x-kom hosting

Zamulający komputer

Kamashi
utworzono
utworzono (edytowane)

Witam. Proszę o sprawdzenie loga.
Komputer zamula od jakiegoś czasu. W grach też mało FPS.
[log]OTL logfile created on: 2010-08-27 10:25:58 - Run 2
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\CS\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

511,00 Mb Total Physical Memory | 215,00 Mb Available Physical Memory | 42,00% Memory free
880,00 Mb Paging File | 494,00 Mb Available in Paging File | 56,00% Paging File free
Paging file location(s): C:\pagefile.sys 400 512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 1,91 Gb Free Space | 6,54% Space Free | Partition Type: NTFS
Drive D: | 45,26 Gb Total Space | 27,15 Gb Free Space | 59,99% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: AFFFF-115AA4F8B
Current User Name: CS
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-08-27 10:24:09 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\CS\Pulpit\OTL.exe
PRC - [2010-08-23 21:03:57 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-05-31 13:33:48 | 000,314,584 | R--- | M] (cFos Software GmbH) -- C:\Program Files\cFosSpeed\spd.exe
PRC - [2010-05-31 13:33:42 | 000,801,496 | R--- | M] (cFos Software GmbH) -- C:\Program Files\cFosSpeed\cfosspeed.exe
PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2009-11-20 20:01:18 | 000,832,296 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
PRC - [2009-04-23 01:56:58 | 054,865,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SoftwareDistribution\Download\Install\dotnetfx35_x86.exe
PRC - [2009-02-09 12:10:45 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2009-02-06 18:39:29 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2008-07-30 00:26:12 | 002,959,376 | ---- | M] (Microsoft Corporation) -- d:\db5606dfcdda6fa8ce6a5179\dotnetfx35setup.exe
PRC - [2008-07-29 18:47:34 | 000,269,304 | ---- | M] (Microsoft Corporation) -- d:\62259168cf8541c76934ee\setup.exe
PRC - [2008-07-25 11:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
PRC - [2008-06-09 11:37:44 | 000,053,392 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2008-03-26 18:34:44 | 000,479,412 | ---- | M] (TP-LINK TECHNOLOGIES CO., LTD.) -- C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\TWCU.exe
PRC - [2007-12-05 04:53:58 | 000,495,616 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2007-07-11 15:57:42 | 000,880,640 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
PRC - [2007-06-27 19:04:00 | 001,213,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007-06-27 19:04:00 | 000,279,848 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2007-06-27 19:03:40 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2007-06-13 08:16:02 | 000,528,384 | R--- | M] () -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
PRC - [2007-03-16 03:23:20 | 000,983,040 | R--- | M] (Teleca AB) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe
PRC - [2007-02-12 11:03:08 | 000,364,629 | ---- | M] (Atheros) -- C:\WINDOWS\system32\acs.exe
PRC - [2006-12-15 11:15:40 | 000,189,692 | RHS- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcasvc.exe
PRC - [2006-10-27 01:47:42 | 000,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2006-03-03 22:03:10 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2005-05-03 13:58:36 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msiexec.exe
PRC - [2004-08-11 01:45:04 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
PRC - [2004-08-04 01:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2004-08-04 01:44:30 | 000,196,608 | ---- | M] () -- \\?\C:\WINDOWS\System32\WBEM\WMIADAP.EXE
PRC - [2004-08-04 01:44:30 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2004-08-04 01:44:30 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2004-08-04 01:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2004-08-04 01:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2004-08-04 01:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004-08-04 01:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004-08-04 01:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004-08-04 01:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-04 01:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-04 01:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2004-08-04 01:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-04 01:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2004-08-04 01:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004-08-04 01:44:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2004-08-04 01:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2004-08-04 01:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2004-05-12 22:30:00 | 000,172,032 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
PRC - [2004-05-12 22:29:57 | 000,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
PRC - [2003-12-22 08:38:42 | 000,241,664 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\hpcoretech\hpcmpmgr.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-08-27 10:24:09 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\CS\Pulpit\OTL.exe
MOD - [2010-04-16 17:37:04 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 10:48:08 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 17:18:19 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-03-21 16:21:24 | 001,014,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 12:22:08 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 12:22:06 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 15:01:37 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-10-15 19:00:47 | 000,332,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2008-07-03 15:16:27 | 008,483,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2004-08-04 01:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2004-08-04 01:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2004-08-04 01:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2004-08-04 01:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2004-08-04 01:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2004-08-04 01:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2004-08-04 01:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2004-08-04 01:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2004-08-04 01:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2004-08-04 01:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2004-08-04 01:44:08 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2004-08-04 01:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2004-08-04 01:44:08 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2004-08-04 01:44:08 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2004-08-04 01:44:08 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2004-08-04 01:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2004-08-04 01:44:04 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2004-08-04 01:44:04 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2004-08-04 01:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004-08-04 01:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2004-08-04 01:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2004-08-04 01:43:56 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2004-08-04 01:43:56 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2004-08-04 01:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2004-08-04 01:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004-08-04 00:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010-05-31 13:33:48 | 000,314,584 | R--- | M] (cFos Software GmbH) [Auto | Running] -- C:\Program Files\cFosSpeed\spd.exe -- (cFosSpeedS)
SRV - [2008-06-09 11:37:44 | 000,053,392 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2007-11-30 13:18:51 | 000,026,488 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\spupdsvc.exe -- (spupdsvc)
SRV - [2007-02-12 11:03:08 | 000,364,629 | ---- | M] (Atheros) [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2006-12-15 11:15:40 | 000,189,692 | RHS- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\odbcasvc.exe -- (odbcasvc)
SRV - [2006-03-03 22:03:10 | 000,069,632 | ---- | M] (HP) [Unknown | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2010-05-31 13:33:56 | 001,079,000 | ---- | M] (cFos Software GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfosspeed.sys -- (cFosSpeed)
DRV - [2010-01-10 22:51:18 | 000,000,000 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Ultra.dll -- (ultra)
DRV - [2009-12-10 22:31:50 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008-12-25 09:56:42 | 000,433,792 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wfeaglxt.sys -- (WFLR6654) WinFast TV2000 XP Expert (FM1216MK3)
DRV - [2007-12-05 07:26:40 | 002,782,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007-11-05 09:55:04 | 000,017,952 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Radeon Omega Drivers\v4.8.442\ATI Tray Tools\atitray.sys -- (atitray)
DRV - [2007-04-23 15:54:50 | 000,100,488 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115mgmt.sys -- (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM)
DRV - [2007-04-23 15:54:50 | 000,098,568 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115obex.sys -- (s115obex)
DRV - [2007-04-23 15:54:48 | 000,108,680 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115mdm.sys -- (s115mdm)
DRV - [2007-04-23 15:54:48 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115mdfl.sys -- (s115mdfl)
DRV - [2007-04-23 15:54:46 | 000,083,208 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115bus.sys -- (s115bus) Sony Ericsson Device 115 driver (WDM)
DRV - [2007-03-27 13:27:02 | 000,543,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2006-11-15 02:00:18 | 000,055,840 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2006-03-01 19:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2005-01-06 17:55:38 | 000,009,446 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\WinFast\WFTVFM\WFIOCTL.sys -- (WFIOCTL)
DRV - [2004-12-23 18:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ULCDRHlp.sys -- (ULCDRHlp)
DRV - [2004-08-04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2004-08-04 00:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2003-09-23 11:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2001-10-26 17:52:04 | 000,153,631 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xnd5.sys -- (EL90X)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-299502267-725345543-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=13170&l=dis
IE - HKU\S-1-5-21-299502267-725345543-682003330-1004\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKU\S-1-5-21-299502267-725345543-682003330-1004\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Livebox\SearchURLHook\SearchPageURL.dll File not found
IE - HKU\S-1-5-21-299502267-725345543-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.ask.com?o=13170&l=dis"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=BT5&o=15443&locale=en_US&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-08-23 21:05:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-08-23 21:04:17 | 000,000,000 | ---D | M]

[2010-01-28 00:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CS\Dane aplikacji\Mozilla\Extensions
[2010-08-25 21:34:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CS\Dane aplikacji\Mozilla\Firefox\Profiles\1kmfd40a.default\extensions
[2010-08-23 22:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CS\Dane aplikacji\Mozilla\Firefox\Profiles\1kmfd40a.default\extensions\toolbar@ask.com
[2010-08-23 22:46:01 | 000,002,424 | ---- | M] () -- C:\Documents and Settings\CS\Dane aplikacji\Mozilla\Firefox\Profiles\1kmfd40a.default\searchplugins\askcom.xml
[2010-08-26 21:49:30 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-08-23 21:04:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-08-24 20:12:30 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010-08-23 21:03:57 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009-07-15 21:00:25 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-07-15 21:00:25 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-07-15 21:00:25 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-07-15 21:00:25 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-07-15 21:00:25 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-07-15 21:00:25 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009-12-29 22:02:56 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-299502267-725345543-682003330-1004\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cfosspeed.exe (cFos Software GmbH)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe (HP)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\Livebox\SessionManager\SessionManager.exe File not found
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
O4 - HKLM..\Run: [TWCU] C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\TWCU.exe (TP-LINK TECHNOLOGIES CO., LTD.)
