x-kom hosting

Błąd przy włączaniu

Hereinder
utworzono
utworzono (edytowane)

Gdy próbuje odpalić gre wyskakuje mi taki komunikat "operacja została anulowana ze względu na ograniczenia nałożone na ten komputer..." Czytałem troche o tym i podobno zeby to rozwiązac potrzebny jest log :

[log]Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:01:13, on 2010-08-20
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nowe Gadu-Gadu\gg.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe
D:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\jqsnotify.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://search.localstrike.com.ar/"]http://search.localstrike.com.ar/[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.videoxdvd.com/"]http://www.videoxdvd.com/[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Dom\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe[/log]


Proszę o pomoc

[color="#ff0000"]//przenosze do Bezpieczeństwa
//dan[/color]

Pawel9588
komentarz
komentarz

otwórz notatnik i wklej to:

Windows Registry Editor Version 5.00

[code][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"StartMenuRun"=dword:00000001

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoRun"=-
"NoClose"=-
"NoFind"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoRun"=-
"NoClose"=-
"NoFind"=-[/code]

zapisz jako plik.reg --> wszystkie pliki --> scal z rejestrem

Sohei
komentarz
komentarz

Wrzuć logi z programów:
[url=http://oldtimer.geekstogo.com/OTL.exe][b][color=blue]OTL[/color][/b][/url]
Ustaw [b]Processes[/b] i [b]Modules[/b] na [b]All[/b] a w [b]Custom Scans/Fixes[/b] wklej:
[quote]netsvcs
msconfig
safebootminimal
safebootnetwork
%systemdrive%\*.*[/quote]

[url=http://images.malwareremoval.com/random/RSIT.exe][b][color=blue]RSIT[/color][/b][/url]
[url=http://www.gmer.net/][b][color=blue]Gmer[/color][/b][/url]
GMER, zakładka Rootkit/Malware, klikasz Szukaj, po skanie Kopiuj lub Zapisz.

Hereinder
komentarz
komentarz (edytowane)

[log]OTL logfile created on: 2010-08-21 21:46:08 - Run 2
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Dom\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 53,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 1920 3840 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,90 Gb Total Space | 10,20 Gb Free Space | 40,97% Space Free | Partition Type: NTFS
Drive D: | 49,62 Gb Total Space | 13,87 Gb Free Space | 27,96% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANITA
Current User Name: Dom
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color="#e56717"]========== Processes (All) ==========[/color]

PRC - [2010-08-20 23:40:13 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dom\Pulpit\OTL.exe
PRC - [2010-08-18 03:58:17 | 000,945,720 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
PRC - [2010-07-25 09:26:06 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-04-12 17:29:29 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-04-01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- D:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010-03-29 18:55:19 | 010,719,848 | ---- | M] (GG Network S.A.) -- C:\Program Files\Nowe Gadu-Gadu\gg.exe
PRC - [2010-02-18 11:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2009-10-07 10:16:50 | 000,472,280 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009-10-07 10:15:42 | 001,461,080 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009-07-27 16:39:44 | 000,077,824 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe
PRC - [2009-04-02 19:05:22 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2009-03-31 10:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2007-03-19 00:05:02 | 000,630,784 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
PRC - [2007-02-11 00:07:32 | 000,241,664 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe
PRC - [2006-02-28 13:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2005-01-28 14:44:28 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
PRC - [2004-08-04 02:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2004-08-04 02:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2004-08-04 02:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2004-08-04 02:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2004-08-04 02:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HTTPFILTER]
PRC - [2004-08-04 02:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-04 02:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2004-08-04 02:44:20 | 000,975,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004-08-04 02:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2004-08-04 02:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2004-08-04 02:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2003-08-28 10:45:38 | 000,024,576 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTHELPER.EXE


[color="#e56717"]========== Modules (All) ==========[/color]

MOD - [2010-08-20 23:40:13 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dom\Pulpit\OTL.exe
MOD - [2010-03-10 14:59:50 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2007-03-19 00:04:22 | 000,069,632 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
MOD - [2007-02-10 23:51:40 | 000,036,864 | ---- | M] (A4Tech Co.,Ltd.) -- C:\WINDOWS\system32\Amhooker.dll
MOD - [2006-09-23 14:13:02 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2004-08-04 02:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2004-08-04 02:44:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2004-08-04 02:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2004-08-04 02:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2004-08-04 02:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2004-08-04 02:44:10 | 012,826,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2004-08-04 02:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2004-08-04 02:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2004-08-04 02:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2004-08-04 02:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2004-08-04 02:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2004-08-04 02:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2004-08-04 02:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2004-08-04 02:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2004-08-04 02:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2004-08-04 02:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2004-08-04 02:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2004-08-04 02:44:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2004-08-04 02:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004-08-04 02:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2004-08-04 02:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2004-08-04 02:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2004-08-04 02:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2004-08-04 02:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2004-08-04 02:42:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2004-08-04 01:42:34 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004-08-04 01:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2003-08-28 10:45:56 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTAGENT.DLL


[color="#e56717"]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010-02-11 17:36:06 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009-10-07 10:21:14 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009-10-07 10:16:50 | 000,472,280 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009-03-31 10:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008-04-07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2005-11-14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


[color="#e56717"]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- F:\NTGLM7X.sys -- (SetupNTGLM7X)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\NTACCESS.sys -- (NTACCESS)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2010-08-20 22:11:38 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-01-22 18:50:07 | 000,033,824 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32)
DRV - [2009-10-07 14:23:36 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009-10-07 14:23:36 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009-10-07 10:18:36 | 000,035,168 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009-10-07 10:12:22 | 000,054,184 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv)
DRV - [2009-10-07 10:11:10 | 000,040,824 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009-03-31 10:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009-03-20 11:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009-03-20 11:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009-03-20 11:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2007-09-17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007-07-11 15:51:48 | 000,019,840 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2007-07-11 10:45:00 | 000,021,632 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2007-07-11 10:40:18 | 000,012,416 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2007-02-10 04:04:52 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Amps2prt.sys -- (Amps2prt)
DRV - [2004-08-04 02:35:04 | 000,701,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004-08-04 00:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2003-09-19 03:47:22 | 000,496,800 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2003-08-28 10:24:36 | 000,145,504 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EMUPIA2K.SYS -- (emupia)
DRV - [2003-08-28 10:24:24 | 000,136,448 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTSFM2K.SYS -- (ctsfm2k)
DRV - [2003-08-28 10:24:08 | 000,006,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTPRXY2K.SYS -- (ctprxy2k)
DRV - [2003-08-28 10:24:04 | 000,113,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2003-08-28 10:22:32 | 000,186,068 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTAC32K.SYS -- (ctac32k)
DRV - [2003-08-28 10:22:20 | 000,135,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HAP16V2K.SYS -- (hap16v2k)
DRV - [2003-08-28 10:22:04 | 000,823,456 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2003-03-05 13:19:28 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PFMODNT.SYS -- (PfModNT)
DRV - [2002-10-04 04:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2001-08-17 22:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)


[color="#e56717"]========== Standard Registry (SafeList) ==========[/color]


[color="#e56717"]========== Internet Explorer ==========[/color]


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url="http://search.localstrike.com.ar/"]http://search.localstrike.com.ar/[/url]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.videoxdvd.com/"]http://www.videoxdvd.com/[/url]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color="#e56717"]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "LocalStrike"
FF - prefs.js..browser.search.defaultthis.engineName: "LocalStrike"
FF - prefs.js..browser.search.defaulturl: "http://search.localstrike.com.ar/?q={searchTerms}"
FF - prefs.js..browser.search.order.1: "LocalStrike"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.pl"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11
FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:4.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: zrzuta.eu@gmail.com:1.2
FF - prefs.js..keyword.URL: "http://search.localstrike.com.ar/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-07-30 13:09:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-08-03 16:50:50 | 000,000,000 | ---D | M]

