x-kom hosting

Atak ze strony internetowej -Help!-

makss
utworzono
utworzono

Witam
Mam problem otóż ciągle ktoś próbuje się włamać na mój komputer co parę minut. Próbuję zablokować stronę przez Hosta, ale strona zmienia porty. Proszę o pomoc!

MarekM25
komentarz
komentarz

Zobaczymy najpierw czy coś u Ciebie nie siedzi. Daj loga z OTL.

makss
komentarz
komentarz (edytowane)

[log]OTL logfile created on: 2010-08-10 14:22:41 - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = E:\Download
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 87,75 Gb Total Space | 39,56 Gb Free Space | 45,09% Space Free | Partition Type: NTFS
Drive D: | 180,84 Gb Total Space | 28,37 Gb Free Space | 15,69% Space Free | Partition Type: NTFS
Drive E: | 29,50 Gb Total Space | 3,47 Gb Free Space | 11,78% Space Free | Partition Type: NTFS
Drive F: | 29,47 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ŁUKASZ-KOMPUTER
Current User Name: Łukasz
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-08-10 13:44:09 | 000,574,976 | ---- | M] (OldTimer Tools) -- E:\Download\OTL.exe
PRC - [2010-07-27 22:35:52 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010-07-27 22:35:50 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010-06-17 07:55:00 | 001,152,320 | ---- | M] (Ghisler Software GmbH) -- C:\totalcmd\TotalCmd.exe
PRC - [2010-05-07 18:47:32 | 000,114,008 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe
PRC - [2010-05-07 18:43:52 | 000,651,096 | ---- | M] () -- C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
PRC - [2010-05-07 18:35:22 | 000,165,208 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2010-05-07 18:34:58 | 000,168,792 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2010-02-26 02:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\ccSvcHst.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2009-12-31 20:54:43 | 000,472,112 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
PRC - [2009-07-14 03:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe
PRC - [2009-07-07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2009-07-07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2009-05-15 08:35:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009-03-05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008-11-18 14:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-08-10 13:44:09 | 000,574,976 | ---- | M] (OldTimer Tools) -- E:\Download\OTL.exe
MOD - [2010-07-27 16:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2010-05-21 07:18:06 | 000,977,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2010-05-06 14:42:05 | 001,225,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2010-03-24 08:37:04 | 001,289,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2009-12-11 09:39:06 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2009-12-11 09:36:33 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2009-08-29 08:57:31 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2009-07-14 03:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2009-07-14 03:16:18 | 001,011,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2009-07-14 03:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009-07-14 03:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 03:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009-07-14 03:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009-07-14 03:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2009-07-14 03:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2009-07-14 03:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 03:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2009-07-14 03:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2009-07-14 03:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2009-07-14 03:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 03:15:28 | 002,058,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2009-07-14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2009-07-14 03:15:07 | 001,151,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2009-07-14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 03:15:07 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 03:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2009-07-14 03:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 03:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2009-07-14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 03:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2009-07-14 03:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2009-07-14 03:11:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 03:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2009-07-14 03:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2009-07-14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2010-05-07 18:45:16 | 000,197,976 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:[b]64bit:[/b] - [2010-01-09 21:20:56 | 000,174,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010-02-26 02:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\ccSvcHst.exe -- (N360)
SRV - [2009-11-27 19:27:31 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2009-07-26 06:43:14 | 000,025,832 | ---- | M] (BioWare) [Disabled | Stopped] -- D:\Gry\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009-07-07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2009-05-15 08:35:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008-11-18 14:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys -- (pccsmcfd)
DRV:[b]64bit:[/b] - [2010-08-08 19:47:19 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:[b]64bit:[/b] - [2010-05-14 22:02:14 | 006,465,760 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech Webcam 200(UVC)
DRV:[b]64bit:[/b] - [2010-05-14 22:00:52 | 000,329,952 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:[b]64bit:[/b] - [2010-05-14 22:00:28 | 000,271,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvpopf64.sys -- (lvpopf64)
DRV:[b]64bit:[/b] - [2010-05-07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:[b]64bit:[/b] - [2010-05-07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:[b]64bit:[/b] - [2010-05-06 06:01:59 | 000,451,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symtdiv.sys -- (SYMTDIv)
DRV:[b]64bit:[/b] - [2010-04-29 07:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\ironx64.sys -- (SymIRON)
DRV:[b]64bit:[/b] - [2010-04-22 05:02:20 | 000,221,232 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symefa64.sys -- (SymEFA)
DRV:[b]64bit:[/b] - [2010-04-22 04:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtsp64.sys -- (SRTSP)
DRV:[b]64bit:[/b] - [2010-04-22 04:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:[b]64bit:[/b] - [2010-03-20 23:18:44 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:[b]64bit:[/b] - [2010-03-20 23:18:42 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:[b]64bit:[/b] - [2010-03-06 12:36:54 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:[b]64bit:[/b] - [2010-02-26 02:22:52 | 000,615,040 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\cchpx64.sys -- (ccHP)
DRV:[b]64bit:[/b] - [2010-02-04 03:40:47 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symds64.sys -- (SymDS)
DRV:[b]64bit:[/b] - [2009-11-27 18:38:42 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2009-09-23 03:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:[b]64bit:[/b] - [2009-09-23 03:46:17 | 000,359,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:[b]64bit:[/b] - [2009-09-23 03:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:[b]64bit:[/b] - [2009-09-23 03:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 01:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:[b]64bit:[/b] - [2009-07-14 01:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:[b]64bit:[/b] - [2009-07-14 01:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:[b]64bit:[/b] - [2009-07-07 15:48:44 | 000,035,376 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\purendis.sys -- (purendis)
DRV:[b]64bit:[/b] - [2009-07-07 15:48:44 | 000,033,328 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\pnarp.sys -- (pnarp)
DRV:[b]64bit:[/b] - [2009-06-10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:[b]64bit:[/b] - [2009-06-10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-05-18 23:17:08 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2009-04-21 15:12:50 | 001,288,192 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\P17.sys -- (P17)
DRV:[b]64bit:[/b] - [2009-03-27 02:23:54 | 000,019,432 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz132_x64.sys -- (cpuz132)
DRV - [2010-08-08 19:51:36 | 001,791,536 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20100809.040\EX64.SYS -- (NAVEX15)
DRV - [2010-08-08 19:51:35 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010-08-08 19:51:35 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010-08-08 19:51:35 | 000,117,808 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20100809.040\ENG64.SYS -- (NAVENG)
DRV - [2010-07-20 01:28:05 | 000,945,200 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20100719.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2010-06-17 03:54:14 | 000,463,408 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20100805.004\IDSviA64.sys -- (IDSVia64)
DRV - [2010-02-22 22:40:51 | 000,019,952 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys -- (RivaTuner64)
DRV - [2007-11-07 12:42:28 | 000,104,912 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-228064573-1868642622-381588749-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-228064573-1868642622-381588749-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {eaf8a4ef-d221-45ca-9deb-d0934b45fa34}:1.3.0.3
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\ [2010-08-09 14:30:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\ [2010-08-08 19:47:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-08-03 14:34:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010-07-27 22:35:54 | 000,000,000 | ---D | M]

