Rootkit-inny niż wszystkie!

16 sierpnia 2010

A może dałbyś logi OTL i RSIT. Na razie to jest gdybanie.

16 sierpnia 2010

Niestety pisałem że nie mogę włączyć
bo .exe jest rozwalone, a raczej nie rozwalone albo zablokowane czy coś...

Jeszcze raz wkleje loga z MBR:
[b][u]Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK[/u][/b]

I kolejne pytanie się kłania: Czy takpowinno być?, tzn. czy te cyfry i końcówka pf tam być???(C:Windows:Prefetch:)
[img]http://img237.imageshack.us/img237/290/prefetch.jpg[/img]

Edytowane 16 sierpnia 2010 przez Rootkitth

17 sierpnia 2010

Tak, te pliki mają być takie.
Wyłącz Comodo i uruchom Gmer'a.

17 sierpnia 2010

Spróbuj wykonać skan Mks_vir Skaner On-line.

18 sierpnia 2010

Dzięki właśnie skanuję i z tego co w tym momencie widzę to wykryło 8 wirusów...głównie trojanów i heur...
zaraz podrzucę kilka ss'ów (WSZYSTKIE SYFY USUWAM:))
[img]http://img831.imageshack.us/img831/5465/wir1.jpg[/img]
[img]http://img832.imageshack.us/img832/8606/wir2.jpg[/img]
Zaraz podam ss'a z loga
[img]http://img19.imageshack.us/img19/6682/wirus3.jpg[/img]

Niestety skanowanie nie dało efektu
no może że zmniejszyła się nieco liczba prób włamań ...

i zaraz podam logi z Gmera...tylko nie wiem czy pełne...
http://www.wrzuc.to/yzU8Ek390.wt
http://www.wrzuc.to/bwmFIdF6X.wt
http://www.wrzuc.to/vin3e7u.wt

po połączeniu powinno być ok

.

..

Edytowane 18 sierpnia 2010 przez Rootkitth

18 sierpnia 2010

Spróbuj dać logi OTL i RSIT z innych instalek, np com: http://www.searchengines.pl/index.php?showtopic=86306&pid=390823&mode=threaded&start=#entry390823

18 sierpnia 2010

niestety nie da rady... na początku z scr'em jako tako komputer miał rozruch a póxniej i ikonka zniknęła i pojawił się komunikat: Odmowa Dostępu!RSIT też nie da rady uruchomić...

Edytowane 18 sierpnia 2010 przez Rootkitth

18 sierpnia 2010

Postaraj się pobrać na komputer combofix. Zmień jego rozszerzenie na .com i daj z niego loga. Pamiętaj o zainstalowaniu konsoli odzyskiwania

19 sierpnia 2010

Combo fixa mam juz na kompie na szczęście od dawna
konsoli odzyskiwania jednak nie...
(ps. do zainstalowania konsoli odzyskiwania musi być płytka od Windy?)
Dodam że:
Wszystkie pliki instalacyjne, pliki w rozszerzeniu exe itd. są sprawne tylko te co były kiedyś na komputerze, może coś jest źle ustawione w opcjach folderów?
ostatnio patrzyłem to nei było EXE więc dodałem i skojarzone pliki: Aplikacja. Ale nie dało efektu...

ostatnio od wczoraj komputer polubił sam się resetować w kluczowych momentach...co mnie wpienia coraz bardziej

Edytowane 19 sierpnia 2010 przez Rootkitth

19 sierpnia 2010

Combofix sam Cię zapyta czy zainstalować konsolę odzyskiwania. Wystarczy potwierdzić.

19 sierpnia 2010

No i kolejne pytanie się nasuwa?
Czy system.exe blokować firewallem? Czy też nie? Bo widzę że liczba prób włamów rośnie i tylko przez ten plik...
2. Comobo fix odmawia. Włącza się to znane okienko "instalacyjne", pojawia się mały niebieski ekranik, pojawia się komunikat że ta wersja wygasła i nic...
Czy ściągać nowego combo fixa?

I czy pliki java mogą mieć związek z całym problemem? Bo ostatnio jak robiłem te skany MKS'em to w javie były wszędzie trojany i malwy...
Czy na dysku C:\\ powinien być folder VirtualRoot?

Albo czy w C:\\ Windows\system32\catroot2 powinien być ten folder?

Edytowane 19 sierpnia 2010 przez Rootkitth

19 sierpnia 2010

virtual jest to piaskownica pochodząca od comodo .

Pobierz aktualną wersję combofix i wykonaj scan. Nie wolno używać starego combofix'a

21 sierpnia 2010

aha ok dzięki zabieram się do pracy

no to niestety mam problem i to duży bo ściągniętej wersji nie mogę uruchomić bo jest w rozszerzeniu .exe

...

21 sierpnia 2010

przy pobieraniu combofix zmień jego rozszerzenie na .com

21 sierpnia 2010

eh, podczas pobierania zawsze się walnie rozszerzenie czemu?:
Podczas pobierania jest zapytanie czy potwierdzasz pobietranie combofix.exe?
tak.
dalej folder instalacji zmieniam nazwę rozszerzenia z .exe na .com i wychodzi ComboFix.com.exe w rezultacie plik jest dalej zarażony...
prze potwierdzenie się wali...

22 sierpnia 2010

Pobierz i nagraj na płytkę na [b]niezainfekowanym[/b] komputerze [url=http://www.freedrweb.pl/livecd.php][b]DR Web LiveCD[/b][/url].
Włóż płytkę do zainfekowanego komputera, zakładając, że wcześniej ustawiłeś w BIOS-ie na startowanie kompa z CD/DVD, więc po restarcie powinien się uruchomić się skaner.
Wykonujesz pełny skan, leczysz co się da, reszta do usunięcia.
Skanujesz tyle razy, aż skaner nic nie znajdzie.

Potem dajesz log z Pracy dr web'a

22 sierpnia 2010

A co jeśli załóżmy mam start kompa nie z CD/DVD?

22 sierpnia 2010

Wkładasz płytkę do napędu robisz restart i powinno pójść z górki.

23 sierpnia 2010

ok postaram się rano Dzieki za pomoc, ale dziś już nie mam siły i czasu...

chyba znalazłem jedno źródło problemu jakiś wirus :Heur który prawdopodobnie zaraża mi pliki, raz się zbuntowal gdy próbowałem noda pobrać w exe i zaznaczyłem anuluj to wyskoczył komunikat z Comodo i tak ciągle przy każdym innym nie ściągnięciu.

23 sierpnia 2010

Z płytki nie możesz uruchomić DrWebCureIt Live Cd ?

23 sierpnia 2010

zaraz spróbuję Tyle że płytkę trzeba zrobić bootowalną czy od razu po włączeniu kompa się sama włączy?

23 sierpnia 2010

Najlepiej bootowalna , ale trzeba to zrobić na zdrowym systemie.