[2009-01-17 22:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Extensions
[2010-08-21 21:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions
[2010-08-10 15:39:59 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010-08-18 18:48:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2010-08-18 18:49:11 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-05-23 21:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\DTToolbar@toolbarnet.com
[2010-08-18 18:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\extension@virtusdesigns.com
[2010-05-23 21:32:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\firebug@software.joehewitt.com
[2010-04-09 12:39:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\illimitux@illimitux.net
[2010-08-18 18:49:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\staged-xpis
[2010-07-30 13:09:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\zrzuta.eu@gmail.com
[2010-08-18 18:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\staged-xpis\extension@virtusdesigns.com
[2010-01-24 22:40:17 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\searchplugins\daemon-search.xml
[2010-08-21 21:36:25 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-05-01 17:23:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-03-16 13:57:46 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll
[2010-06-25 15:23:16 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-06-25 15:23:16 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-10-05 01:48:30 | 000,023,158 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\localstrike.xml
[2010-06-25 15:23:16 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-06-25 15:23:16 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-06-25 15:23:16 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-06-25 15:23:16 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 19:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Dom\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [Jet Detection] C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe ()
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [RocketDock] C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Documents and Settings\Dom\Menu Start\Programy\Autostart\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Dom\Menu Start\Programy\Autostart\RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 1 = metin2.exe
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-01-17 22:15:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{42420646-f946-11de-ba71-000c76542400}\Shell\AutoRun\command - "" = G:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Action Manager 32.lnk - C:\Program Files\ScannerU\AM32.exe - ()
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color="#e56717"]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010-08-20 23:39:40 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dom\Pulpit\OTL.exe
[2010-08-20 19:53:13 | 000,000,000 | --SD | C] -- C:\ComboFix
[2010-08-20 19:50:53 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010-08-20 19:50:53 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010-08-20 19:50:53 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010-08-20 19:50:53 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010-08-20 19:50:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010-08-20 19:48:58 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010-08-19 00:01:37 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2010-08-19 00:01:37 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2010-08-19 00:01:36 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2010-08-19 00:01:35 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2010-08-19 00:01:34 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2010-08-19 00:01:34 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2010-08-19 00:01:33 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2010-08-19 00:01:32 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2010-08-19 00:01:31 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2010-08-19 00:01:31 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2010-08-19 00:01:31 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2010-08-19 00:01:30 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2010-08-19 00:01:29 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2010-08-19 00:01:28 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2010-08-19 00:01:28 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2010-08-19 00:01:27 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2010-08-19 00:01:26 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2010-08-19 00:01:25 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2010-08-19 00:01:24 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2010-08-19 00:01:24 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2010-08-19 00:01:24 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2010-08-19 00:01:23 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2010-08-19 00:01:22 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2010-08-19 00:01:22 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2010-08-19 00:01:21 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2010-08-19 00:01:20 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2010-08-19 00:01:20 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2010-08-19 00:01:20 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2010-08-19 00:01:19 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2010-08-19 00:01:18 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2010-08-19 00:01:18 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2010-08-19 00:01:17 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2010-08-19 00:01:16 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2010-08-19 00:01:16 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2010-08-19 00:01:16 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2010-08-19 00:01:15 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2010-08-19 00:01:14 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2010-08-19 00:01:14 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2010-08-19 00:01:13 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2010-08-19 00:01:12 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2010-08-19 00:01:12 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2010-08-19 00:01:11 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2010-08-19 00:01:10 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2010-08-19 00:01:10 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2010-08-19 00:01:10 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2010-08-19 00:01:09 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2010-08-19 00:01:08 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2010-08-19 00:01:07 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2010-08-19 00:01:06 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2010-08-19 00:01:06 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2010-08-19 00:01:06 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2010-08-19 00:01:05 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2010-08-19 00:01:04 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2010-08-19 00:01:03 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2010-08-19 00:01:03 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2010-08-19 00:01:02 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2010-08-19 00:01:01 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2010-08-19 00:01:00 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2010-08-19 00:01:00 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2010-08-19 00:00:59 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2010-08-13 14:26:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Pulpit\soldat15
[2010-08-06 08:20:20 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Dom\Pulpit\
[2010-08-02 23:07:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Moje dokumenty\My NPS Files
[2010-08-02 23:03:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Moje dokumenty\My Art
[2009-01-17 23:00:25 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

[color="#e56717"]========== Files - Modified Within 30 Days ==========[/color]

[2010-08-21 21:30:00 | 000,001,124 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-1979792683-839522115-1003UA.job
[2010-08-21 21:12:53 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-08-21 21:12:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-08-21 21:12:48 | 1341,706,240 | -HS- | M] () -- C:\hiberfil.sys
[2010-08-21 09:27:39 | 000,029,004 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-00000002-00001102-00000002-80661102}.rfx
[2010-08-21 09:27:39 | 000,029,004 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-00000002-00001102-00000002-80661102}.rfx
[2010-08-21 09:27:39 | 000,017,456 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000002-00000000-00000002-00001102-00000002-80661102}.rfx
[2010-08-21 09:27:39 | 000,017,456 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000002-00000000-00000002-00001102-00000002-80661102}.rfx
[2010-08-21 09:27:39 | 000,002,064 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2010-08-21 09:27:39 | 000,002,064 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2010-08-21 09:27:39 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000002-00000000-00000002-00001102-00000002-80661102}.dat
[2010-08-21 09:27:39 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000002-00001102-00000002-80661102}.dat
[2010-08-21 09:27:35 | 007,077,888 | -H-- | M] () -- C:\Documents and Settings\Dom\NTUSER.DAT
[2010-08-21 09:27:35 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Dom\ntuser.ini
[2010-08-21 09:27:28 | 003,376,727 | ---- | M] () -- C:\WINDOWS\{00000002-00000000-00000002-00001102-00000002-80661102}.CDF
[2010-08-21 09:27:28 | 003,376,727 | ---- | M] () -- C:\WINDOWS\{00000002-00000000-00000002-00001102-00000002-80661102}.BAK
[2010-08-20 23:40:13 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dom\Pulpit\OTL.exe
[2010-08-20 22:11:38 | 000,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-08-20 15:46:51 | 000,451,696 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-08-20 15:46:51 | 000,395,336 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-08-20 15:46:51 | 000,075,706 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-08-20 15:46:51 | 000,059,576 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-08-20 15:46:50 | 000,993,526 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-08-19 21:57:05 | 000,163,171 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\podanie.pdf
[2010-08-18 22:38:32 | 000,000,737 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\Prawo Jazdy 2010.lnk
[2010-08-18 21:16:47 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-08-18 20:30:06 | 000,001,072 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-1979792683-839522115-1003Core.job
[2010-08-18 01:07:02 | 004,284,440 | -H-- | M] () -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-08-10 14:57:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-08-06 12:12:27 | 003,278,921 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\Volver - Volveremos.mp3
[2010-08-06 12:07:49 | 003,130,964 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\alan basski- zycie jest piękne.mp3
[2010-08-06 12:02:58 | 003,659,264 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\sumptuastic-mali wielcy.mp3
[2010-08-06 11:56:17 | 003,156,459 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\cerekwicka-nie ma nic.mp3
[2010-08-06 11:52:19 | 004,332,564 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\De Mono Kamień i Aksamit.mp3
[2010-08-03 16:50:50 | 000,001,735 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-07-31 10:00:45 | 000,011,059 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\Drodzy Państwo Młodzi.docx
[2010-07-29 08:19:38 | 000,010,744 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\WUJO.docx
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

[color="#e56717"]========== Files Created - No Company Name ==========[/color]