[2009-11-27 18:06:30 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\mozilla\Extensions
[2010-08-10 13:53:30 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\mozilla\Firefox\Profiles\8e04pwg2.default\extensions
[2010-07-24 18:03:14 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Łukasz\AppData\Roaming\mozilla\Firefox\Profiles\8e04pwg2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009-11-28 14:58:03 | 000,000,000 | ---D | M] (OggX (powered by TIME S.A.)) -- C:\Users\Łukasz\AppData\Roaming\mozilla\Firefox\Profiles\8e04pwg2.default\extensions\{eaf8a4ef-d221-45ca-9deb-d0934b45fa34}
[2010-06-28 13:37:21 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\mozilla\Firefox\Profiles\8e04pwg2.default\extensions\personas@christopher.beard
[2010-08-10 13:53:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010-05-25 14:10:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009-01-28 21:46:54 | 000,307,200 | ---- | M] (ESKA) -- C:\Program Files (x86)\mozilla firefox\plugins\npOggX.dll
[2010-07-12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010-07-27 22:35:52 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2010-07-27 22:35:52 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2010-07-27 22:35:52 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2010-07-27 22:35:52 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2010-07-27 22:35:52 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-07-27 22:35:52 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-08-09 16:39:20 | 000,416,139 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 discountprowatch.com
O1 - Hosts: 127.0.0.1 www.discountprowatch.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14362 more lines...
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\coIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-228064573-1868642622-381588749-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\coIEPlg.dll (Symantec Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RivaTunerStartupDaemon] C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [nmapp] C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [nmctxth] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [P17RunE] C:\Windows\SysWow64\P17RunE.dll (Creative Technology Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-228064573-1868642622-381588749-1000..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-228064573-1868642622-381588749-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-228064573-1868642622-381588749-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-228064573-1868642622-381588749-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-228064573-1868642622-381588749-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.30.129.149 217.30.137.200
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O22:[b]64bit:[/b] - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - Deskscapes - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-05-17 09:05:17 | 000,000,045 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{7081180c-db73-11de-b394-001d7d206cdd}\Shell - "" = AutoRun
O33 - MountPoints2\{7081180c-db73-11de-b394-001d7d206cdd}\Shell\AutoRun\command - "" = G:\setup\setup.exe -- File not found
O33 - MountPoints2\{917b7b09-db57-11de-b9d3-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{917b7b09-db57-11de-b9d3-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Start.exe -- [2010-05-17 09:05:17 | 000,913,008 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk /r \??\I:) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

MsConfig:64bit - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe ()
MsConfig:64bit - State: "bootini" - Reg Error: Key error.
MsConfig:64bit - State: "services" - Reg Error: Key error.

SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010-08-09 15:44:08 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\Malwarebytes
[2010-08-09 15:43:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010-08-09 15:43:56 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010-08-09 15:43:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010-08-08 19:53:10 | 000,615,040 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\cchpx64.sys
[2010-08-08 19:53:10 | 000,505,392 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtsp64.sys
[2010-08-08 19:53:10 | 000,451,120 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symtdiv.sys
[2010-08-08 19:53:10 | 000,433,200 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symds64.sys
[2010-08-08 19:53:10 | 000,221,232 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symefa64.sys
[2010-08-08 19:53:10 | 000,150,064 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\ironx64.sys
[2010-08-08 19:53:10 | 000,032,304 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtspx64.sys
[2010-08-08 19:52:59 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C
[2010-08-08 19:47:27 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010-08-08 19:47:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010-08-08 19:47:19 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010-08-08 19:46:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64
[2010-08-08 19:46:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
[2010-08-08 19:46:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2010-08-03 15:55:22 | 000,000,000 | R--D | C] -- C:\Users\Łukasz\Virtual Machines
[2010-07-26 17:09:18 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\Documents\Singularity
[2010-07-17 13:15:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2010-07-17 13:14:59 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\uTorrent
[2010-07-16 22:26:03 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\Documents\BlackMirror2
[2010-07-14 00:07:15 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2010-07-13 12:07:06 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\Desktop\Nowy folder (3)
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010-08-10 14:22:50 | 008,126,464 | -HS- | M] () -- C:\Users\Łukasz\ntuser.dat
[2010-08-10 14:07:55 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010-08-10 14:07:55 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010-08-10 14:00:20 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-08-10 14:00:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-08-10 14:00:16 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2010-08-10 14:00:13 | 3220,873,216 | -HS- | M] () -- C:\hiberfil.sys
[2010-08-10 13:59:08 | 006,122,661 | -H-- | M] () -- C:\Users\Łukasz\AppData\Local\IconCache.db
[2010-08-10 13:58:21 | 001,187,886 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\Cat.DB
[2010-08-09 16:45:01 | 000,000,037 | ---- | M] () -- C:\Windows\Wininit.ini
[2010-08-09 16:39:20 | 000,416,139 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010-08-09 16:35:34 | 001,561,050 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010-08-09 16:35:34 | 000,702,094 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2010-08-09 16:35:34 | 000,619,202 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010-08-09 16:35:34 | 000,138,562 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2010-08-09 16:35:34 | 000,108,778 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010-08-09 16:15:07 | 000,416,139 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20100809-163920.backup
[2010-08-09 13:49:07 | 000,181,751 | ---- | M] () -- C:\Users\Łukasz\Desktop\1.PNG
[2010-08-09 13:46:37 | 000,000,114 | ---- | M] () -- C:\Windows\YdpDict.INI
[2010-08-09 13:40:27 | 000,169,761 | ---- | M] () -- C:\Users\Łukasz\Desktop\Przechwytywanie.PNG
[2010-08-09 11:51:05 | 000,393,309 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20100809-131257.backup
[2010-08-09 11:30:01 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempya3912.html
[2010-08-08 19:48:43 | 000,000,016 | ---- | M] () -- C:\Users\Łukasz\AppData\Roaming\mbsvil.dat
[2010-08-08 19:47:19 | 000,173,104 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010-08-08 19:47:19 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010-08-08 19:47:19 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010-08-08 19:36:01 | 000,001,007 | ---- | M] () -- C:\Users\Łukasz\Desktop\CCleaner.lnk
[2010-08-08 15:20:00 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempci4252.html
[2010-08-07 16:12:31 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TemphRz348.html
[2010-08-07 16:12:31 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TemppTP348.html
[2010-08-06 13:05:38 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TemptZ4792.html
[2010-08-06 11:22:01 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempeg3664.html
[2010-08-05 23:36:08 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempRA2320.html
[2010-08-05 23:22:55 | 000,133,173 | ---- | M] () -- C:\Users\Łukasz\Desktop\mcc.jpg
[2010-08-05 23:16:57 | 000,112,374 | ---- | M] () -- C:\Users\Łukasz\Desktop\bbbb.jpg
[2010-08-05 23:16:29 | 000,127,018 | ---- | M] () -- C:\Users\Łukasz\Desktop\mc.jpg
[2010-08-05 23:15:50 | 000,116,863 | ---- | M] () -- C:\Users\Łukasz\Desktop\me.jpg
[2010-08-05 23:15:21 | 000,192,262 | ---- | M] () -- C:\Users\Łukasz\Desktop\jac.jpg
[2010-08-05 22:54:22 | 000,206,714 | ---- | M] () -- C:\Users\Łukasz\Desktop\ja.jpg
[2010-08-05 15:45:17 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TemplX1060.html
[2010-08-05 15:45:17 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempzo1060.html
[2010-08-04 22:16:34 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempPD3192.html
[2010-08-03 22:42:39 | 000,000,587 | ---- | M] () -- C:\Windows\win.ini
[2010-08-03 20:06:00 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempff3500.html
[2010-08-03 20:06:00 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempFz3500.html
[2010-08-03 18:20:10 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempxN3844.html
[2010-08-03 14:44:37 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempzS2032.html
[2010-08-03 14:44:37 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempHb2032.html
[2010-08-03 11:58:53 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempYq3292.html
[2010-08-02 23:20:02 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempMH4432.html
[2010-07-30 23:21:47 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempTj4216.html
[2010-07-30 15:35:43 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Templc4620.html
[2010-07-30 14:33:37 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempIt4108.html
[2010-07-30 14:33:37 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Temppb4108.html
[2010-07-30 14:32:52 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempft3756.html
[2010-07-30 14:32:52 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempaf3756.html
[2010-07-29 22:48:12 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempKxU788.html
[2010-07-29 13:09:53 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempaV4860.html
[2010-07-29 13:09:53 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempsS4860.html
[2010-07-28 21:57:19 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempzq3456.html
[2010-07-28 13:45:29 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempHIk384.html
[2010-07-28 13:31:24 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempoe1172.html
[2010-07-28 13:00:35 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempqO4332.html
[2010-07-27 22:36:03 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TemprwT908.html
[2010-07-27 12:25:28 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempXo4360.html
[2010-07-27 12:25:28 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempsw4360.html
[2010-07-27 12:07:35 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempuN4980.html
[2010-07-26 17:08:40 | 000,001,049 | ---- | M] () -- C:\Users\Public\Desktop\Singularity(TM).lnk
[2010-07-26 16:19:40 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempkG4744.html
[2010-07-26 16:19:40 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempqQ4744.html
[2010-07-26 16:18:47 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempdJ4920.html
[2010-07-26 16:18:47 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempWT4920.html
[2010-07-25 23:01:09 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempsO4156.html
[2010-07-25 23:01:09 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempDZ4156.html
[2010-07-25 19:10:57 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempex5012.html
[2010-07-24 15:33:42 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempVm4780.html
[2010-07-22 23:03:07 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempQy4788.html
[2010-07-22 14:50:42 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TemphZ3288.html
[2010-07-22 14:50:42 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempin3288.html
[2010-07-21 20:24:03 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempAj4704.html
[2010-07-20 22:41:08 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempKV4008.html
[2010-07-20 21:17:36 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempjMP920.html
[2010-07-20 12:01:04 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempsk4624.html
[2010-07-20 12:01:04 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempZZ4624.html
[2010-07-20 11:17:56 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TemphwK860.html
[2010-07-19 15:00:52 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempXj4168.html
[2010-07-17 19:26:20 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempwS4396.html
[2010-07-17 13:15:25 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010-07-17 11:51:55 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempPj3664.html
[2010-07-16 22:25:30 | 000,000,775 | ---- | M] () -- C:\Users\Public\Desktop\Black Mirror 2.lnk
[2010-07-16 22:06:35 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempkN2456.html
[2010-07-16 12:13:25 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempxF3740.html
[2010-07-15 13:38:52 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempje2440.html
[2010-07-15 00:57:02 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempwj1768.html
[2010-07-15 00:57:02 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempSs1768.html