29 sierpnia 2010

Witam! ponownie.
Więc udało mi się uruchomić OTL z płytki:
na jednym ściągnąłem i zgrałem na płytkę również (kasperskyego, noda,otl,rsit, malwarebye, drweb) i tu pytanie poradnik dot. skanowania otl'em jak skorygować skanowanie wygasł :(tj. obrazek który pokazywał jak po ustawiać w OTL
Ale dobra nowina że OTL i inne działają teraz tylko logi...

.
[color="#2E8B57"]//Czekamy w takim razie.
//Tom01 [/color]

Tyle że bym prosił o lekkie objaśnienie co do ustawienia OTL

.

Edytowane 29 sierpnia 2010 przez Rootkitth

29 sierpnia 2010

Takie jak w opisie w temacie przyklejonym.

30 sierpnia 2010

grafika wygasła i nie wiem jak ustawić.
504 Gateway Time-out
The server didn't respond in time.

edit//
ok już działa obrazek teraz ustawić musze

oto i log z OTL'a:
link http://www.wrzuc.to/3Pulse.wt

[log]OTL logfile created on: 2010-08-30 12:52:29 - Run 2
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\SOKÓŁ\Pulpit
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 80,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): C:\pagefile.sys 4092 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,40 Gb Total Space | 4,60 Gb Free Space | 18,84% Space Free | Partition Type: FAT32
Drive D: | 53,66 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 24,41 Gb Total Space | 12,35 Gb Free Space | 50,57% Space Free | Partition Type: NTFS
Drive F: | 195,31 Gb Total Space | 109,48 Gb Free Space | 56,06% Space Free | Partition Type: NTFS
Drive G: | 221,62 Gb Total Space | 191,77 Gb Free Space | 86,53% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: S------------------
Current User Name: SOKÓŁ
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010-08-28 19:53:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SOKÓŁ\Pulpit\OTL.exe
PRC - [2010-08-27 15:09:30 | 000,340,520 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
PRC - [2010-06-01 19:00:52 | 001,778,480 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2010-06-01 19:00:40 | 002,039,240 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2008-10-21 16:48:50 | 002,154,496 | ---- | M] () -- C:\Program Files\Vtune\TBPANEL.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-11-26 14:54:22 | 001,629,480 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
PRC - [2007-11-26 14:54:12 | 001,554,728 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
PRC - [2007-11-26 14:54:02 | 001,057,064 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCD.exe
PRC - [2007-02-26 10:40:26 | 000,249,856 | ---- | M] (BL) -- C:\Program Files\lg_fwupdate\fwupdate.exe

[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010-08-28 19:53:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SOKÓŁ\Pulpit\OTL.exe
MOD - [2010-06-01 19:00:52 | 000,278,288 | ---- | M] (COMODO) -- C:\WINDOWS\system32\guard32.dll
MOD - [2008-10-21 11:12:16 | 001,486,848 | ---- | M] () -- C:\WINDOWS\system32\nview.dll
MOD - [2008-10-21 11:12:16 | 000,294,912 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwrspl.dll
MOD - [2008-10-21 11:12:16 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll
MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010-08-27 15:09:30 | 000,340,520 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe -- (AVP)
SRV - [2010-06-01 19:00:52 | 001,778,480 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2007-11-26 14:54:12 | 001,554,728 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\NTGLM7X.sys -- (SetupNTGLM7X)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\NTACCESS.sys -- (NTACCESS)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\install4\MSICPL.sys -- (MSICPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\SOKÓŁ\USTAWI~1\Temp\catchme.sys -- (catchme)
DRV - [2010-08-27 15:09:30 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2010-08-11 15:09:50 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010-06-04 11:55:58 | 000,229,312 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2010-06-01 19:00:24 | 000,087,824 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2010-06-01 19:00:22 | 000,025,240 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2010-06-01 19:00:20 | 000,015,464 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmderd.sys -- (cmderd)
DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009-10-14 20:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg)
DRV - [2009-10-02 18:39:44 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009-09-14 13:42:46 | 000,032,272 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2009-09-01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2009-02-14 14:37:08 | 000,223,128 | ---- | M] (DT Soft Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2009-02-14 14:13:54 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009-02-14 14:13:54 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008-10-21 11:12:16 | 006,133,856 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008-07-30 07:51:30 | 000,277,736 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2008-02-14 10:04:06 | 004,676,096 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-01-03 16:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007-11-26 14:54:12 | 000,038,440 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)
DRV - [2007-11-26 14:54:12 | 000,036,776 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2007-11-26 14:54:02 | 000,118,952 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2007-03-16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007-03-16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2006-10-02 12:38:48 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)

[color=#E56717]========== Standard Registry (All) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage

IE - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}:2.5.6.0
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.8
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q="
FF - prefs.js..network.proxy.type: 0

FF - user.js..network.proxy.type: 0
FF - user.js..network.proxy.http: ""
FF - user.js..network.proxy.http_port:
FF - user.js..network.proxy.no_proxies_on: ""

FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-04-09 12:38:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-03-29 15:30:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-03-29 15:30:22 | 000,000,000 | ---D | M]