[2010-08-20 19:50:54 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010-08-20 19:50:53 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010-08-20 19:50:53 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010-08-20 19:50:53 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010-08-20 19:50:53 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010-08-20 19:04:25 | 000,053,248 | ---- | C] () -- C:\WINDOWS\loginTool.exe
[2010-08-19 21:57:05 | 000,163,171 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\podanie.pdf
[2010-08-18 22:38:32 | 000,000,737 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Prawo Jazdy 2010.lnk
[2010-08-06 12:09:41 | 003,278,921 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Volver - Volveremos.mp3
[2010-08-06 12:05:11 | 003,130,964 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\alan basski- zycie jest piękne.mp3
[2010-08-06 11:59:53 | 003,659,264 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\sumptuastic-mali wielcy.mp3
[2010-08-06 11:53:28 | 003,156,459 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\cerekwicka-nie ma nic.mp3
[2010-08-06 11:48:41 | 004,332,564 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\De Mono Kamień i Aksamit.mp3
[2010-07-31 10:00:44 | 000,011,059 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Drodzy Państwo Młodzi.docx
[2010-07-29 08:19:37 | 000,010,744 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\WUJO.docx
[2010-07-07 12:35:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Viewer.INI
[2010-05-30 20:09:29 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2010-05-01 18:28:33 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2010-04-22 17:15:33 | 000,000,087 | ---- | C] () -- C:\WINDOWS\System32\tcfg.ini
[2010-02-11 17:46:26 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2010-01-22 18:50:07 | 000,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys
[2009-12-14 20:15:48 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009-12-14 20:15:48 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009-12-14 20:15:35 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Dom\Dane aplikacji\$_hpcst$.hpc
[2009-11-17 17:08:09 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-10-07 14:23:36 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009-10-07 14:23:36 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009-09-16 17:45:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PrestoPM.INI
[2009-09-16 17:31:54 | 000,049,152 | R--- | C] () -- C:\WINDOWS\AutoSet.dll
[2009-09-16 17:25:08 | 000,000,613 | ---- | C] () -- C:\WINDOWS\if40le.ini
[2009-09-16 17:25:07 | 000,000,114 | ---- | C] () -- C:\WINDOWS\SCNDRVU.INI
[2009-09-16 17:24:48 | 000,001,256 | ---- | C] () -- C:\WINDOWS\If42le.ini
[2009-09-16 17:24:47 | 000,000,241 | ---- | C] () -- C:\WINDOWS\PEXPLORE.INI
[2009-09-16 17:24:44 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2009-09-16 17:24:36 | 000,000,403 | ---- | C] () -- C:\WINDOWS\umxaddin.ini
[2009-09-05 12:53:52 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-09-02 19:06:12 | 000,000,161 | ---- | C] () -- C:\WINDOWS\l33td.ini
[2009-08-24 12:23:28 | 000,000,023 | ---- | C] () -- C:\WINDOWS\clofghls.dll
[2009-08-22 14:46:17 | 000,000,020 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2009-05-28 17:14:34 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2009-05-18 17:50:28 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-01-17 23:02:00 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2009-01-17 23:00:39 | 000,035,766 | ---- | C] () -- C:\WINDOWS\System32\Emu10kx.ini
[2009-01-17 23:00:39 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2009-01-17 23:00:31 | 000,005,515 | ---- | C] () -- C:\WINDOWS\System32\ENSDEF.INI
[2009-01-17 23:00:31 | 000,000,192 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2009-01-17 23:00:09 | 000,000,187 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2007-12-21 09:21:56 | 000,035,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\epfwtdir.sys
[2007-10-25 18:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2004-07-17 13:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

[color="#e56717"]========== Custom Scans ==========[/color]


[color="#a23bec"]< %systemdrive%\*.* >[/color]
[2009-01-17 22:15:54 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-03-09 18:44:05 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2001-07-22 02:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2009-01-17 22:15:54 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-08-21 21:12:48 | 1341,706,240 | -HS- | M] () -- C:\hiberfil.sys
[2009-01-17 22:15:54 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009-05-23 18:23:19 | 000,000,000 | R--- | M] () -- C:\logwmemory.bin
[2009-01-17 22:15:54 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-04 00:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004-08-04 00:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr
[2010-08-21 21:12:47 | 2013,265,920 | -HS- | M] () -- C:\pagefile.sys
[2010-03-09 20:12:22 | 000,063,111 | ---- | M] () -- C:\R0309__19_12_18.mp3
[2010-03-09 20:12:51 | 000,230,295 | ---- | M] () -- C:\R0309__19_12_35.mp3
[2010-08-06 12:13:52 | 000,000,000 | ---- | M] () -- C:\Tech_Vista.log
[1 C:\*.tmp files -> C:\*.tmp -> ]

[color="#e56717"]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:671329E4
< End of report >[/log]

Tomek01
komentarz
komentarz

Odinstaluj DAEMON Tools Toolbar.

W OTL, w oknie Custom scan/fixes wklej:
[code]:Processes
Explorer.exe

:OTL
[2010-05-23 21:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\DTToolbar@toolbarnet.com
[2010-01-24 22:40:17 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\searchplugins\daemon-search.xml
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:671329E4

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]

Klikasz run fix, komputer uruchamia się ponownie.


Poniższy plik przeskanuj na virustotal i podaj wyniki.
C:\WINDOWS\loginTool.exe

Wrzucasz log OTL z usuwania oraz nowe logi OTL i RSIT.

Hereinder
komentarz
komentarz

Nie wiem czy z tym skanowaniem chodzi o to ale prosze :
0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name:
loginTool.exe
Submission date:
2010-08-22 18:23:00 (UTC)
Current status:
finished
Result:
0 /42 (0.0%)

[log]gLogfile of random's system information tool 1.08 (written by random/random)
Run by Dom at 2010-08-22 20:33:26
Microsoft Windows XP Professional Dodatek Service Pack 2
System drive C: has 11 GB (41%) free of 26 GB
Total RAM: 1279 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:33:35, on 2010-08-22
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Documents and Settings\Dom\Pulpit\OTL.exe
C:\Documents and Settings\Dom\Pulpit\RSIT.exe
C:\Program Files\trend micro\Dom.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.videoxdvd.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Dom\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Pobierz z &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6467 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-1979792683-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-1979792683-839522115-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}]
IEPluginBHO Class - C:\Documents and Settings\Dom\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll [2009-07-27 42088]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CTHelper"=C:\WINDOWS\system32\CTHELPER.EXE [2003-08-28 24576]
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"Jet Detection"=C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [2001-11-29 28672]
"NPSStartup"= []
"WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2007-02-11 241664]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-10-07 1461080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-02 102400]
"RocketDock"=C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-19 630784]
"Google Update"=C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2010-03-16 135664]
"DAEMON Tools Lite"=D:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Action Manager 32.lnk]
C:\PROGRA~1\ScannerU\AM32.exe [2004-05-21 69632]

C:\Documents and Settings\Dom\Menu Start\Programy\Autostart
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoSMMyDocs"=1
"NoSMHelp"=1
"NoSMMyPictures"=1
"NoStartMenuMyMusic"=1
"DisallowRun"=1
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Dom\Pulpit\utorrent.exe"="C:\Documents and Settings\Dom\Pulpit\utorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Dom\Pulpit\Miusic\utorrent.exe"="C:\Documents and Settings\Dom\Pulpit\Miusic\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-08-22 20:33:27 ----D---- C:\Program Files\trend micro
2010-08-22 20:33:26 ----D---- C:\rsit
2010-08-20 19:50:54 ----A---- C:\WINDOWS\MBR.exe
2010-08-20 19:50:53 ----A---- C:\WINDOWS\PEV.exe
2010-08-20 19:50:39 ----D---- C:\WINDOWS\ERDNT
2010-08-20 19:04:25 ----A---- C:\WINDOWS\loginTool.exe
2010-08-19 00:01:37 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2010-08-19 00:01:37 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2010-08-19 00:01:36 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2010-08-19 00:01:35 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2010-08-19 00:01:34 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2010-08-19 00:01:34 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2010-08-19 00:01:33 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2010-08-19 00:01:32 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2010-08-19 00:01:31 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2010-08-19 00:01:31 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2010-08-19 00:01:31 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2010-08-19 00:01:30 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2010-08-19 00:01:29 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2010-08-19 00:01:28 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2010-08-19 00:01:28 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2010-08-19 00:01:27 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2010-08-19 00:01:26 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2010-08-19 00:01:25 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2010-08-19 00:01:24 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-08-19 00:01:24 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2010-08-19 00:01:24 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2010-08-19 00:01:23 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2010-08-19 00:01:22 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2010-08-19 00:01:22 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2010-08-19 00:01:21 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2010-08-19 00:01:20 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2010-08-19 00:01:20 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2010-08-19 00:01:20 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2010-08-19 00:01:19 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2010-08-19 00:01:18 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2010-08-19 00:01:18 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2010-08-19 00:01:17 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2010-08-19 00:01:16 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-08-19 00:01:16 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-08-19 00:01:16 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2010-08-19 00:01:15 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-08-19 00:01:14 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-08-19 00:01:14 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-08-19 00:01:13 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2010-08-19 00:01:12 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-08-19 00:01:12 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-08-19 00:01:11 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-08-19 00:01:10 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-08-19 00:01:10 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-08-19 00:01:10 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-08-19 00:01:09 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-08-19 00:01:08 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-08-19 00:01:07 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-08-19 00:01:06 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-08-19 00:01:06 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-08-19 00:01:06 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-08-19 00:01:05 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-08-19 00:01:04 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-08-19 00:01:03 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-08-19 00:01:03 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-08-19 00:01:02 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-08-19 00:01:01 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-08-19 00:01:00 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-08-19 00:01:00 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-08-19 00:00:59 ----A---- C:\WINDOWS\system32\d3dx9_35.dll