[2010-07-14 00:06:30 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempbu4956.html
[2010-07-13 19:52:22 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Temprj2832.html
[2010-07-13 14:17:41 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Temphy5020.html
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-08-09 13:49:07 | 000,181,751 | ---- | C] () -- C:\Users\Łukasz\Desktop\1.PNG
[2010-08-09 13:40:27 | 000,169,761 | ---- | C] () -- C:\Users\Łukasz\Desktop\Przechwytywanie.PNG
[2010-08-09 11:28:18 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempya3912.html
[2010-08-09 11:14:37 | 001,187,886 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\Cat.DB
[2010-08-08 19:53:10 | 000,007,829 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symefa64.cat
[2010-08-08 19:53:10 | 000,007,787 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symnetv64.cat
[2010-08-08 19:53:10 | 000,007,414 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtspx64.cat
[2010-08-08 19:53:10 | 000,007,410 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtsp64.cat
[2010-08-08 19:53:10 | 000,007,406 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symds64.cat
[2010-08-08 19:53:10 | 000,007,402 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\iron.cat
[2010-08-08 19:53:10 | 000,007,368 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symnet64.cat
[2010-08-08 19:53:10 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symefa.inf
[2010-08-08 19:53:10 | 000,002,793 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symds.inf
[2010-08-08 19:53:10 | 000,001,473 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symnetv.inf
[2010-08-08 19:53:10 | 000,001,445 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symnet.inf
[2010-08-08 19:53:10 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtsp64.inf
[2010-08-08 19:53:10 | 000,001,421 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtspx64.inf
[2010-08-08 19:53:10 | 000,000,771 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\iron.inf
[2010-08-08 19:53:09 | 000,007,358 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\cchpx64.cat
[2010-08-08 19:53:09 | 000,001,838 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\cchpx64.inf
[2010-08-08 19:52:59 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\isolate.ini
[2010-08-08 19:48:43 | 000,000,016 | ---- | C] () -- C:\Users\Łukasz\AppData\Roaming\mbsvil.dat
[2010-08-08 19:47:27 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010-08-08 19:47:27 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010-08-08 15:19:23 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempci4252.html
[2010-08-07 16:12:31 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TemphRz348.html
[2010-08-07 16:12:31 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TemppTP348.html
[2010-08-06 13:05:14 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TemptZ4792.html
[2010-08-06 11:21:43 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempeg3664.html
[2010-08-05 23:22:55 | 000,133,173 | ---- | C] () -- C:\Users\Łukasz\Desktop\mcc.jpg
[2010-08-05 23:16:57 | 000,112,374 | ---- | C] () -- C:\Users\Łukasz\Desktop\bbbb.jpg
[2010-08-05 23:16:29 | 000,127,018 | ---- | C] () -- C:\Users\Łukasz\Desktop\mc.jpg
[2010-08-05 23:15:50 | 000,116,863 | ---- | C] () -- C:\Users\Łukasz\Desktop\me.jpg
[2010-08-05 23:15:21 | 000,192,262 | ---- | C] () -- C:\Users\Łukasz\Desktop\jac.jpg
[2010-08-05 22:54:21 | 000,206,714 | ---- | C] () -- C:\Users\Łukasz\Desktop\ja.jpg
[2010-08-05 18:47:01 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempRA2320.html
[2010-08-05 15:43:12 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TemplX1060.html
[2010-08-05 15:43:12 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempzo1060.html
[2010-08-04 22:15:18 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempPD3192.html
[2010-08-03 19:37:31 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempff3500.html
[2010-08-03 19:37:31 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempFz3500.html
[2010-08-03 18:19:51 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempxN3844.html
[2010-08-03 14:44:15 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempzS2032.html
[2010-08-03 14:44:15 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempHb2032.html
[2010-08-03 11:57:38 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempYq3292.html
[2010-08-02 16:19:49 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempMH4432.html
[2010-07-30 21:11:59 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempTj4216.html
[2010-07-30 15:35:18 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Templc4620.html
[2010-07-30 14:33:15 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempIt4108.html
[2010-07-30 14:33:15 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Temppb4108.html
[2010-07-30 14:30:20 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempft3756.html
[2010-07-30 14:30:20 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempaf3756.html
[2010-07-29 21:52:53 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempKxU788.html
[2010-07-29 10:13:47 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempaV4860.html
[2010-07-29 10:13:47 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempsS4860.html
[2010-07-28 21:11:10 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempzq3456.html
[2010-07-28 13:44:56 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempHIk384.html
[2010-07-28 13:09:57 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempoe1172.html
[2010-07-28 12:58:47 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempqO4332.html
[2010-07-27 17:31:31 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TemprwT908.html
[2010-07-27 12:09:15 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempXo4360.html
[2010-07-27 12:09:15 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempsw4360.html
[2010-07-27 12:07:03 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempuN4980.html
[2010-07-26 17:08:40 | 000,001,049 | ---- | C] () -- C:\Users\Public\Desktop\Singularity(TM).lnk
[2010-07-26 16:19:11 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempkG4744.html
[2010-07-26 16:19:11 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempqQ4744.html
[2010-07-26 16:18:15 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempdJ4920.html
[2010-07-26 16:18:15 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempWT4920.html
[2010-07-25 22:59:46 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempsO4156.html
[2010-07-25 22:59:46 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempDZ4156.html
[2010-07-25 16:40:20 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempex5012.html
[2010-07-24 15:14:24 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempVm4780.html
[2010-07-22 23:02:33 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempQy4788.html
[2010-07-22 14:07:41 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TemphZ3288.html
[2010-07-22 14:07:41 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempin3288.html
[2010-07-21 20:23:33 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempAj4704.html
[2010-07-20 22:40:19 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempKV4008.html
[2010-07-20 21:17:01 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempjMP920.html
[2010-07-20 11:48:15 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempsk4624.html
[2010-07-20 11:48:15 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempZZ4624.html
[2010-07-20 10:25:41 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TemphwK860.html
[2010-07-19 13:31:33 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempXj4168.html
[2010-07-17 19:24:55 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempwS4396.html
[2010-07-17 13:15:25 | 000,000,943 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010-07-17 11:51:29 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempPj3664.html
[2010-07-16 22:25:30 | 000,000,775 | ---- | C] () -- C:\Users\Public\Desktop\Black Mirror 2.lnk
[2010-07-16 16:23:05 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempkN2456.html
[2010-07-16 10:22:47 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempxF3740.html
[2010-07-15 11:59:10 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempje2440.html
[2010-07-14 18:09:33 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempwj1768.html
[2010-07-14 18:09:33 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempSs1768.html
[2010-07-13 23:48:04 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempbu4956.html
[2010-07-13 19:51:00 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Temprj2832.html
[2010-07-13 10:20:16 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Temphy5020.html
[2010-05-14 21:56:06 | 010,830,680 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2010-05-14 21:55:58 | 000,290,648 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2010-05-13 22:04:34 | 000,197,728 | ---- | C] () -- C:\Windows\WinVd32.sys
[2010-04-02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010-03-20 19:40:59 | 000,000,000 | ---- | C] () -- C:\Windows\Bench32.INI
[2010-03-03 14:53:08 | 000,000,283 | ---- | C] () -- C:\Windows\Clony2.ini
[2010-03-03 14:43:15 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010-01-20 20:13:13 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\Tipage4.dll
[2009-12-31 20:50:30 | 000,000,037 | ---- | C] () -- C:\Windows\Wininit.ini
[2009-12-08 19:09:55 | 001,584,332 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009-11-28 16:19:27 | 000,000,114 | ---- | C] () -- C:\Windows\YdpDict.INI
[2009-11-27 19:26:33 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2009-11-27 19:26:33 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009-11-27 19:03:20 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2009-11-27 19:02:48 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2009-11-27 19:02:47 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2009-11-27 18:36:12 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009-11-27 18:36:12 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009-11-27 18:36:10 | 000,815,104 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009-11-27 18:36:10 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009-11-27 18:36:08 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009-11-27 18:36:08 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008-11-13 15:07:24 | 000,002,177 | ---- | C] () -- C:\Windows\P17EP.ini