[2009-03-29 15:30:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Mozilla\Extensions
[2009-03-29 15:30:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-03-29 15:30:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Mozilla\Firefox\Profiles\wp2yb82r.default\extensions
[2010-03-25 15:24:14 | 000,000,000 | ---D | M] (Gladiatus Tools) -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Mozilla\Firefox\Profiles\wp2yb82r.default\extensions\{76063e7f-3558-4b68-8287-54eb6512adc0}
[2010-06-23 17:55:04 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Mozilla\Firefox\Profiles\wp2yb82r.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010-06-23 17:53:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Mozilla\Firefox\Profiles\wp2yb82r.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2009-04-13 07:44:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Mozilla\Firefox\Profiles\wp2yb82r.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
[2010-07-07 15:46:58 | 000,000,000 | ---D | M] (Softonic-Polska Toolbar) -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Mozilla\Firefox\Profiles\wp2yb82r.default\extensions\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}
[2009-08-13 11:01:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Mozilla\Firefox\Profiles\wp2yb82r.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2010-01-07 21:16:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Mozilla\Firefox\Profiles\wp2yb82r.default\extensions\piclens@cooliris.com
[2010-06-23 20:26:30 | 000,000,881 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Mozilla\Firefox\Profiles\wp2yb82r.default\searchplugins\conduit.xml
[2009-03-29 15:30:22 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-03-29 15:30:22 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-04-09 12:38:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2010-03-01 16:38:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
[2010-08-27 14:42:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010-05-15 18:11:46 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\staff@hide-my-ip.com
[2010-07-24 13:42:50 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2010-07-24 13:42:50 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2008-11-11 09:38:54 | 000,663,552 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2008-09-10 21:56:44 | 000,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2008-09-10 21:37:54 | 000,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2007-04-10 17:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2003-05-15 10:01:48 | 000,133,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2009-12-17 17:14:02 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2010-07-24 13:42:50 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2010-07-14 18:00:28 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-07-14 18:00:28 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-07-14 18:00:28 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010-07-14 18:00:28 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-07-14 18:00:28 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-07-14 18:00:28 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-07-14 18:00:28 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-08-05 15:22:32 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll File not found
O3 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\..\Toolbar\ShellBrowser: (&Adres) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\..\Toolbar\ShellBrowser: (&Łącza) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\..\Toolbar\WebBrowser: (&Adres) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\..\Toolbar\WebBrowser: (&Łącza) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LGODDFU] C:\Program Files\lg_fwupdate\fwupdate.exe (BL)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe (Nero AG)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe File not found
O4 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004..\Run: [TBPanel] C:\Program Files\Vtune\TBPanel.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\..Trusted Domains: internet ([]about in Zaufane witryny)
O15 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\..Trusted Domains: mks.com.pl ([www] http in Zaufane witryny)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Moduł wstępnego ładowania interfejsu Browseui - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Demon buforu kategorii składników - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\SOKÓŁ\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\SOKÓŁ\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-08-28 20:14:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Malwarebytes
[2010-08-28 20:14:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-08-28 20:14:44 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-08-28 20:14:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2010-08-28 20:14:43 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-08-27 14:41:23 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2010-08-27 14:41:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
[2010-08-27 14:41:14 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010-08-23 19:29:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SOKÓŁ\Ustawienia lokalne\Dane aplikacji\ESET
[2010-08-19 20:34:38 | 000,000,000 | -H-D | C] -- C:\VritualRoot
[2010-08-19 20:21:51 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\SOKÓŁ\Pulpit\OTL.exe
[2010-08-17 23:24:21 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline
[2010-08-11 18:26:29 | 000,000,000 | -HSD | C] -- C:\Recycled
[2010-08-11 15:37:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SOKÓŁ\Ustawienia lokalne\Dane aplikacji\COMODO
[2010-08-11 15:13:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\COMODO
[2010-08-11 15:09:44 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010-08-11 15:08:35 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2010-08-09 15:57:28 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010-08-06 11:51:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\2K Sports
[2010-08-05 15:48:00 | 009,591,104 | ---- | C] (DT Soft Ltd.) -- C:\Documents and Settings\SOKÓŁ\Pulpit\dtlite4356-0091_(programs.pl).exe
[2010-08-01 18:05:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\65F1CF6331E0450B96F34A88BE7361A6.TMP
[2010-07-17 18:17:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\McAfee
[2010-07-15 14:06:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SOKÓŁ\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2010-07-15 14:06:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2010-07-14 18:15:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee
[2010-07-09 13:45:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SOKÓŁ\Moje dokumenty\Disney Interactive Studios
[2010-07-09 12:04:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\PriceGong
[2010-07-07 18:35:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Need for Speed World
[2010-07-07 17:19:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SOKÓŁ\Ustawienia lokalne\Dane aplikacji\Electronic_Arts_Inc
[2010-07-07 15:53:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\TS3Client
[2010-07-07 15:52:54 | 000,000,000 | ---D | C] -- C:\Program Files\TS3
[2010-07-07 15:51:26 | 013,004,984 | ---- | C] (TeamSpeak Systems GmbH) -- C:\Documents and Settings\SOKÓŁ\Pulpit\TeamSpeak3-Client-win32-3.0.0-beta22.exe
[2010-07-07 15:47:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SOKÓŁ\Ustawienia lokalne\Dane aplikacji\TeamSpeak 3 Client
[2010-07-05 16:41:02 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010-07-05 16:40:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-07-02 11:13:34 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010-07-02 10:55:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\DAEMON Tools Lite
[2010-07-02 10:55:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-08-30 11:46:20 | 000,000,305 | ---- | M] () -- C:\WINDOWS\lgfwup.ini
[2010-08-30 11:46:16 | 000,200,907 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-08-30 11:43:48 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-08-30 11:43:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-08-30 01:19:04 | 012,058,624 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\NTUSER.DAT
[2010-08-30 00:40:58 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-08-29 18:57:32 | 000,001,934 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\36686_1277821038_thumb.jpg
[2010-08-29 14:19:00 | 000,123,822 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\dzierrzoniów.jpg
[2010-08-29 14:19:00 | 000,026,429 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\.recently-used.xbel
[2010-08-29 12:21:10 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\SOKÓŁ\ntuser.ini
[2010-08-28 20:14:50 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-08-28 19:53:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SOKÓŁ\Pulpit\OTL.exe
[2010-08-28 14:41:24 | 005,929,292 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\thisbox.zip
[2010-08-27 15:30:48 | 000,089,338 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\afs.jpg
[2010-08-27 15:09:30 | 000,315,408 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010-08-27 15:09:28 | 000,113,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010-08-27 15:09:28 | 000,097,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010-08-25 15:24:54 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-08-25 11:32:06 | 000,186,219 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\zolnierze.jpg
[2010-08-24 22:14:20 | 000,002,838 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\formularz-konkurs-nr-3.doc
[2010-08-23 16:55:44 | 000,298,440 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\wazna.jpg
[2010-08-22 23:17:54 | 000,208,454 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\img.jpg
[2010-08-21 23:13:34 | 000,058,878 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\witamy.gif
[2010-08-21 18:38:20 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\ComboFix.com.exe
[2010-08-20 22:56:34 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\ComboFix.exe
[2010-08-20 15:25:34 | 000,046,338 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\gifek.gif
[2010-08-20 00:16:52 | 000,054,334 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\pad.jpg
[2010-08-19 20:23:08 | 000,000,435 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-08-19 20:22:00 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\fifa2010.exe
[2010-08-18 23:51:38 | 000,089,130 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\avek4.jpg
[2010-08-18 23:50:34 | 000,103,750 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\avek3.jpg
[2010-08-18 23:50:04 | 000,104,236 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\avek2.jpg
[2010-08-18 23:47:50 | 000,060,339 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\avek1.jpg
[2010-08-18 20:54:48 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\OTL.scr
[2010-08-18 14:28:48 | 000,136,846 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\prawie.jpg
[2010-08-18 00:06:40 | 000,025,174 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\wir2.jpg
[2010-08-18 00:02:10 | 000,074,903 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\Wir1.jpg
[2010-08-16 22:55:56 | 000,001,240 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\fix.reg
[2010-08-16 16:24:50 | 000,000,430 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\rejestr.reg
[2010-08-15 19:08:12 | 000,033,945 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\50aef0b30017c8c84b265c5c.jpeg