======List of files/folders modified in the last 1 months======

2010-08-22 20:33:28 ----D---- C:\WINDOWS\Temp
2010-08-22 20:33:27 ----RD---- C:\Program Files
2010-08-22 20:19:50 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-22 20:19:40 ----A---- C:\WINDOWS\{00000002-00000000-00000002-00001102-00000002-80661102}.BAK
2010-08-22 20:19:14 ----D---- C:\WINDOWS
2010-08-22 20:17:52 ----D---- C:\Program Files\DAEMON Tools Toolbar
2010-08-20 23:52:13 ----D---- C:\WINDOWS\security
2010-08-20 23:43:40 ----D---- C:\WINDOWS\system
2010-08-20 23:36:23 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-20 20:11:41 ----SHD---- C:\WINDOWS\Installer
2010-08-20 20:11:28 ----SD---- C:\Documents and Settings\Dom\Dane aplikacji\Microsoft
2010-08-20 15:46:51 ----D---- C:\WINDOWS\system32
2010-08-20 15:46:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-19 00:01:38 ----D---- C:\WINDOWS\system32\DirectX
2010-08-19 00:01:37 ----HD---- C:\WINDOWS\inf
2010-08-18 23:56:03 ----D---- C:\WINDOWS\Logs
2010-08-16 20:43:26 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-13 14:27:46 ----RSD---- C:\WINDOWS\Fonts
2010-08-07 12:42:07 ----HD---- C:\LG3G
2010-08-06 19:14:53 ----D---- C:\Documents and Settings\Dom\Dane aplikacji\Skype
2010-08-06 18:39:21 ----D---- C:\Documents and Settings\Dom\Dane aplikacji\skypePM
2010-08-05 22:17:04 ----D---- C:\Program Files\Nowe Gadu-Gadu
2010-08-03 22:07:39 ----D---- C:\Program Files\Acala 3GP Movies Free
2010-07-31 11:44:02 ----D---- C:\Documents and Settings\Dom\Dane aplikacji\Adobe
2010-07-25 09:26:16 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr magistrali AGP Intel; C:\WINDOWS\system32\DRIVERS\agp440.sys [2004-08-04 42368]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-08-20 691696]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2009-10-07 54184]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-10-07 35168]
R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 40320]
R1 oreans32;oreans32; \??\C:\WINDOWS\system32\drivers\oreans32.sys []
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-10-07 271360]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-10-07 40824]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-10-07 18048]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\drivers\PfModNT.sys []
R3 Amps2prt;A4Tech PS/2 Port Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amps2prt.sys [2007-02-10 14336]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-08-04 701440]
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2003-08-28 186068]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2003-09-19 496800]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2003-08-28 6144]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2003-08-28 136448]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2003-08-28 145504]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2003-08-28 823456]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2003-08-28 113840]
R3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\system32\DRIVERS\R8139n51.SYS [2002-10-04 46976]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
S3 ayinygx0;ayinygx0; C:\WINDOWS\system32\drivers\ayinygx0.sys []
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\System32\drivers\ctdvda2k.sys []
S3 ctljystk;Port gier dla karty Creative SB Live!; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 hap16v2k;Creative P16V HAL Driver; C:\WINDOWS\System32\drivers\hap16v2k.sys [2003-08-28 135696]
S3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-18 9600]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys []
S3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
S3 NTACCESS;NTACCESS; \??\F:\NTACCESS.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\F:\NTGLM7X.sys []
S3 SONYPVU1;Sterownik filtru USB Sony (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2007-07-11 12416]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2007-07-11 19840]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2007-07-11 21632]
S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-10-07 472280]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-05-18 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-10-07 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-11 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]

-----------------EOF-----------------[/log]

[log]OTL logfile created on: 2010-08-22 20:32:36 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Dom\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 58,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 1920 3840 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,90 Gb Total Space | 10,31 Gb Free Space | 41,39% Space Free | Partition Type: NTFS
Drive D: | 49,62 Gb Total Space | 13,87 Gb Free Space | 27,96% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 630,64 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANITA
Current User Name: Dom
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010-08-22 20:31:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dom\Pulpit\OTL.exe
PRC - [2010-07-25 09:26:06 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-02-18 11:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2009-10-07 10:16:50 | 000,472,280 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009-10-07 10:15:42 | 001,461,080 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009-04-02 19:05:22 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2009-03-31 10:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2007-03-19 00:05:02 | 000,630,784 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
PRC - [2007-02-11 00:07:32 | 000,241,664 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe
PRC - [2004-08-04 02:44:20 | 000,975,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003-08-28 10:45:38 | 000,024,576 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTHELPER.EXE


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010-08-22 20:31:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dom\Pulpit\OTL.exe
MOD - [2007-03-19 00:04:22 | 000,069,632 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
MOD - [2007-02-10 23:51:40 | 000,036,864 | ---- | M] (A4Tech Co.,Ltd.) -- C:\WINDOWS\system32\Amhooker.dll
MOD - [2004-08-04 01:42:34 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004-08-04 01:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2003-08-28 10:45:56 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTAGENT.DLL


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010-02-11 17:36:06 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009-10-07 10:21:14 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009-10-07 10:16:50 | 000,472,280 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009-03-31 10:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008-04-07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2005-11-14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- F:\NTGLM7X.sys -- (SetupNTGLM7X)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\NTACCESS.sys -- (NTACCESS)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2010-08-20 22:11:38 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-01-22 18:50:07 | 000,033,824 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32)
DRV - [2009-10-07 14:23:36 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009-10-07 14:23:36 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009-10-07 10:18:36 | 000,035,168 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009-10-07 10:12:22 | 000,054,184 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv)
DRV - [2009-10-07 10:11:10 | 000,040,824 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009-03-31 10:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009-03-20 11:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009-03-20 11:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009-03-20 11:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2007-09-17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007-07-11 15:51:48 | 000,019,840 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2007-07-11 10:45:00 | 000,021,632 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2007-07-11 10:40:18 | 000,012,416 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2007-02-10 04:04:52 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Amps2prt.sys -- (Amps2prt)
DRV - [2004-08-04 02:35:04 | 000,701,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004-08-04 00:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2003-09-19 03:47:22 | 000,496,800 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2003-08-28 10:24:36 | 000,145,504 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EMUPIA2K.SYS -- (emupia)
DRV - [2003-08-28 10:24:24 | 000,136,448 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTSFM2K.SYS -- (ctsfm2k)
DRV - [2003-08-28 10:24:08 | 000,006,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTPRXY2K.SYS -- (ctprxy2k)
DRV - [2003-08-28 10:24:04 | 000,113,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2003-08-28 10:22:32 | 000,186,068 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTAC32K.SYS -- (ctac32k)
DRV - [2003-08-28 10:22:20 | 000,135,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HAP16V2K.SYS -- (hap16v2k)
DRV - [2003-08-28 10:22:04 | 000,823,456 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2003-03-05 13:19:28 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PFMODNT.SYS -- (PfModNT)
DRV - [2002-10-04 04:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2001-08-17 22:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.videoxdvd.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "LocalStrike"
FF - prefs.js..browser.search.defaultthis.engineName: "LocalStrike"
FF - prefs.js..browser.search.defaulturl: "http://search.localstrike.com.ar/?q={searchTerms}"
FF - prefs.js..browser.search.order.1: "LocalStrike"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.pl"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11
FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:4.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: zrzuta.eu@gmail.com:1.2
FF - prefs.js..keyword.URL: "http://search.localstrike.com.ar/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-07-30 13:09:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-08-03 16:50:50 | 000,000,000 | ---D | M]