[color=#E56717]========== LOP Check ==========[/color]

[2010-05-13 21:58:55 | 000,000,000 | -HSD | M] -- C:\Users\Łukasz\AppData\Roaming\.#
[2009-11-27 19:06:32 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\ACD Systems
[2010-03-06 23:24:13 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Bioshock2
[2009-11-27 20:06:37 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\DAEMON Tools Lite
[2010-02-24 19:57:12 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Gadu-Gadu 10
[2010-01-30 14:24:26 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\GHISLER
[2010-02-24 20:00:08 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\ipla
[2010-03-18 18:34:14 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Leadertech
[2010-02-13 01:14:02 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Nokia
[2009-11-27 18:16:27 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Nowe Gadu-Gadu
[2010-02-24 20:00:57 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\OpenFM
[2010-02-13 01:13:59 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\PC Suite
[2010-03-20 23:21:29 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Prison Break
[2010-07-07 15:55:59 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\runic games
[2010-07-17 13:19:36 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\uTorrent
[2010-03-06 12:51:50 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Vso
[2010-05-13 22:07:47 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\WinAVI
[2010-06-30 17:29:27 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\XRay Engine
[2010-07-02 13:13:25 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009-07-14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2009-11-27 15:19:20 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010-08-10 14:00:13 | 3220,873,216 | -HS- | M] () -- C:\hiberfil.sys
[2010-06-12 00:27:05 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-06-12 00:27:05 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010-08-10 14:00:15 | 4294,500,352 | -HS- | M] () -- C:\pagefile.sys
[2010-08-09 15:23:52 | 000,000,880 | ---- | M] () -- C:\Sys_LogWin.log
[2009-11-27 15:30:38 | 000,171,136 | RHS- | M] () -- C:\W7LDR