[2010-08-14 13:34:34 | 000,004,808 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\comic-tattoo-128178560425423.gif
[2010-08-13 23:47:56 | 000,086,317 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\jpgthis.jpg
[2010-08-12 17:09:08 | 480,157,696 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\Backup.bkf
[2010-08-12 16:03:06 | 004,285,066 | -H-- | M] () -- C:\Documents and Settings\SOKÓŁ\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-08-12 00:12:56 | 000,040,448 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-08-11 22:09:36 | 000,007,150 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\images.jpeg
[2010-08-11 20:02:28 | 000,349,303 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\dsa.jpg
[2010-08-11 20:02:16 | 000,935,209 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\dsa.xcf
[2010-08-11 18:34:42 | 000,067,760 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2010-08-11 16:51:42 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\gmer.zip
[2010-08-11 15:09:50 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-08-11 15:09:50 | 000,001,517 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2010-08-11 15:08:42 | 000,001,653 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\COMODO Internet Security.lnk
[2010-08-11 15:01:58 | 000,091,728 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-08-11 14:59:54 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-08-11 12:48:38 | 000,201,499 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\jpgbieber.jpg
[2010-08-11 09:59:26 | 000,319,544 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-08-10 21:58:38 | 000,146,264 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\Sharkys Medn SOKÓŁ.jpg
[2010-08-10 20:45:46 | 000,138,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010-08-10 19:42:48 | 055,358,817 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\Chali 2na ft Beenie Man _amp;quot;International_amp;quot; Official Video.mp4
[2010-08-10 17:57:10 | 000,000,594 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-08-10 00:29:00 | 000,000,120 | ---- | M] () -- C:\WINDOWS\disney.ini
[2010-08-05 16:13:04 | 000,001,477 | ---- | M] () -- C:\WINDOWS\eReg.dat
[2010-08-05 15:48:52 | 009,591,104 | ---- | M] (DT Soft Ltd.) -- C:\Documents and Settings\SOKÓŁ\Pulpit\dtlite4356-0091_(programs.pl).exe
[2010-08-04 14:27:02 | 000,000,192 | ---- | M] () -- C:\boot.ini
[2010-08-02 23:47:34 | 000,001,881 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\Wid.gif
[2010-08-02 23:41:26 | 000,000,322 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\wing18.gif
[2010-07-28 17:06:26 | 000,214,816 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010-07-27 20:55:42 | 000,033,519 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\pope_face_palm.jpg
[2010-07-24 20:31:34 | 000,000,796 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\DVDVideoSoft Free Studio.lnk
[2010-07-20 23:40:08 | 000,039,395 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Moje dokumenty\cl.exct.net.htm
[2010-07-09 17:03:02 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\wavepadShakeIcon.job
[2010-07-08 19:52:44 | 000,012,385 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\468x60.jpg
[2010-07-08 00:53:54 | 000,223,508 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Moje dokumenty\ts3_clientui-win32-11315-2010-07-08 00_53_52.390625.dmp
[2010-07-07 15:53:04 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\TeamSpeak 3 Client.lnk
[2010-07-07 15:52:28 | 013,004,984 | ---- | M] (TeamSpeak Systems GmbH) -- C:\Documents and Settings\SOKÓŁ\Pulpit\TeamSpeak3-Client-win32-3.0.0-beta22.exe
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-08-29 18:57:30 | 000,001,934 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\36686_1277821038_thumb.jpg
[2010-08-29 14:18:58 | 000,123,822 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\dzierrzoniów.jpg
[2010-08-29 14:18:58 | 000,026,429 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\.recently-used.xbel
[2010-08-28 20:14:48 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-08-28 14:38:18 | 005,929,292 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\thisbox.zip
[2010-08-27 15:30:45 | 000,089,338 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\afs.jpg
[2010-08-27 14:41:59 | 000,113,933 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010-08-27 14:41:59 | 000,097,549 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010-08-25 11:32:04 | 000,186,219 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\zolnierze.jpg
[2010-08-24 21:48:34 | 000,002,838 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\formularz-konkurs-nr-3.doc
[2010-08-23 16:55:43 | 000,298,440 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\wazna.jpg
[2010-08-22 23:17:51 | 000,208,454 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\img.jpg
[2010-08-21 20:38:47 | 000,058,878 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\witamy.gif
[2010-08-21 18:38:18 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\ComboFix.com.exe
[2010-08-20 22:56:32 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\ComboFix.exe
[2010-08-20 15:23:46 | 000,046,338 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\gifek.gif
[2010-08-20 00:16:50 | 000,054,334 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\pad.jpg
[2010-08-19 20:21:58 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\fifa2010.exe
[2010-08-18 23:51:37 | 000,089,130 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\avek4.jpg
[2010-08-18 23:50:32 | 000,103,750 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\avek3.jpg
[2010-08-18 23:50:02 | 000,104,236 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\avek2.jpg
[2010-08-18 23:47:48 | 000,060,339 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\avek1.jpg
[2010-08-18 20:54:46 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\OTL.scr
[2010-08-18 14:28:46 | 000,136,846 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\prawie.jpg
[2010-08-18 00:06:39 | 000,025,174 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\wir2.jpg
[2010-08-18 00:02:08 | 000,074,903 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\Wir1.jpg
[2010-08-16 22:49:13 | 000,001,240 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\fix.reg
[2010-08-16 11:57:40 | 000,000,430 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\rejestr.reg
[2010-08-15 19:08:09 | 000,033,945 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\50aef0b30017c8c84b265c5c.jpeg
[2010-08-14 13:33:41 | 000,004,808 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\comic-tattoo-128178560425423.gif
[2010-08-13 23:47:55 | 000,086,317 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\jpgthis.jpg
[2010-08-12 17:29:46 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\gmer.exe
[2010-08-12 17:06:30 | 480,157,696 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\Backup.bkf
[2010-08-11 22:09:35 | 000,007,150 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\images.jpeg
[2010-08-11 20:02:27 | 000,349,303 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\dsa.jpg
[2010-08-11 20:02:15 | 000,935,209 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\dsa.xcf
[2010-08-11 16:51:40 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\gmer.zip
[2010-08-11 15:13:01 | 000,067,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2010-08-11 15:08:41 | 000,001,653 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\COMODO Internet Security.lnk
[2010-08-11 12:48:37 | 000,201,499 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\jpgbieber.jpg
[2010-08-10 21:58:36 | 000,146,264 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\Sharkys Medn SOKÓŁ.jpg
[2010-08-10 19:37:34 | 055,358,817 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\Chali 2na ft Beenie Man _amp;quot;International_amp;quot; Official Video.mp4
[2010-08-05 15:52:19 | 000,001,517 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2010-08-04 14:21:55 | 000,000,192 | ---- | C] () -- C:\boot.ini
[2010-08-02 23:47:31 | 000,001,881 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\Wid.gif
[2010-08-02 21:02:00 | 000,000,322 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\wing18.gif
[2010-07-31 11:35:41 | 000,012,385 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\468x60.jpg
[2010-07-27 20:55:41 | 000,033,519 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\pope_face_palm.jpg
[2010-07-20 23:40:07 | 000,039,395 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Moje dokumenty\cl.exct.net.htm
[2010-07-08 00:53:52 | 000,223,508 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Moje dokumenty\ts3_clientui-win32-11315-2010-07-08 00_53_52.390625.dmp
[2010-07-07 15:53:03 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\TeamSpeak 3 Client.lnk
[2010-03-04 23:22:43 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2010-02-27 14:41:12 | 000,000,286 | ---- | C] () -- C:\WINDOWS\game.ini
[2010-02-23 22:13:31 | 000,000,612 | ---- | C] () -- C:\WINDOWS\mp3wavcon.ini
[2010-02-23 22:12:33 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010-02-19 19:31:20 | 000,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
[2009-08-26 14:01:08 | 000,001,065 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2009-05-22 21:25:30 | 000,000,028 | ---- | C] () -- C:\WINDOWS\Robota.INI
[2009-05-22 21:25:03 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\mgxasio2.dll
[2009-05-22 21:24:47 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2009-05-22 21:24:35 | 000,005,937 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2009-05-07 07:05:43 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009-05-02 11:11:51 | 000,000,056 | ---- | C] () -- C:\WINDOWS\WDIRECT.INI
[2009-04-22 00:19:06 | 000,172,173 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009-04-15 20:51:29 | 002,012,832 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2009-04-13 21:00:09 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009-04-10 08:43:49 | 000,654,848 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2009-04-10 08:43:48 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-04-10 08:43:48 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-04-10 08:43:48 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-04-10 08:43:47 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-04-10 08:43:47 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-04-02 10:45:25 | 000,138,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-04-02 10:45:25 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\PnkBstrK.sys
[2009-03-22 18:45:03 | 000,000,120 | ---- | C] () -- C:\WINDOWS\disney.ini
[2009-03-03 19:39:01 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009-03-03 19:37:16 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CDE DX4400DEFGIPS.ini
[2009-02-26 15:26:21 | 000,040,448 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-02-22 13:28:55 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-02-21 11:45:39 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-02-14 14:13:52 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009-02-14 14:13:52 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009-02-14 13:55:10 | 000,000,305 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2008-10-21 11:12:16 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008-10-21 11:12:16 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008-10-21 11:12:16 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008-10-21 11:12:16 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-10-21 11:12:16 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll

[color=#E56717]========== LOP Check ==========[/color]

[2009-03-03 19:38:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EPSON
[2009-03-03 19:40:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UDL
[2009-04-07 15:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited
[2009-04-18 23:14:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Activision
[2009-04-22 12:27:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2009-04-28 15:01:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft
[2009-04-29 18:31:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Winter Sports 2009
[2009-05-03 13:21:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-05-04 18:59:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sports Interactive
[2009-05-22 21:24:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MAGIX
[2009-06-01 22:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Fallout3
[2009-06-02 21:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NCH Swift Sound
[2009-08-13 23:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-01-31 23:01:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\InterAction studios
[2010-02-09 22:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-02-16 22:42:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ACD Systems
[2010-03-27 16:27:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-03-27 19:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\RoboForm
[2010-03-31 22:43:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony
[2010-07-02 10:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-07-05 16:40:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-06-06 16:09:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\GameTracker
[2009-03-22 20:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Touchstone
[2009-03-26 16:26:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Leadertech
[2009-04-09 14:05:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Nowe Gadu-Gadu
[2009-04-13 09:03:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\uTorrent
[2009-04-16 17:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\BESTplayer
[2009-04-18 23:14:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Activision
[2009-04-21 14:42:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\OpenFM
[2009-04-28 15:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Ubisoft
[2009-04-29 18:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\ProtectDisc
[2009-05-04 18:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Sports Interactive
[2009-05-22 21:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\MAGIX
[2009-06-02 21:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\NCH Swift Sound
[2009-06-27 11:29:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\DAEMON Tools Pro
[2009-06-27 11:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\advantage
[2009-06-28 23:57:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Opera
[2010-01-23 00:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\gtk-2.0
[2010-02-01 13:40:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Toolbar4
[2010-02-09 22:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\ipla
[2010-02-16 22:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\ACD Systems
[2010-02-28 13:27:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\FileZilla
[2010-03-08 19:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\SystemUp
[2010-03-27 16:27:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Gadu-Gadu 10
[2010-03-31 22:47:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Sony
[2010-03-31 22:47:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Publish Providers
[2010-04-12 15:35:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\GlarySoft
[2010-04-29 14:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\GG Tools
[2010-06-23 17:53:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\DVDVideoSoftIEHelpers
[2010-07-02 10:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\DAEMON Tools Lite
[2010-07-07 15:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\TS3Client
[2010-07-07 18:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Need for Speed World
[2010-07-09 12:04:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\PriceGong
[2010-08-06 11:51:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\2K Sports
[2010-07-09 17:03:02 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\wavepadShakeIcon.job

[color=#E56717]========== Purity Check ==========[/color]

< End of report >
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010-08-27 15:09:30 | 000,340,520 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe -- (AVP)
SRV - [2010-06-01 19:00:52 | 001,778,480 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2007-11-26 14:54:12 | 001,554,728 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\NTGLM7X.sys -- (SetupNTGLM7X)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\NTACCESS.sys -- (NTACCESS)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\install4\MSICPL.sys -- (MSICPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\SOKÓŁ\USTAWI~1\Temp\catchme.sys -- (catchme)
DRV - [2010-08-27 15:09:30 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2010-08-11 15:09:50 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010-06-04 11:55:58 | 000,229,312 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2010-06-01 19:00:24 | 000,087,824 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2010-06-01 19:00:22 | 000,025,240 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2010-06-01 19:00:20 | 000,015,464 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmderd.sys -- (cmderd)
DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009-10-14 20:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg)
DRV - [2009-10-02 18:39:44 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009-09-14 13:42:46 | 000,032,272 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2009-09-01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2009-02-14 14:37:08 | 000,223,128 | ---- | M] (DT Soft Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2009-02-14 14:13:54 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009-02-14 14:13:54 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008-10-21 11:12:16 | 006,133,856 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008-07-30 07:51:30 | 000,277,736 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2008-02-14 10:04:06 | 004,676,096 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-01-03 16:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007-11-26 14:54:12 | 000,038,440 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)
DRV - [2007-11-26 14:54:12 | 000,036,776 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2007-11-26 14:54:02 | 000,118,952 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2007-03-16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007-03-16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2006-10-02 12:38:48 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)

[color=#E56717]========== Standard Registry (All) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage

IE - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}:2.5.6.0
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.8
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q="
FF - prefs.js..network.proxy.type: 0

FF - user.js..network.proxy.type: 0
FF - user.js..network.proxy.http: ""
FF - user.js..network.proxy.http_port:
FF - user.js..network.proxy.no_proxies_on: ""

FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-04-09 12:38:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-03-29 15:30:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-03-29 15:30:22 | 000,000,000 | ---D | M]