[2009-01-17 22:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Extensions
[2010-08-22 20:21:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions
[2010-08-10 15:39:59 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010-08-18 18:48:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2010-08-18 18:49:11 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-08-18 18:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\extension@virtusdesigns.com
[2010-05-23 21:32:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\firebug@software.joehewitt.com
[2010-04-09 12:39:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\illimitux@illimitux.net
[2010-08-18 18:49:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\staged-xpis
[2010-07-30 13:09:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\zrzuta.eu@gmail.com
[2010-08-18 18:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\staged-xpis\extension@virtusdesigns.com
[2010-01-24 22:40:17 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\searchplugins\daemon-search.xml
[2010-08-21 21:36:25 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-05-01 17:23:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-03-16 13:57:46 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll
[2010-06-25 15:23:16 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-06-25 15:23:16 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-10-05 01:48:30 | 000,023,158 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\localstrike.xml
[2010-06-25 15:23:16 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-06-25 15:23:16 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-06-25 15:23:16 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-06-25 15:23:16 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 19:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Dom\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [Jet Detection] C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe ()
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [RocketDock] C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Documents and Settings\Dom\Menu Start\Programy\Autostart\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Dom\Menu Start\Programy\Autostart\RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 1 = metin2.exe
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-01-17 22:15:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004-08-18 10:55:50 | 000,000,000 | R--D | M] - G:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2004-08-18 10:37:22 | 000,663,552 | R--- | M] (Electronic Arts Inc.) - G:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2004-08-18 10:54:43 | 000,000,083 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2004-08-18 10:33:44 | 000,598,016 | R--- | M] (Electronic Arts Inc.) - G:\AutoRunGUI.dll -- [ CDFS ]
O33 - MountPoints2\{02532cde-0929-11df-babc-000c76542400}\Shell - "" = AutoRun
O33 - MountPoints2\{02532cde-0929-11df-babc-000c76542400}\Shell\AutoRun\command - "" = G:\setup.exe -- [2004-08-18 10:33:45 | 000,110,592 | R--- | M] (Electronic Arts Inc.)
O33 - MountPoints2\{42420646-f946-11de-ba71-000c76542400}\Shell\AutoRun\command - "" = G:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010-08-22 20:33:27 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010-08-22 20:30:36 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dom\Pulpit\OTL.exe
[2010-08-20 19:50:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010-08-19 00:01:37 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2010-08-19 00:01:37 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2010-08-19 00:01:36 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2010-08-19 00:01:35 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2010-08-19 00:01:34 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2010-08-19 00:01:34 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2010-08-19 00:01:33 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2010-08-19 00:01:32 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2010-08-19 00:01:31 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2010-08-19 00:01:31 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2010-08-19 00:01:31 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2010-08-19 00:01:30 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2010-08-19 00:01:29 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2010-08-19 00:01:28 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2010-08-19 00:01:28 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2010-08-19 00:01:27 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2010-08-19 00:01:26 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2010-08-19 00:01:25 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2010-08-19 00:01:24 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2010-08-19 00:01:24 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2010-08-19 00:01:24 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2010-08-19 00:01:23 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2010-08-19 00:01:22 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2010-08-19 00:01:22 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2010-08-19 00:01:21 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2010-08-19 00:01:20 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2010-08-19 00:01:20 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2010-08-19 00:01:20 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2010-08-19 00:01:19 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2010-08-19 00:01:18 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2010-08-19 00:01:18 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2010-08-19 00:01:17 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2010-08-19 00:01:16 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2010-08-19 00:01:16 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2010-08-19 00:01:16 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2010-08-19 00:01:15 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2010-08-19 00:01:14 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2010-08-19 00:01:14 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2010-08-19 00:01:13 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2010-08-19 00:01:12 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2010-08-19 00:01:12 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2010-08-19 00:01:11 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2010-08-19 00:01:10 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2010-08-19 00:01:10 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2010-08-19 00:01:10 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2010-08-19 00:01:09 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2010-08-19 00:01:08 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2010-08-19 00:01:07 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2010-08-19 00:01:06 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2010-08-19 00:01:06 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2010-08-19 00:01:06 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2010-08-19 00:01:05 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2010-08-19 00:01:04 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2010-08-19 00:01:03 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2010-08-19 00:01:03 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2010-08-19 00:01:02 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2010-08-19 00:01:01 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2010-08-19 00:01:00 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2010-08-19 00:01:00 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2010-08-19 00:00:59 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2010-08-13 14:26:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Pulpit\soldat15
[2010-08-06 08:20:20 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Dom\Pulpit\
[2010-08-02 23:07:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Moje dokumenty\My NPS Files
[2010-08-02 23:03:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Moje dokumenty\My Art
[2009-01-17 23:00:25 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010-08-22 20:32:59 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\RSIT.exe
[2010-08-22 20:31:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dom\Pulpit\OTL.exe
[2010-08-22 20:30:01 | 000,001,124 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-1979792683-839522115-1003UA.job
[2010-08-22 20:30:01 | 000,001,072 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-1979792683-839522115-1003Core.job
[2010-08-22 20:20:55 | 000,046,096 | ---- | M] () -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-08-22 20:20:49 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-08-22 20:20:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-08-22 20:20:45 | 1341,706,240 | -HS- | M] () -- C:\hiberfil.sys
[2010-08-22 20:20:45 | 000,198,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-08-22 20:19:51 | 000,029,004 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-00000002-00001102-00000002-80661102}.rfx
[2010-08-22 20:19:51 | 000,029,004 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-00000002-00001102-00000002-80661102}.rfx
[2010-08-22 20:19:51 | 000,017,456 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000002-00000000-00000002-00001102-00000002-80661102}.rfx
[2010-08-22 20:19:51 | 000,017,456 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000002-00000000-00000002-00001102-00000002-80661102}.rfx
[2010-08-22 20:19:51 | 000,002,064 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2010-08-22 20:19:51 | 000,002,064 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2010-08-22 20:19:51 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000002-00000000-00000002-00001102-00000002-80661102}.dat
[2010-08-22 20:19:51 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000002-00001102-00000002-80661102}.dat
[2010-08-22 20:19:48 | 007,077,888 | -H-- | M] () -- C:\Documents and Settings\Dom\NTUSER.DAT
[2010-08-22 20:19:48 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Dom\ntuser.ini
[2010-08-22 20:19:40 | 003,376,727 | ---- | M] () -- C:\WINDOWS\{00000002-00000000-00000002-00001102-00000002-80661102}.CDF
[2010-08-22 20:19:40 | 003,376,727 | ---- | M] () -- C:\WINDOWS\{00000002-00000000-00000002-00001102-00000002-80661102}.BAK
[2010-08-20 22:11:38 | 000,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-08-20 15:46:51 | 000,451,696 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-08-20 15:46:51 | 000,395,336 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-08-20 15:46:51 | 000,075,706 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-08-20 15:46:51 | 000,059,576 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-08-20 15:46:50 | 000,993,526 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-08-19 21:57:05 | 000,163,171 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\podanie.pdf
[2010-08-18 22:38:32 | 000,000,737 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\Prawo Jazdy 2010.lnk
[2010-08-18 21:16:47 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-08-18 01:07:02 | 004,284,440 | -H-- | M] () -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-08-10 14:57:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-08-06 12:12:27 | 003,278,921 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\Volver - Volveremos.mp3
[2010-08-06 12:07:49 | 003,130,964 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\alan basski- zycie jest piękne.mp3
[2010-08-06 12:02:58 | 003,659,264 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\sumptuastic-mali wielcy.mp3
[2010-08-06 11:56:17 | 003,156,459 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\cerekwicka-nie ma nic.mp3
[2010-08-06 11:52:19 | 004,332,564 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\De Mono Kamień i Aksamit.mp3
[2010-08-03 16:50:50 | 000,001,735 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-07-31 10:00:45 | 000,011,059 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\Drodzy Państwo Młodzi.docx
[2010-07-29 08:19:38 | 000,010,744 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\WUJO.docx
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-08-22 20:32:50 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\RSIT.exe
[2010-08-20 19:50:54 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010-08-20 19:50:53 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010-08-20 19:04:25 | 000,053,248 | ---- | C] () -- C:\WINDOWS\loginTool.exe
[2010-08-19 21:57:05 | 000,163,171 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\podanie.pdf
[2010-08-18 22:38:32 | 000,000,737 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Prawo Jazdy 2010.lnk
[2010-08-06 12:09:41 | 003,278,921 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Volver - Volveremos.mp3
[2010-08-06 12:05:11 | 003,130,964 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\alan basski- zycie jest piękne.mp3
[2010-08-06 11:59:53 | 003,659,264 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\sumptuastic-mali wielcy.mp3
[2010-08-06 11:53:28 | 003,156,459 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\cerekwicka-nie ma nic.mp3
[2010-08-06 11:48:41 | 004,332,564 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\De Mono Kamień i Aksamit.mp3
[2010-07-31 10:00:44 | 000,011,059 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Drodzy Państwo Młodzi.docx
[2010-07-29 08:19:37 | 000,010,744 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\WUJO.docx
[2010-07-07 12:35:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Viewer.INI
[2010-05-30 20:09:29 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2010-05-01 18:28:33 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2010-04-22 17:15:33 | 000,000,087 | ---- | C] () -- C:\WINDOWS\System32\tcfg.ini
[2010-02-11 17:46:26 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2010-01-22 18:50:07 | 000,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys
[2009-12-14 20:15:48 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009-12-14 20:15:48 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009-12-14 20:15:35 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Dom\Dane aplikacji\$_hpcst$.hpc
[2009-11-17 17:08:09 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-10-07 14:23:36 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009-10-07 14:23:36 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009-09-16 17:45:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PrestoPM.INI
[2009-09-16 17:31:54 | 000,049,152 | R--- | C] () -- C:\WINDOWS\AutoSet.dll
[2009-09-16 17:25:08 | 000,000,613 | ---- | C] () -- C:\WINDOWS\if40le.ini
[2009-09-16 17:25:07 | 000,000,114 | ---- | C] () -- C:\WINDOWS\SCNDRVU.INI
[2009-09-16 17:24:48 | 000,001,256 | ---- | C] () -- C:\WINDOWS\If42le.ini
[2009-09-16 17:24:47 | 000,000,241 | ---- | C] () -- C:\WINDOWS\PEXPLORE.INI
[2009-09-16 17:24:44 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2009-09-16 17:24:36 | 000,000,403 | ---- | C] () -- C:\WINDOWS\umxaddin.ini
[2009-09-05 12:53:52 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-09-02 19:06:12 | 000,000,161 | ---- | C] () -- C:\WINDOWS\l33td.ini
[2009-08-24 12:23:28 | 000,000,023 | ---- | C] () -- C:\WINDOWS\clofghls.dll
[2009-08-22 14:46:17 | 000,000,020 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2009-05-28 17:14:34 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2009-05-18 17:50:28 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-01-17 23:02:00 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2009-01-17 23:00:39 | 000,035,766 | ---- | C] () -- C:\WINDOWS\System32\Emu10kx.ini
[2009-01-17 23:00:39 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2009-01-17 23:00:31 | 000,005,515 | ---- | C] () -- C:\WINDOWS\System32\ENSDEF.INI
[2009-01-17 23:00:31 | 000,000,192 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2009-01-17 23:00:09 | 000,000,187 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2007-12-21 09:21:56 | 000,035,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\epfwtdir.sys
[2007-10-25 18:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2004-07-17 13:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:671329E4
< End of report >
[/log]