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009-07-14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-07-14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-07-14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009-10-28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009-10-28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 24 bytes -> C:\Windows:A6E8FA7887F538AC
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:1AAB2E68
< End of report >




OTL Extras logfile created on: 2010-08-10 14:22:41 - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = E:\Download
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 87,75 Gb Total Space | 39,56 Gb Free Space | 45,09% Space Free | Partition Type: NTFS
Drive D: | 180,84 Gb Total Space | 28,37 Gb Free Space | 15,69% Space Free | Partition Type: NTFS
Drive E: | 29,50 Gb Total Space | 3,47 Gb Free Space | 11,78% Space Free | Partition Type: NTFS
Drive F: | 29,47 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ŁUKASZ-KOMPUTER
Current User Name: Łukasz
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-228064573-1868642622-381588749-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [ACDSee 11.0.Browse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1" (ACD Systems)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee 11.0.Browse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1" (ACD Systems)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{850C7AF6-7376-464D-A69C-E8419EC7ACA7}" = Microsoft IntelliType Pro 7.0
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0415-1000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010
"{90140000-0016-0415-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010
"{90140000-0018-0415-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010
"{90140000-0019-0415-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010
"{90140000-001A-0415-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010
"{90140000-001B-0415-1000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0415-1000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010
"{90140000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2010
"{90140000-0044-0415-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010
"{90140000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010
"{90140000-00A1-0415-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010
"{90140000-00BA-0415-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"lvdrivers_12.10" = Pakiet sterowników: Logitech Webcam Software
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08BF6EA5-120D-462D-ADE0-912A77DBCB2E}" = Cisco Network Magic
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 20
"{2EA45803-BEB7-46C4-9ADC-46A5F9E7BB77}" = GEAR driver installer for x86 and x64
"{300578F9-9EFF-4B93-9AB1-C0E5707EF463}" = ACDSee Photo Manager 2009
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{3abd3909-d11f-4776-b11f-a2b68c9c958d}" = Nero 9 Trial
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Activision(R)
"{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1" = S.T.A.L.K.E.R. - Zew Prypeci [v1.6.01]
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A0B0BCE9-2994-36F2-BE66-D23C884372E8}" = Visual C++ 9.0 OpenMP (x86) WinSXS MSM
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AA2EBBCC-4E3B-3442-865E-7BB3E9F45F0C}" = Visual C++ 9.0 CRT (x86) WinSXS MSM
"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.3 - Polish
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Początek
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EB5BA578-FF7F-3863-8E53-7A003222B7FC}" = Visual C++ 9.0 CRT (x86) WinSXS MSM
"{EB6C11E5-449C-3BA3-9086-80B18BCFF947}" = Visual C++ 9.0 OpenMP (x86) WinSXS MSM
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FC467B61-F890-4E29-8585-365DAB66F13E}" = Pure Networks Platform
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AC3Filter" = AC3Filter (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ALLPlayer_is1" = ALLPlayer V4.X
"AudioCS" = Creative Audio Control Panel
"Black Mirror 2_is1" = Black Mirror 2
"CCleaner" = CCleaner
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"ET3" = English Translator 3
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.01
"Gadu-Gadu 10" = Gadu-Gadu 10
"HaaliMkx" = Haali Media Splitter
"HD Tune_is1" = HD Tune 2.55
"InstallShield_{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Singularity(TM)
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.0 (Full)
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"N360" = Norton 360
"Network MagicUninstall" = Network Magic
"OpenAL" = OpenAL
"RealAlt_is1" = Real Alternative 2.0.2 Lite
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"Runic Games Torchlight" = Torchlight
"Totalcmd" = Total Commander (Remove or Repair)
"UltraISO_is1" = UltraISO Premium V9.31
"uTorrent" = µTorrent
"Winamp" = Winamp
"WinAVI Video Converter 10.1_is1" = WinAVI Video Converter
"Windows & Internet Cleaner Pro_is1" = Windows & Internet Cleaner Pro 7.50
"Xvid_is1" = Xvid 1.2.1 final uninstall

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-228064573-1868642622-381588749-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FolderLock6" = Folder Lock
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-08-04 15:29:42 | Computer Name = Łukasz-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: CBS.exe, wersja: 1.0.0.0, sygnatura
czasowa: 0x4a927773 Nazwa modułu powodującego błąd: Movies.dll, wersja: 0.0.0.0,
sygnatura czasowa: 0x4a927780 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00001626
Identyfikator
procesu powodującego błąd: 0x9a0 Godzina uruchomienia aplikacji powodującej błąd:
0x01cb3403aa0cc160 Ścieżka aplikacji powodującej błąd: D:\jdownloader\downloads\City.Bus.Simulator.NewYork.2o1o.Full-Rip.-TPTB\TML-Studios\CityBusSimulator2010-NewYork\CBS.exe
Ścieżka
modułu powodującego błąd: D:\jdownloader\downloads\City.Bus.Simulator.NewYork.2o1o.Full-Rip.-TPTB\TML-Studios\CityBusSimulator2010-NewYork\Plugins\Movies.dll
Identyfikator
raportu: a0c46010-9ffe-11df-a1e3-001d7d206cdd