O4 - HKLM..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe (Leadtek Research Inc.)
O4 - HKU\S-1-5-21-299502267-725345543-682003330-1004..\Run: [AllerCalc] C:\Program Files\AllerCalc\AllerCalc.exe File not found
O4 - HKU\S-1-5-21-299502267-725345543-682003330-1004..\Run: [ares] C:\Program Files\Ares\Ares.exe File not found
O4 - HKU\S-1-5-21-299502267-725345543-682003330-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-299502267-725345543-682003330-1004..\Run: [BitTorrent] C:\Program Files\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-299502267-725345543-682003330-1004..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-299502267-725345543-682003330-1004..\Run: [wsctf.exe] File not found
O4 - Startup: C:\Documents and Settings\CS\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-299502267-725345543-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 157
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - Reg Error: Key error. File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\CS\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\CS\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-12-10 21:58:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-04-28 20:35:54 | 000,000,123 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-04-28 21:03:27 | 000,000,105 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{078041e8-17d8-11df-a9da-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{078041e8-17d8-11df-a9da-001966512634}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{078041eb-17d8-11df-a9da-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{078041eb-17d8-11df-a9da-001966512634}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{23c99598-17f1-11df-a9db-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{23c99598-17f1-11df-a9db-001966512634}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{36966ce2-18b8-11df-a9df-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{36966ce2-18b8-11df-a9df-001966512634}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{36966ce3-18b8-11df-a9df-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{36966ce3-18b8-11df-a9df-001966512634}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{36966ce6-18b8-11df-a9df-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{36966ce6-18b8-11df-a9df-001966512634}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{36966ce8-18b8-11df-a9df-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{36966ce8-18b8-11df-a9df-001966512634}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{36966ceb-18b8-11df-a9df-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{36966ceb-18b8-11df-a9df-001966512634}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{39e30a7c-522b-11df-ab09-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{39e30a7c-522b-11df-ab09-001966512634}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{40115214-2093-11df-aa0a-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{40115214-2093-11df-aa0a-001966512634}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{40115217-2093-11df-aa0a-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{40115217-2093-11df-aa0a-001966512634}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{40115219-2093-11df-aa0a-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{40115219-2093-11df-aa0a-001966512634}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{4011521a-2093-11df-aa0a-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{4011521a-2093-11df-aa0a-001966512634}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{4108461d-02ee-11df-a985-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{4108461d-02ee-11df-a985-001966512634}\Shell\1\Command - "" = G:\.\recycled\info.exe -- File not found
O33 - MountPoints2\{6dc50552-216b-11df-aa0f-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{6dc50552-216b-11df-aa0f-001966512634}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{80561f38-44be-11dc-ac3f-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{80561f38-44be-11dc-ac3f-001966512634}\Shell\1\Command - "" = G:\.\recycled\info.exe -- File not found
O33 - MountPoints2\{8ab46b12-2628-11df-aa2b-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{8ab46b12-2628-11df-aa2b-001966512634}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{99022d5f-e5c9-11de-bd35-806d6172696f}\Shell\Open(&0)\command - "" = D:\Recycled\ctfmon.exe -- [2006-06-27 14:23:42 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{a5eb7220-22b5-11df-aa15-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{a5eb7220-22b5-11df-aa15-001966512634}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{a5eb7223-22b5-11df-aa15-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{a5eb7223-22b5-11df-aa15-001966512634}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{ad75bab8-18cf-11df-a9e1-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{ad75bab8-18cf-11df-a9e1-001966512634}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{af3832b2-77fd-11df-abb4-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{af3832b2-77fd-11df-abb4-001966512634}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{af3832b5-77fd-11df-abb4-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{af3832b5-77fd-11df-abb4-001966512634}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{b56ca1de-2ac4-11df-aa42-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{b56ca1de-2ac4-11df-aa42-001966512634}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{c3407faa-32b6-11df-aa67-006008766fd7}\Shell - "" = AutoRun
O33 - MountPoints2\{c3407faa-32b6-11df-aa67-006008766fd7}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{c3407fad-32b6-11df-aa67-006008766fd7}\Shell - "" = AutoRun
O33 - MountPoints2\{c3407fad-32b6-11df-aa67-006008766fd7}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{dd522096-3a67-11df-aa90-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{dd522096-3a67-11df-aa90-001966512634}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{ea02d3c3-e5c7-11de-a91e-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{ea02d3c3-e5c7-11de-a91e-001966512634}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{ea02d3cd-e5c7-11de-a91e-001966512634}\Shell - "" = AutoRun
O33 - MountPoints2\{ea02d3cd-e5c7-11de-a91e-001966512634}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^kshi^Menu Start^Programy^Autostart^raw32.dll - C:\Documents and Settings\kshi\Menu Start\Programy\Autostart\raw32.dll - File not found
MsConfig - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Reg Error: Value error.