Tomek01
komentarz
komentarz

W OTL, w oknie Custom scan/fixes wklej:
[code]:Processes
Explorer.exe

:OTL
[2010-01-24 22:40:17 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\searchplugins\daemon-search.xml
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:671329E4

:Files
C:\WINDOWS\clofghls.dll
C:\Program Files\DAEMON Tools Toolbar

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]

Klikasz run fix, komputer uruchamia się ponownie.


Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i wyniki podaj na forum.

Wrzuć log OTL z usuwania oraz nowy log OTL, ale z 3 miesięcy.

Hereinder
komentarz
komentarz

[log]OTL logfile created on: 2010-08-23 22:02:08 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Dom\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 68,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): C:\pagefile.sys 1920 3840 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,90 Gb Total Space | 10,18 Gb Free Space | 40,89% Space Free | Partition Type: NTFS
Drive D: | 49,62 Gb Total Space | 13,86 Gb Free Space | 27,94% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 630,64 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANITA
Current User Name: Dom
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 90 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010-08-23 22:01:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dom\Pulpit\OTL.exe
PRC - [2010-04-01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- D:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009-10-07 10:16:50 | 000,472,280 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009-10-07 10:15:42 | 001,461,080 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009-04-02 19:05:22 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2009-03-31 10:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2007-03-19 00:05:02 | 000,630,784 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
PRC - [2007-02-11 00:07:32 | 000,241,664 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe
PRC - [2004-08-04 02:44:20 | 000,975,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003-08-28 10:45:38 | 000,024,576 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTHELPER.EXE


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010-08-23 22:01:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dom\Pulpit\OTL.exe
MOD - [2007-03-19 00:04:22 | 000,069,632 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
MOD - [2007-02-10 23:51:40 | 000,036,864 | ---- | M] (A4Tech Co.,Ltd.) -- C:\WINDOWS\system32\Amhooker.dll
MOD - [2004-08-04 02:43:30 | 003,344,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2004-08-04 01:42:34 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004-08-04 01:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2003-08-28 10:45:56 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTAGENT.DLL


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010-02-11 17:36:06 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009-10-07 10:21:14 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009-10-07 10:16:50 | 000,472,280 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009-03-31 10:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008-04-07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2005-11-14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- F:\NTGLM7X.sys -- (SetupNTGLM7X)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\NTACCESS.sys -- (NTACCESS)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2010-08-20 22:11:38 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-01-22 18:50:07 | 000,033,824 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32)
DRV - [2009-10-07 14:23:36 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009-10-07 14:23:36 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009-10-07 10:18:36 | 000,035,168 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009-10-07 10:12:22 | 000,054,184 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv)
DRV - [2009-10-07 10:11:10 | 000,040,824 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009-03-31 10:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009-03-20 11:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009-03-20 11:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009-03-20 11:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2007-09-17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007-07-11 15:51:48 | 000,019,840 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2007-07-11 10:45:00 | 000,021,632 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2007-07-11 10:40:18 | 000,012,416 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2007-02-10 04:04:52 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Amps2prt.sys -- (Amps2prt)
DRV - [2004-08-04 02:35:04 | 000,701,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004-08-04 00:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2003-09-19 03:47:22 | 000,496,800 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2003-08-28 10:24:36 | 000,145,504 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EMUPIA2K.SYS -- (emupia)
DRV - [2003-08-28 10:24:24 | 000,136,448 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTSFM2K.SYS -- (ctsfm2k)
DRV - [2003-08-28 10:24:08 | 000,006,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTPRXY2K.SYS -- (ctprxy2k)
DRV - [2003-08-28 10:24:04 | 000,113,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2003-08-28 10:22:32 | 000,186,068 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTAC32K.SYS -- (ctac32k)
DRV - [2003-08-28 10:22:20 | 000,135,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HAP16V2K.SYS -- (hap16v2k)
DRV - [2003-08-28 10:22:04 | 000,823,456 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2003-03-05 13:19:28 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PFMODNT.SYS -- (PfModNT)
DRV - [2002-10-04 04:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2001-08-17 22:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.com.ar/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.videoxdvd.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "LocalStrike"
FF - prefs.js..browser.search.defaultthis.engineName: "LocalStrike"
FF - prefs.js..browser.search.defaulturl: "http://search.localstrike.com.ar/?q={searchTerms}"
FF - prefs.js..browser.search.order.1: "LocalStrike"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.pl"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11
FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:4.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: zrzuta.eu@gmail.com:1.2
FF - prefs.js..keyword.URL: "http://search.localstrike.com.ar/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-07-30 13:09:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-08-03 16:50:50 | 000,000,000 | ---D | M]