Error - 2010-08-04 15:30:38 | Computer Name = Łukasz-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: CBS.exe, wersja: 1.0.0.0, sygnatura
czasowa: 0x4a927773 Nazwa modułu powodującego błąd: Movies.dll, wersja: 0.0.0.0,
sygnatura czasowa: 0x4a927780 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00001626
Identyfikator
procesu powodującego błąd: 0x500 Godzina uruchomienia aplikacji powodującej błąd:
0x01cb340b7880ca30 Ścieżka aplikacji powodującej błąd: D:\jdownloader\downloads\City.Bus.Simulator.NewYork.2o1o.Full-Rip.-TPTB\TML-Studios\CityBusSimulator2010-NewYork\CBS.exe
Ścieżka
modułu powodującego błąd: D:\jdownloader\downloads\City.Bus.Simulator.NewYork.2o1o.Full-Rip.-TPTB\TML-Studios\CityBusSimulator2010-NewYork\Plugins\Movies.dll
Identyfikator
raportu: c24d3ea0-9ffe-11df-a1e3-001d7d206cdd

Error - 2010-08-04 15:33:01 | Computer Name = Łukasz-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: CBS.exe, wersja: 1.0.0.0, sygnatura
czasowa: 0x4a927773 Nazwa modułu powodującego błąd: Movies.dll, wersja: 0.0.0.0,
sygnatura czasowa: 0x4a927780 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00001626
Identyfikator
procesu powodującego błąd: 0x394 Godzina uruchomienia aplikacji powodującej błąd:
0x01cb340bb7468d90 Ścieżka aplikacji powodującej błąd: D:\jdownloader\downloads\City.Bus.Simulator.NewYork.2o1o.Full-Rip.-TPTB\TML-Studios\CityBusSimulator2010-NewYork\CBS.exe
Ścieżka
modułu powodującego błąd: D:\jdownloader\downloads\City.Bus.Simulator.NewYork.2o1o.Full-Rip.-TPTB\TML-Studios\CityBusSimulator2010-NewYork\Plugins\Movies.dll
Identyfikator
raportu: 1767c630-9fff-11df-a1e3-001d7d206cdd

Error - 2010-08-04 15:37:20 | Computer Name = Łukasz-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: CBS.exe, wersja: 1.0.0.0, sygnatura
czasowa: 0x4a927773 Nazwa modułu powodującego błąd: Movies.dll, wersja: 0.0.0.0,
sygnatura czasowa: 0x4a927780 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00001626
Identyfikator
procesu powodującego błąd: 0x1288 Godzina uruchomienia aplikacji powodującej błąd:
0x01cb340c64b8be80 Ścieżka aplikacji powodującej błąd: D:\jdownloader\downloads\City.Bus.Simulator.NewYork.2o1o.Full-Rip.-TPTB\TML-Studios\CityBusSimulator2010-NewYork\CBS.exe
Ścieżka
modułu powodującego błąd: D:\jdownloader\downloads\City.Bus.Simulator.NewYork.2o1o.Full-Rip.-TPTB\TML-Studios\CityBusSimulator2010-NewYork\Plugins\Movies.dll
Identyfikator
raportu: b1a72ba0-9fff-11df-a1e3-001d7d206cdd

Error - 2010-08-04 15:59:28 | Computer Name = Łukasz-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: CBS.exe, wersja: 1.0.0.0, sygnatura
czasowa: 0x4a927773 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura
czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x01401300 Identyfikator
procesu powodującego błąd: 0xa04 Godzina uruchomienia aplikacji powodującej błąd:
0x01cb340c8d55a010 Ścieżka aplikacji powodującej błąd: D:\jdownloader\downloads\City.Bus.Simulator.NewYork.2o1o.Full-Rip.-TPTB\TML-Studios\CityBusSimulator2010-NewYork\CBS.exe
Ścieżka
modułu powodującego błąd: unknown Identyfikator raportu: c934dda0-a002-11df-a1e3-001d7d206cdd

Error - 2010-08-04 15:59:28 | Computer Name = Łukasz-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: CBS.exe, wersja: 1.0.0.0, sygnatura
czasowa: 0x4a927773 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura
czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x01401300 Identyfikator
procesu powodującego błąd: 0x139c Godzina uruchomienia aplikacji powodującej błąd:
0x01cb340f8bcaf940 Ścieżka aplikacji powodującej błąd: D:\jdownloader\downloads\City.Bus.Simulator.NewYork.2o1o.Full-Rip.-TPTB\TML-Studios\CityBusSimulator2010-NewYork\CBS.exe
Ścieżka
modułu powodującego błąd: unknown Identyfikator raportu: c98109a0-a002-11df-a1e3-001d7d206cdd

Error - 2010-08-04 16:14:49 | Computer Name = Łukasz-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: CBS.exe, wersja: 1.0.0.0, sygnatura
czasowa: 0x4a927773 Nazwa modułu powodującego błąd: CBS.exe, wersja: 1.0.0.0, sygnatura
czasowa: 0x4a927773 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0002658f Identyfikator
procesu powodującego błąd: 0x1070 Godzina uruchomienia aplikacji powodującej błąd:
0x01cb340f8e253520 Ścieżka aplikacji powodującej błąd: D:\jdownloader\downloads\City.Bus.Simulator.NewYork.2o1o.Full-Rip.-TPTB\TML-Studios\CityBusSimulator2010-NewYork\CBS.exe
Ścieżka
modułu powodującego błąd: D:\jdownloader\downloads\City.Bus.Simulator.NewYork.2o1o.Full-Rip.-TPTB\TML-Studios\CityBusSimulator2010-NewYork\CBS.exe
Identyfikator
raportu: ee2df1d0-a004-11df-a1e3-001d7d206cdd

Error - 2010-08-05 08:34:37 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej. .