[2009-03-29 15:30:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Mozilla\Extensions
[2009-03-29 15:30:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-03-29 15:30:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Mozilla\Firefox\Profiles\wp2yb82r.default\extensions
[2010-03-25 15:24:14 | 000,000,000 | ---D | M] (Gladiatus Tools) -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Mozilla\Firefox\Profiles\wp2yb82r.default\extensions\{76063e7f-3558-4b68-8287-54eb6512adc0}
[2010-06-23 17:55:04 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Mozilla\Firefox\Profiles\wp2yb82r.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010-06-23 17:53:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Mozilla\Firefox\Profiles\wp2yb82r.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2009-04-13 07:44:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Mozilla\Firefox\Profiles\wp2yb82r.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
[2010-07-07 15:46:58 | 000,000,000 | ---D | M] (Softonic-Polska Toolbar) -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Mozilla\Firefox\Profiles\wp2yb82r.default\extensions\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}
[2009-08-13 11:01:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Mozilla\Firefox\Profiles\wp2yb82r.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2010-01-07 21:16:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Mozilla\Firefox\Profiles\wp2yb82r.default\extensions\piclens@cooliris.com
[2010-06-23 20:26:30 | 000,000,881 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Mozilla\Firefox\Profiles\wp2yb82r.default\searchplugins\conduit.xml
[2009-03-29 15:30:22 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-03-29 15:30:22 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-04-09 12:38:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2010-03-01 16:38:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
[2010-08-27 14:42:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010-05-15 18:11:46 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\staff@hide-my-ip.com
[2010-07-24 13:42:50 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2010-07-24 13:42:50 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2008-11-11 09:38:54 | 000,663,552 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2008-09-10 21:56:44 | 000,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2008-09-10 21:37:54 | 000,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2007-04-10 17:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2003-05-15 10:01:48 | 000,133,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2009-12-17 17:14:02 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2010-07-24 13:42:50 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2010-07-14 18:00:28 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-07-14 18:00:28 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-07-14 18:00:28 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010-07-14 18:00:28 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-07-14 18:00:28 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-07-14 18:00:28 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-07-14 18:00:28 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-08-05 15:22:32 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll File not found
O3 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\..\Toolbar\ShellBrowser: (&Adres) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\..\Toolbar\ShellBrowser: (&Łącza) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\..\Toolbar\WebBrowser: (&Adres) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\..\Toolbar\WebBrowser: (&Łącza) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LGODDFU] C:\Program Files\lg_fwupdate\fwupdate.exe (BL)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe (Nero AG)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe File not found
O4 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004..\Run: [TBPanel] C:\Program Files\Vtune\TBPanel.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\..Trusted Domains: internet ([]about in Zaufane witryny)
O15 - HKU\S-1-5-21-1078081533-1957994488-725345543-1004\..Trusted Domains: mks.com.pl ([www] http in Zaufane witryny)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Moduł wstępnego ładowania interfejsu Browseui - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Demon buforu kategorii składników - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\SOKÓŁ\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\SOKÓŁ\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-08-28 20:14:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Malwarebytes
[2010-08-28 20:14:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-08-28 20:14:44 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-08-28 20:14:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2010-08-28 20:14:43 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-08-27 14:41:23 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2010-08-27 14:41:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
[2010-08-27 14:41:14 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010-08-23 19:29:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SOKÓŁ\Ustawienia lokalne\Dane aplikacji\ESET
[2010-08-19 20:34:38 | 000,000,000 | -H-D | C] -- C:\VritualRoot
[2010-08-19 20:21:51 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\SOKÓŁ\Pulpit\OTL.exe
[2010-08-17 23:24:21 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline
[2010-08-11 18:26:29 | 000,000,000 | -HSD | C] -- C:\Recycled
[2010-08-11 15:37:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SOKÓŁ\Ustawienia lokalne\Dane aplikacji\COMODO
[2010-08-11 15:13:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\COMODO
[2010-08-11 15:09:44 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010-08-11 15:08:35 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2010-08-09 15:57:28 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010-08-06 11:51:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\2K Sports
[2010-08-05 15:48:00 | 009,591,104 | ---- | C] (DT Soft Ltd.) -- C:\Documents and Settings\SOKÓŁ\Pulpit\dtlite4356-0091_(programs.pl).exe
[2010-08-01 18:05:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\65F1CF6331E0450B96F34A88BE7361A6.TMP
[2010-07-17 18:17:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\McAfee
[2010-07-15 14:06:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SOKÓŁ\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2010-07-15 14:06:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2010-07-14 18:15:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee
[2010-07-09 13:45:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SOKÓŁ\Moje dokumenty\Disney Interactive Studios
[2010-07-09 12:04:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\PriceGong
[2010-07-07 18:35:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Need for Speed World
[2010-07-07 17:19:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SOKÓŁ\Ustawienia lokalne\Dane aplikacji\Electronic_Arts_Inc
[2010-07-07 15:53:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\TS3Client
[2010-07-07 15:52:54 | 000,000,000 | ---D | C] -- C:\Program Files\TS3
[2010-07-07 15:51:26 | 013,004,984 | ---- | C] (TeamSpeak Systems GmbH) -- C:\Documents and Settings\SOKÓŁ\Pulpit\TeamSpeak3-Client-win32-3.0.0-beta22.exe
[2010-07-07 15:47:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SOKÓŁ\Ustawienia lokalne\Dane aplikacji\TeamSpeak 3 Client
[2010-07-05 16:41:02 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010-07-05 16:40:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-07-02 11:13:34 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010-07-02 10:55:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\DAEMON Tools Lite
[2010-07-02 10:55:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-08-30 11:46:20 | 000,000,305 | ---- | M] () -- C:\WINDOWS\lgfwup.ini
[2010-08-30 11:46:16 | 000,200,907 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-08-30 11:43:48 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-08-30 11:43:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-08-30 01:19:04 | 012,058,624 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\NTUSER.DAT
[2010-08-30 00:40:58 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-08-29 18:57:32 | 000,001,934 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\36686_1277821038_thumb.jpg
[2010-08-29 14:19:00 | 000,123,822 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\dzierrzoniów.jpg
[2010-08-29 14:19:00 | 000,026,429 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\.recently-used.xbel
[2010-08-29 12:21:10 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\SOKÓŁ\ntuser.ini
[2010-08-28 20:14:50 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-08-28 19:53:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SOKÓŁ\Pulpit\OTL.exe
[2010-08-28 14:41:24 | 005,929,292 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\thisbox.zip
[2010-08-27 15:30:48 | 000,089,338 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\afs.jpg
[2010-08-27 15:09:30 | 000,315,408 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010-08-27 15:09:28 | 000,113,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010-08-27 15:09:28 | 000,097,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010-08-25 15:24:54 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-08-25 11:32:06 | 000,186,219 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\zolnierze.jpg
[2010-08-24 22:14:20 | 000,002,838 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\formularz-konkurs-nr-3.doc
[2010-08-23 16:55:44 | 000,298,440 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\wazna.jpg
[2010-08-22 23:17:54 | 000,208,454 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\img.jpg
[2010-08-21 23:13:34 | 000,058,878 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\witamy.gif
[2010-08-21 18:38:20 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\ComboFix.com.exe
[2010-08-20 22:56:34 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\ComboFix.exe
[2010-08-20 15:25:34 | 000,046,338 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\gifek.gif
[2010-08-20 00:16:52 | 000,054,334 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\pad.jpg
[2010-08-19 20:23:08 | 000,000,435 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-08-19 20:22:00 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\fifa2010.exe
[2010-08-18 23:51:38 | 000,089,130 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\avek4.jpg
[2010-08-18 23:50:34 | 000,103,750 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\avek3.jpg
[2010-08-18 23:50:04 | 000,104,236 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\avek2.jpg
[2010-08-18 23:47:50 | 000,060,339 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\avek1.jpg
[2010-08-18 20:54:48 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\OTL.scr
[2010-08-18 14:28:48 | 000,136,846 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\prawie.jpg
[2010-08-18 00:06:40 | 000,025,174 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\wir2.jpg
[2010-08-18 00:02:10 | 000,074,903 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\Wir1.jpg
[2010-08-16 22:55:56 | 000,001,240 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\fix.reg
[2010-08-16 16:24:50 | 000,000,430 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\rejestr.reg
[2010-08-15 19:08:12 | 000,033,945 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\50aef0b30017c8c84b265c5c.jpeg