[2009-01-17 22:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Extensions
[2010-08-22 21:41:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions
[2010-08-10 15:39:59 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010-08-18 18:48:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2010-08-18 18:49:11 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-08-18 18:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\extension@virtusdesigns.com
[2010-05-23 21:32:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\firebug@software.joehewitt.com
[2010-04-09 12:39:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\illimitux@illimitux.net
[2010-08-18 18:49:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\staged-xpis
[2010-07-30 13:09:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\zrzuta.eu@gmail.com
[2010-08-18 18:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\extensions\staged-xpis\extension@virtusdesigns.com
[2010-01-24 22:40:17 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\Dom\Dane aplikacji\Mozilla\Firefox\Profiles\v603563i.default\searchplugins\daemon-search.xml
[2010-08-22 21:41:25 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-05-01 17:23:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-03-16 13:57:46 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll
[2010-06-25 15:23:16 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-06-25 15:23:16 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-10-05 01:48:30 | 000,023,158 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\localstrike.xml
[2010-06-25 15:23:16 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-06-25 15:23:16 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-06-25 15:23:16 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-06-25 15:23:16 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 19:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Dom\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [Jet Detection] C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe ()
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [RocketDock] C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Documents and Settings\Dom\Menu Start\Programy\Autostart\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Dom\Menu Start\Programy\Autostart\RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 1 = metin2.exe
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-01-17 22:15:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004-08-18 10:55:50 | 000,000,000 | R--D | M] - G:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2004-08-18 10:37:22 | 000,663,552 | R--- | M] (Electronic Arts Inc.) - G:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2004-08-18 10:54:43 | 000,000,083 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2004-08-18 10:33:44 | 000,598,016 | R--- | M] (Electronic Arts Inc.) - G:\AutoRunGUI.dll -- [ CDFS ]
O33 - MountPoints2\{02532cde-0929-11df-babc-000c76542400}\Shell - "" = AutoRun
O33 - MountPoints2\{02532cde-0929-11df-babc-000c76542400}\Shell\AutoRun\command - "" = G:\setup.exe -- [2004-08-18 10:33:45 | 000,110,592 | R--- | M] (Electronic Arts Inc.)
O33 - MountPoints2\{42420646-f946-11de-ba71-000c76542400}\Shell\AutoRun\command - "" = G:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color]

[2010-08-23 22:01:21 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dom\Pulpit\OTL.exe
[2010-08-23 20:11:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\DoctorWeb
[2010-08-23 19:14:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Dane aplikacji\Malwarebytes
[2010-08-23 19:14:50 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-08-23 19:14:48 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-08-23 19:14:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2010-08-22 20:33:27 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010-08-20 19:50:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010-08-19 00:01:37 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2010-08-19 00:01:37 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2010-08-19 00:01:36 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2010-08-19 00:01:35 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2010-08-19 00:01:34 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2010-08-19 00:01:34 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2010-08-19 00:01:33 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2010-08-19 00:01:32 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2010-08-19 00:01:31 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2010-08-19 00:01:31 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2010-08-19 00:01:31 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2010-08-19 00:01:30 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2010-08-19 00:01:29 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2010-08-19 00:01:28 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2010-08-19 00:01:28 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2010-08-19 00:01:27 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2010-08-19 00:01:26 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2010-08-19 00:01:25 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2010-08-19 00:01:24 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2010-08-19 00:01:24 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2010-08-19 00:01:24 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2010-08-19 00:01:23 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2010-08-19 00:01:22 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2010-08-19 00:01:22 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2010-08-19 00:01:21 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2010-08-19 00:01:20 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2010-08-19 00:01:20 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2010-08-19 00:01:20 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2010-08-19 00:01:19 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2010-08-19 00:01:18 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2010-08-19 00:01:18 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2010-08-19 00:01:17 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2010-08-19 00:01:16 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2010-08-19 00:01:16 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2010-08-19 00:01:16 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2010-08-19 00:01:15 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2010-08-19 00:01:14 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2010-08-19 00:01:14 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2010-08-19 00:01:13 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2010-08-19 00:01:12 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2010-08-19 00:01:12 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2010-08-19 00:01:11 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2010-08-19 00:01:10 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2010-08-19 00:01:10 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2010-08-19 00:01:10 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2010-08-19 00:01:09 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2010-08-19 00:01:08 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2010-08-19 00:01:07 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2010-08-19 00:01:06 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2010-08-19 00:01:06 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2010-08-19 00:01:06 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2010-08-19 00:01:05 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2010-08-19 00:01:04 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2010-08-19 00:01:03 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2010-08-19 00:01:03 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2010-08-19 00:01:02 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2010-08-19 00:01:01 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2010-08-19 00:01:00 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2010-08-19 00:01:00 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2010-08-19 00:00:59 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2010-08-13 14:26:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Pulpit\soldat15
[2010-08-06 08:20:20 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Dom\Pulpit\
[2010-08-02 23:07:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Moje dokumenty\My NPS Files
[2010-08-02 23:03:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Moje dokumenty\My Art
[2010-07-22 12:20:27 | 000,000,000 | ---D | C] -- C:\Program Files\GameSpy Arcade
[2010-07-20 15:58:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010-07-02 22:49:36 | 000,000,000 | ---D | C] -- C:\Acala3gpMovies
[2010-07-02 22:46:06 | 000,000,000 | ---D | C] -- C:\Program Files\Acala 3GP Movies Free
[2010-06-01 15:21:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dom\Pulpit\tasker
[2010-05-26 13:09:36 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Dom\Recent
[2009-01-17 23:00:25 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 90 Days ==========[/color]