Error - 2010-08-05 10:06:10 | Computer Name = Łukasz-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: CBS.exe, wersja: 1.4.3.0, sygnatura
czasowa: 0x4b911efd Nazwa modułu powodującego błąd: movies.dll, wersja: 0.0.0.0,
sygnatura czasowa: 0x4a927780 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00001626
Identyfikator
procesu powodującego błąd: 0xd9c Godzina uruchomienia aplikacji powodującej błąd:
0x01cb34a6fa741c40 Ścieżka aplikacji powodującej błąd: D:\jdownloader\downloads\City.Bus.Simulator.NewYork.2o1o.Full-Rip.-TPTB\TML-Studios\CityBusSimulator2010-NewYork\CBS.exe
Ścieżka
modułu powodującego błąd: D:\jdownloader\downloads\City.Bus.Simulator.NewYork.2o1o.Full-Rip.-TPTB\TML-Studios\CityBusSimulator2010-NewYork\movies.dll
Identyfikator
raportu: 98cb99e0-a09a-11df-8220-001d7d206cdd

Error - 2010-08-05 17:02:27 | Computer Name = Łukasz-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: ACDSee11.exe, wersja: 11.0.85.0,
sygnatura czasowa: 0x48d946ca Nazwa modułu powodującego błąd: XalanMessages_1_9.dll,
wersja: 0.0.0.0, sygnatura czasowa: 0x42d59bef Kod wyjątku: 0xc0000005 Przesunięcie
błędu: 0x00000030 Identyfikator procesu powodującego błąd: 0x11c0 Godzina uruchomienia
aplikacji powodującej błąd: 0x01cb34df9eb9b0c0 Ścieżka aplikacji powodującej błąd:
C:\Program Files (x86)\ACD Systems\ACDSee\11.0\ACDSee11.exe Ścieżka modułu powodującego
błąd: C:\Program Files (x86)\ACD Systems\ACDSee\11.0\XalanMessages_1_9.dll Identyfikator
raportu: c03211f0-a0d4-11df-b1c1-001d7d206cdd

[ System Events ]
Error - 2010-08-07 14:38:25 | Computer Name = Łukasz-Komputer | Source = bowser | ID = 8003
Description =

Error - 2010-08-07 16:10:27 | Computer Name = Łukasz-Komputer | Source = bowser | ID = 8003
Description =

Error - 2010-08-08 11:49:55 | Computer Name = Łukasz-Komputer | Source = bowser | ID = 8003
Description =

Error - 2010-08-08 13:31:26 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Norton 360 niespodziewanie zakończyła pracę. Wystąpiło to razy:
1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna:
Uruchom usługę ponownie.

Error - 2010-08-08 13:31:38 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Norton 360 niespodziewanie zakończyła pracę. Wystąpiło to razy:
2. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna:
Uruchom usługę ponownie.

Error - 2010-08-08 13:33:26 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7032
Description = Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom
usługę ponownie) po nieoczekiwanym zakończeniu usługi Norton 360, ale ta akcja
nie powiodła się przy następującym błędzie: %%1056.

Error - 2010-08-08 13:48:51 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Norton 360 niespodziewanie zakończyła pracę. Wystąpiło to razy:
1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna:
Uruchom usługę ponownie.

Error - 2010-08-08 13:49:04 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Norton 360 niespodziewanie zakończyła pracę. Wystąpiło to razy:
2. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna:
Uruchom usługę ponownie.

Error - 2010-08-08 13:50:51 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7032
Description = Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom
usługę ponownie) po nieoczekiwanym zakończeniu usługi Norton 360, ale ta akcja
nie powiodła się przy następującym błędzie: %%1056.

Error - 2010-08-08 13:51:04 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7032
Description = Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom
usługę ponownie) po nieoczekiwanym zakończeniu usługi Norton 360, ale ta akcja
nie powiodła się przy następującym błędzie: %%1056.[/log]

[color="#FF0000"]//Logi wklejamy w tag [log][/log]Proszę o tym pamiętać
//Sohei[/color]


< End of report >

grzesław
komentarz
komentarz (edytowane)

Makss kolego tak ode mnie też mam nortona, też mnie atakowano dosłownie co 5-10 sekund przez kilka dni po 1-2godz, wpierw z jednego komputera(adresu), potem widziałem kilka adresów, nawet wiem czemu. Uważam że nie masz czego zbytnio się bać ;) .
Ustawienia sieci> Inteligentna zapora/ustawienia zaawansowane>reguły ogólne Konfiguruj[+]>Dodaj>Blokuj>do od>Tylko komputery i witryny z poniższej listy>Dodaj>indywidualnie i dajesz adres IP. jest też opcja na jaki czas blokować, dajesz 48 godz.


EDIT:
Sprawdzić możesz w historii jakie porty były wykorzystywane i dla spokojności ^_^ zablokuj w zaporze zakres portów o ile nie będą tobie kolidować.

makss
komentarz
komentarz

Aha dzięki za informację. Ale na szczęście jak na razie jest już spokój żadnych ataków. :D

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.