06 15:53:23 | 000,002,089 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempcX2812.html
[2010-08-06 15:50:14 | 000,110,602 | ---- | C] () -- C:\Windows\SysWow64\xcdsfx32.bin
[2010-08-06 15:50:14 | 000,001,013 | ---- | C] () -- C:\Users\Tomek\Desktop\Driver Magician.lnk
[2010-08-06 15:49:53 | 000,001,032 | ---- | C] () -- C:\Users\Public\Desktop\OpenFM.lnk
[2010-08-06 15:49:53 | 000,001,003 | ---- | C] () -- C:\Users\Public\Desktop\Gadu-Gadu 10.lnk
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-08-07 09:43:06 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\ESET
[2010-08-06 16:00:25 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Gadu-Gadu 10
[2009-07-14 07:08:49 | 000,003,814 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-08-07 10:24:44 | 3111,518,208 | -HS- | M] () -- C:\hiberfil.sys
[2010-08-07 10:24:47 | 4148,690,944 | -HS- | M] () -- C:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
< End of report >[/log]

Za pomoc dziekuje

MarekM25
komentarz
komentarz

Uruchom OTL i w oknie Custom Scans/Fixes wklej następujący skrypt:

[code]
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not foundO21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not foundO33 - MountPoints2\{b2a89773-a190-11df-ad96-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b2a89773-a190-11df-ad96-806e6f6e6963}\Shell\AutoRun\command - "" = E:\.\AutorunX\AutorunX.exe -- File not found

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]


Kliknij w Run Fix. Zatwierdź restart komputera.

Znasz te przekierowania:
O1 - Hosts: 127.0.0.1 genuine.microsoft.com
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O1 - Hosts: 127.0.0.1 sls.microsoft.com

Poza tym czysto.

Bomaw
komentarz
komentarz

Dzieki za sprawdzenie a co do przekierowan to nie mam pojecia

MarekM25
komentarz
komentarz

Więc otwórz plik: C:\Windows\SysNative\drivers\etc\hosts i usuń te przekierowania i tyle;)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.