[2010-08-23 22:01:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dom\Pulpit\OTL.exe
[2010-08-23 21:59:25 | 000,046,096 | ---- | M] () -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-08-23 21:59:19 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-08-23 21:59:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-08-23 21:59:14 | 1341,706,240 | -HS- | M] () -- C:\hiberfil.sys
[2010-08-23 21:59:14 | 000,198,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-08-23 21:58:20 | 007,077,888 | -H-- | M] () -- C:\Documents and Settings\Dom\NTUSER.DAT
[2010-08-23 21:58:19 | 000,029,004 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-00000002-00001102-00000002-80661102}.rfx
[2010-08-23 21:58:19 | 000,029,004 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-00000002-00001102-00000002-80661102}.rfx
[2010-08-23 21:58:19 | 000,017,456 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000002-00000000-00000002-00001102-00000002-80661102}.rfx
[2010-08-23 21:58:19 | 000,017,456 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000002-00000000-00000002-00001102-00000002-80661102}.rfx
[2010-08-23 21:58:19 | 000,002,064 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2010-08-23 21:58:19 | 000,002,064 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2010-08-23 21:58:19 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000002-00000000-00000002-00001102-00000002-80661102}.dat
[2010-08-23 21:58:19 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000002-00001102-00000002-80661102}.dat
[2010-08-23 21:58:14 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Dom\ntuser.ini
[2010-08-23 21:57:55 | 003,376,727 | ---- | M] () -- C:\WINDOWS\{00000002-00000000-00000002-00001102-00000002-80661102}.CDF
[2010-08-23 21:57:54 | 003,376,727 | ---- | M] () -- C:\WINDOWS\{00000002-00000000-00000002-00001102-00000002-80661102}.BAK
[2010-08-23 21:30:05 | 000,001,124 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-1979792683-839522115-1003UA.job
[2010-08-23 20:30:02 | 000,001,072 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-1979792683-839522115-1003Core.job
[2010-08-23 19:31:13 | 000,004,741 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\Obraz.GIF
[2010-08-23 19:30:03 | 000,005,733 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\Obraz.jpg
[2010-08-23 19:14:53 | 000,000,569 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-08-23 19:13:31 | 048,631,008 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\launch.exe
[2010-08-23 13:00:53 | 002,109,540 | -H-- | M] () -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-08-23 12:49:34 | 000,000,562 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\Icy Tower.lnk
[2010-08-20 22:11:38 | 000,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-08-20 15:46:51 | 000,451,696 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-08-20 15:46:51 | 000,395,336 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-08-20 15:46:51 | 000,075,706 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-08-20 15:46:51 | 000,059,576 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-08-20 15:46:50 | 000,993,526 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-08-19 21:57:05 | 000,163,171 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\podanie.pdf
[2010-08-18 22:38:32 | 000,000,737 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\Prawo Jazdy 2010.lnk
[2010-08-18 21:16:47 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-08-10 14:57:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-08-06 12:12:27 | 003,278,921 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\Volver - Volveremos.mp3
[2010-08-06 12:07:49 | 003,130,964 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\alan basski- zycie jest piękne.mp3
[2010-08-06 12:02:58 | 003,659,264 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\sumptuastic-mali wielcy.mp3
[2010-08-06 11:56:17 | 003,156,459 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\cerekwicka-nie ma nic.mp3
[2010-08-06 11:52:19 | 004,332,564 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\De Mono Kamień i Aksamit.mp3
[2010-08-03 16:50:50 | 000,001,735 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-07-31 10:00:45 | 000,011,059 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\Drodzy Państwo Młodzi.docx
[2010-07-29 08:19:38 | 000,010,744 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\WUJO.docx
[2010-07-07 12:35:32 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Viewer.INI
[2010-07-04 20:33:43 | 000,000,847 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\The Sims 2.lnk
[2010-07-02 22:59:16 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-06-24 14:01:13 | 000,000,619 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\Testy B.lnk
[2010-06-13 22:05:24 | 000,000,943 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-06-10 12:25:07 | 000,103,679 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\odwołanie.jpg
[2010-06-09 16:56:01 | 000,043,520 | ---- | M] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2010-06-02 04:55:30 | 000,527,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2010-06-02 04:55:30 | 000,239,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2010-06-02 04:55:30 | 000,074,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2010-06-01 15:21:30 | 000,000,515 | ---- | M] () -- C:\Documents and Settings\Dom\Pulpit\Tasker.lnk
[2010-05-26 11:41:02 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2010-05-26 11:41:02 | 001,998,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2010-05-26 11:41:02 | 001,868,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2010-05-26 11:41:02 | 000,470,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2010-05-26 11:41:02 | 000,248,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-08-23 19:30:45 | 000,005,733 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Obraz.jpg
[2010-08-23 19:30:45 | 000,004,741 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Obraz.GIF
[2010-08-23 19:14:53 | 000,000,569 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-08-23 19:09:32 | 048,631,008 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\launch.exe
[2010-08-23 18:48:23 | 001,694,208 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\FRANXBOT_pubEnglish.fla
[2010-08-23 18:48:23 | 000,076,288 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\codeInText.doc
[2010-08-23 12:49:34 | 000,000,562 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Icy Tower.lnk
[2010-08-20 19:50:54 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010-08-20 19:50:53 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010-08-20 19:04:25 | 000,053,248 | ---- | C] () -- C:\WINDOWS\loginTool.exe
[2010-08-19 21:57:05 | 000,163,171 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\podanie.pdf
[2010-08-18 22:38:32 | 000,000,737 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Prawo Jazdy 2010.lnk
[2010-08-06 12:09:41 | 003,278,921 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Volver - Volveremos.mp3
[2010-08-06 12:05:11 | 003,130,964 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\alan basski- zycie jest piękne.mp3
[2010-08-06 11:59:53 | 003,659,264 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\sumptuastic-mali wielcy.mp3
[2010-08-06 11:53:28 | 003,156,459 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\cerekwicka-nie ma nic.mp3
[2010-08-06 11:48:41 | 004,332,564 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\De Mono Kamień i Aksamit.mp3
[2010-07-31 10:00:44 | 000,011,059 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Drodzy Państwo Młodzi.docx
[2010-07-29 08:19:37 | 000,010,744 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\WUJO.docx
[2010-07-07 12:35:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Viewer.INI
[2010-07-04 20:33:43 | 000,000,847 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\The Sims 2.lnk
[2010-06-24 14:01:13 | 000,000,619 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Testy B.lnk
[2010-06-10 12:25:06 | 000,103,679 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\odwołanie.jpg
[2010-06-01 15:21:30 | 000,000,515 | ---- | C] () -- C:\Documents and Settings\Dom\Pulpit\Tasker.lnk
[2010-05-30 20:09:29 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2010-05-26 16:21:04 | 003,376,727 | ---- | C] () -- C:\WINDOWS\{00000002-00000000-00000002-00001102-00000002-80661102}.BAK
[2010-05-01 18:28:33 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2010-04-22 17:15:33 | 000,000,087 | ---- | C] () -- C:\WINDOWS\System32\tcfg.ini
[2010-02-11 17:46:26 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2010-01-22 18:50:07 | 000,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys
[2009-12-14 20:15:48 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009-12-14 20:15:48 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009-12-14 20:15:35 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Dom\Dane aplikacji\$_hpcst$.hpc
[2009-11-17 17:08:09 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-10-07 14:23:36 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009-10-07 14:23:36 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009-09-16 17:45:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PrestoPM.INI
[2009-09-16 17:31:54 | 000,049,152 | R--- | C] () -- C:\WINDOWS\AutoSet.dll
[2009-09-16 17:25:08 | 000,000,613 | ---- | C] () -- C:\WINDOWS\if40le.ini
[2009-09-16 17:25:07 | 000,000,114 | ---- | C] () -- C:\WINDOWS\SCNDRVU.INI
[2009-09-16 17:24:48 | 000,001,256 | ---- | C] () -- C:\WINDOWS\If42le.ini
[2009-09-16 17:24:47 | 000,000,241 | ---- | C] () -- C:\WINDOWS\PEXPLORE.INI
[2009-09-16 17:24:44 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2009-09-16 17:24:36 | 000,000,403 | ---- | C] () -- C:\WINDOWS\umxaddin.ini
[2009-09-05 12:53:52 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-09-02 19:06:12 | 000,000,161 | ---- | C] () -- C:\WINDOWS\l33td.ini
[2009-08-24 12:23:28 | 000,000,023 | ---- | C] () -- C:\WINDOWS\clofghls.dll
[2009-08-22 14:46:17 | 000,000,020 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2009-05-28 17:14:34 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2009-05-18 17:50:28 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-01-17 23:02:00 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2009-01-17 23:00:39 | 000,035,766 | ---- | C] () -- C:\WINDOWS\System32\Emu10kx.ini
[2009-01-17 23:00:39 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2009-01-17 23:00:31 | 000,005,515 | ---- | C] () -- C:\WINDOWS\System32\ENSDEF.INI
[2009-01-17 23:00:31 | 000,000,192 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2009-01-17 23:00:09 | 000,000,187 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2007-12-21 09:21:56 | 000,035,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\epfwtdir.sys
[2007-10-25 18:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2004-07-17 13:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:671329E4
< End of report >[/log] <- OTL

[log]Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Wersja bazy: 4466

Windows 5.1.2600 Dodatek Service Pack 2
Internet Explorer 8.0.6001.18702

2010-08-23 20:09:58
mbam-log-2010-08-23 (20-09-58).txt

Typ skanowania: Pełne skanowanie (C:\|D:\|)
Przeskanowano obiektów: 229473
Upłynęło: 50 minut(y), 25 sekund(y)

Zainfekowanych procesów w pamięci: 0
Zainfekowanych modułów w pamięci: 0
Zainfekowanych kluczy rejestru: 0
Zainfekowanych wartości rejestru: 0
Zainfekowane informacje rejestru systemowego: 4
Zainfekowanych folderów: 0
Zainfekowanych plików: 1

Zainfekowanych procesów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych modułów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych kluczy rejestru:
(Nie znaleziono zagrożeń)

Zainfekowanych wartości rejestru:
(Nie znaleziono zagrożeń)

Zainfekowane informacje rejestru systemowego:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> No action taken.

Zainfekowanych folderów:
(Nie znaleziono zagrożeń)

Zainfekowanych plików:
C:\WINDOWS\system\smss.txt (Heuristics.Reserved.Word.Exploit) -> No action taken.[/log] <--Malwarebytes' Anti-Malware

Skanu z DrWebCureIt nie moge podac bo to bedzie trwac okolo 4h a przez ten czas nie mozna nic robic wiec nie chce mi sie zostawic na tyle komputera a na noc nie moge . A loga z usuwania nie podam poniewaz nie wiem jak to zrobic .Gdy gdy komputer mi sie zresetuje nie mam juz OTLa i musze go od nowa zainstalowac i nie zostawia po sobie zadnego sladu

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.