[2010-08-14 13:34:34 | 000,004,808 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\comic-tattoo-128178560425423.gif
[2010-08-13 23:47:56 | 000,086,317 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\jpgthis.jpg
[2010-08-12 17:09:08 | 480,157,696 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\Backup.bkf
[2010-08-12 16:03:06 | 004,285,066 | -H-- | M] () -- C:\Documents and Settings\SOKÓŁ\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-08-12 00:12:56 | 000,040,448 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-08-11 22:09:36 | 000,007,150 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\images.jpeg
[2010-08-11 20:02:28 | 000,349,303 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\dsa.jpg
[2010-08-11 20:02:16 | 000,935,209 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\dsa.xcf
[2010-08-11 18:34:42 | 000,067,760 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2010-08-11 16:51:42 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\gmer.zip
[2010-08-11 15:09:50 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-08-11 15:09:50 | 000,001,517 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2010-08-11 15:08:42 | 000,001,653 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\COMODO Internet Security.lnk
[2010-08-11 15:01:58 | 000,091,728 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-08-11 14:59:54 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-08-11 12:48:38 | 000,201,499 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\jpgbieber.jpg
[2010-08-11 09:59:26 | 000,319,544 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-08-10 21:58:38 | 000,146,264 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\Sharkys Medn SOKÓŁ.jpg
[2010-08-10 20:45:46 | 000,138,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010-08-10 19:42:48 | 055,358,817 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\Chali 2na ft Beenie Man _amp;quot;International_amp;quot; Official Video.mp4
[2010-08-10 17:57:10 | 000,000,594 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-08-10 00:29:00 | 000,000,120 | ---- | M] () -- C:\WINDOWS\disney.ini
[2010-08-05 16:13:04 | 000,001,477 | ---- | M] () -- C:\WINDOWS\eReg.dat
[2010-08-05 15:48:52 | 009,591,104 | ---- | M] (DT Soft Ltd.) -- C:\Documents and Settings\SOKÓŁ\Pulpit\dtlite4356-0091_(programs.pl).exe
[2010-08-04 14:27:02 | 000,000,192 | ---- | M] () -- C:\boot.ini
[2010-08-02 23:47:34 | 000,001,881 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\Wid.gif
[2010-08-02 23:41:26 | 000,000,322 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\wing18.gif
[2010-07-28 17:06:26 | 000,214,816 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010-07-27 20:55:42 | 000,033,519 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\pope_face_palm.jpg
[2010-07-24 20:31:34 | 000,000,796 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\DVDVideoSoft Free Studio.lnk
[2010-07-20 23:40:08 | 000,039,395 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Moje dokumenty\cl.exct.net.htm
[2010-07-09 17:03:02 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\wavepadShakeIcon.job
[2010-07-08 19:52:44 | 000,012,385 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\468x60.jpg
[2010-07-08 00:53:54 | 000,223,508 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Moje dokumenty\ts3_clientui-win32-11315-2010-07-08 00_53_52.390625.dmp
[2010-07-07 15:53:04 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\TeamSpeak 3 Client.lnk
[2010-07-07 15:52:28 | 013,004,984 | ---- | M] (TeamSpeak Systems GmbH) -- C:\Documents and Settings\SOKÓŁ\Pulpit\TeamSpeak3-Client-win32-3.0.0-beta22.exe
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-08-29 18:57:30 | 000,001,934 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\36686_1277821038_thumb.jpg
[2010-08-29 14:18:58 | 000,123,822 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\dzierrzoniów.jpg
[2010-08-29 14:18:58 | 000,026,429 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\.recently-used.xbel
[2010-08-28 20:14:48 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-08-28 14:38:18 | 005,929,292 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\thisbox.zip
[2010-08-27 15:30:45 | 000,089,338 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\afs.jpg
[2010-08-27 14:41:59 | 000,113,933 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010-08-27 14:41:59 | 000,097,549 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010-08-25 11:32:04 | 000,186,219 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\zolnierze.jpg
[2010-08-24 21:48:34 | 000,002,838 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\formularz-konkurs-nr-3.doc
[2010-08-23 16:55:43 | 000,298,440 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\wazna.jpg
[2010-08-22 23:17:51 | 000,208,454 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\img.jpg
[2010-08-21 20:38:47 | 000,058,878 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\witamy.gif
[2010-08-21 18:38:18 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\ComboFix.com.exe
[2010-08-20 22:56:32 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\ComboFix.exe
[2010-08-20 15:23:46 | 000,046,338 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\gifek.gif
[2010-08-20 00:16:50 | 000,054,334 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\pad.jpg
[2010-08-19 20:21:58 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\fifa2010.exe
[2010-08-18 23:51:37 | 000,089,130 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\avek4.jpg
[2010-08-18 23:50:32 | 000,103,750 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\avek3.jpg
[2010-08-18 23:50:02 | 000,104,236 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\avek2.jpg
[2010-08-18 23:47:48 | 000,060,339 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\avek1.jpg
[2010-08-18 20:54:46 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\OTL.scr
[2010-08-18 14:28:46 | 000,136,846 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\prawie.jpg
[2010-08-18 00:06:39 | 000,025,174 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\wir2.jpg
[2010-08-18 00:02:08 | 000,074,903 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\Wir1.jpg
[2010-08-16 22:49:13 | 000,001,240 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\fix.reg
[2010-08-16 11:57:40 | 000,000,430 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\rejestr.reg
[2010-08-15 19:08:09 | 000,033,945 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\50aef0b30017c8c84b265c5c.jpeg
[2010-08-14 13:33:41 | 000,004,808 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\comic-tattoo-128178560425423.gif
[2010-08-13 23:47:55 | 000,086,317 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\jpgthis.jpg
[2010-08-12 17:29:46 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\gmer.exe
[2010-08-12 17:06:30 | 480,157,696 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\Backup.bkf
[2010-08-11 22:09:35 | 000,007,150 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\images.jpeg
[2010-08-11 20:02:27 | 000,349,303 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\dsa.jpg
[2010-08-11 20:02:15 | 000,935,209 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\dsa.xcf
[2010-08-11 16:51:40 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\gmer.zip
[2010-08-11 15:13:01 | 000,067,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2010-08-11 15:08:41 | 000,001,653 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\COMODO Internet Security.lnk
[2010-08-11 12:48:37 | 000,201,499 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\jpgbieber.jpg
[2010-08-10 21:58:36 | 000,146,264 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\Sharkys Medn SOKÓŁ.jpg
[2010-08-10 19:37:34 | 055,358,817 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\Chali 2na ft Beenie Man _amp;quot;International_amp;quot; Official Video.mp4
[2010-08-05 15:52:19 | 000,001,517 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2010-08-04 14:21:55 | 000,000,192 | ---- | C] () -- C:\boot.ini
[2010-08-02 23:47:31 | 000,001,881 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\Wid.gif
[2010-08-02 21:02:00 | 000,000,322 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\wing18.gif
[2010-07-31 11:35:41 | 000,012,385 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\468x60.jpg
[2010-07-27 20:55:41 | 000,033,519 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\pope_face_palm.jpg
[2010-07-20 23:40:07 | 000,039,395 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Moje dokumenty\cl.exct.net.htm
[2010-07-08 00:53:52 | 000,223,508 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Moje dokumenty\ts3_clientui-win32-11315-2010-07-08 00_53_52.390625.dmp
[2010-07-07 15:53:03 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Pulpit\TeamSpeak 3 Client.lnk
[2010-03-04 23:22:43 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2010-02-27 14:41:12 | 000,000,286 | ---- | C] () -- C:\WINDOWS\game.ini
[2010-02-23 22:13:31 | 000,000,612 | ---- | C] () -- C:\WINDOWS\mp3wavcon.ini
[2010-02-23 22:12:33 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010-02-19 19:31:20 | 000,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
[2009-08-26 14:01:08 | 000,001,065 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2009-05-22 21:25:30 | 000,000,028 | ---- | C] () -- C:\WINDOWS\Robota.INI
[2009-05-22 21:25:03 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\mgxasio2.dll
[2009-05-22 21:24:47 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2009-05-22 21:24:35 | 000,005,937 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2009-05-07 07:05:43 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009-05-02 11:11:51 | 000,000,056 | ---- | C] () -- C:\WINDOWS\WDIRECT.INI
[2009-04-22 00:19:06 | 000,172,173 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009-04-15 20:51:29 | 002,012,832 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2009-04-13 21:00:09 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009-04-10 08:43:49 | 000,654,848 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2009-04-10 08:43:48 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-04-10 08:43:48 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-04-10 08:43:48 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-04-10 08:43:47 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-04-10 08:43:47 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-04-02 10:45:25 | 000,138,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-04-02 10:45:25 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\PnkBstrK.sys
[2009-03-22 18:45:03 | 000,000,120 | ---- | C] () -- C:\WINDOWS\disney.ini
[2009-03-03 19:39:01 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009-03-03 19:37:16 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CDE DX4400DEFGIPS.ini
[2009-02-26 15:26:21 | 000,040,448 | ---- | C] () -- C:\Documents and Settings\SOKÓŁ\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-02-22 13:28:55 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-02-21 11:45:39 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-02-14 14:13:52 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009-02-14 14:13:52 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009-02-14 13:55:10 | 000,000,305 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2008-10-21 11:12:16 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008-10-21 11:12:16 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008-10-21 11:12:16 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008-10-21 11:12:16 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-10-21 11:12:16 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll

[color=#E56717]========== LOP Check ==========[/color]

[2009-03-03 19:38:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EPSON
[2009-03-03 19:40:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UDL
[2009-04-07 15:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited
[2009-04-18 23:14:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Activision
[2009-04-22 12:27:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2009-04-28 15:01:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft
[2009-04-29 18:31:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Winter Sports 2009
[2009-05-03 13:21:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-05-04 18:59:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sports Interactive
[2009-05-22 21:24:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MAGIX
[2009-06-01 22:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Fallout3
[2009-06-02 21:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NCH Swift Sound
[2009-08-13 23:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-01-31 23:01:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\InterAction studios
[2010-02-09 22:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-02-16 22:42:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ACD Systems
[2010-03-27 16:27:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-03-27 19:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\RoboForm
[2010-03-31 22:43:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony
[2010-07-02 10:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-07-05 16:40:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-06-06 16:09:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\GameTracker
[2009-03-22 20:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Touchstone
[2009-03-26 16:26:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Leadertech
[2009-04-09 14:05:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Nowe Gadu-Gadu
[2009-04-13 09:03:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\uTorrent
[2009-04-16 17:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\BESTplayer
[2009-04-18 23:14:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Activision
[2009-04-21 14:42:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\OpenFM
[2009-04-28 15:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Ubisoft
[2009-04-29 18:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\ProtectDisc
[2009-05-04 18:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Sports Interactive
[2009-05-22 21:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\MAGIX
[2009-06-02 21:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\NCH Swift Sound
[2009-06-27 11:29:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\DAEMON Tools Pro
[2009-06-27 11:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\advantage
[2009-06-28 23:57:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Opera
[2010-01-23 00:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\gtk-2.0
[2010-02-01 13:40:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Toolbar4
[2010-02-09 22:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\ipla
[2010-02-16 22:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\ACD Systems
[2010-02-28 13:27:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\FileZilla
[2010-03-08 19:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\SystemUp
[2010-03-27 16:27:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Gadu-Gadu 10
[2010-03-31 22:47:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Sony
[2010-03-31 22:47:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Publish Providers
[2010-04-12 15:35:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\GlarySoft
[2010-04-29 14:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\GG Tools
[2010-06-23 17:53:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\DVDVideoSoftIEHelpers
[2010-07-02 10:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\DAEMON Tools Lite
[2010-07-07 15:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\TS3Client
[2010-07-07 18:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\Need for Speed World
[2010-07-09 12:04:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\PriceGong
[2010-08-06 11:51:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SOKÓŁ\Dane aplikacji\2K Sports
[2010-07-09 17:03:02 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\wavepadShakeIcon.job

[color=#E56717]========== Purity Check ==========[/color]

< End of report >
[/log]

.

Edytowane 30 sierpnia 2010 przez Rootkitth

Zaloguj się

Rootkit-inny niż wszystkie!

Tomek01

Rootkit

ziomal166

Tomek01

Rootkit

Tomek01

Rootkit

Sohei

Rootkit

Tomek01

Rootkit

Sohei

Rootkit

Sohei

Rootkit

Sohei

Rootkit

Tomek01

Rootkit

Tomek01

Rootkit

Tomek01

Rootkit

Tomek01

Rootkit

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Strona główna

Powiadomienie o plikach cookie