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Reg Error: Value error.
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Reg Error: Value error.
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Reg Error: Value error.
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-08-27 10:24:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010-08-27 10:24:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010-08-27 10:24:43 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010-08-27 10:24:09 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\CS\Pulpit\OTL.exe
[2010-08-27 10:16:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
[2010-08-27 10:15:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010-08-27 10:15:27 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2010-08-26 22:10:37 | 000,000,000 | ---D | C] -- C:\Casino
[2010-08-26 21:06:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CS\Ustawienia lokalne\Dane aplikacji\AskToolbar
[2010-08-26 12:26:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CS\Moje dokumenty\My Received Files
[2010-08-26 12:26:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CS\Ustawienia lokalne\Dane aplikacji\BearShare
[2010-08-26 12:26:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CS\Moje dokumenty\BearShare
[2010-08-26 12:24:36 | 000,000,000 | ---D | C] -- C:\Program Files\BearShare Applications
[2010-08-26 12:24:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\BearShare
[2010-08-26 12:19:55 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{37490DE3-F7B0-4FFB-ACAD-E9674CA2AD24}
[2010-08-26 12:17:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CS\Ustawienia lokalne\Dane aplikacji\PackageAware
[2010-08-26 12:14:18 | 002,242,448 | ---- | C] (Musiclab, LLC ) -- C:\Documents and Settings\CS\Pulpit\BearShareV9pl.exe
[2010-08-26 02:24:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474
[2010-08-26 02:17:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010-08-26 02:15:50 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010-08-26 01:47:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2010-08-26 01:11:25 | 000,000,000 | ---D | C] -- C:\Program Files\ElfBot NG
[2010-08-26 01:10:27 | 002,110,837 | ---- | C] (NGSoft, LLC ) -- C:\Documents and Settings\CS\Pulpit\setup-4.5.9.exe
[2010-08-25 22:40:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CS\Dane aplikacji\Stellarium
[2010-08-25 22:39:38 | 000,000,000 | ---D | C] -- C:\Program Files\Stellarium
[2010-08-24 23:30:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010-08-24 23:30:53 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010-08-24 23:24:08 | 000,000,000 | ---D | C] -- C:\Program Files\TibiaOTS84h
[2010-08-24 23:23:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CS\Pulpit\mousefix
[2010-08-24 23:10:21 | 000,000,000 | ---D | C] -- C:\Program Files\TibiaOTS84
[2010-08-24 01:16:50 | 000,000,000 | ---D | C] -- C:\Program Files\HLTooLz
[2010-08-24 00:25:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CS\Moje dokumenty\Downloads
[2010-08-23 23:13:07 | 001,079,000 | ---- | C] (cFos Software GmbH) -- C:\WINDOWS\System32\drivers\cfosspeed.sys
[2010-08-23 23:13:07 | 000,334,040 | ---- | C] (cFos Software GmbH) -- C:\WINDOWS\System32\cfosspeed.dll
[2010-08-23 23:13:06 | 000,000,000 | ---D | C] -- C:\Program Files\cFosSpeed
[2010-08-23 22:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2010-08-23 22:38:02 | 000,000,000 | ---D | C] -- C:\Program Files\BitTorrent
[2010-08-23 22:37:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CS\Dane aplikacji\BitTorrent
[2010-08-23 22:30:34 | 000,000,000 | ---D | C] -- C:\Program Files\TibiaOTS
[2010-08-23 21:31:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010-08-23 21:30:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CS\Dane aplikacji\Gadu-Gadu
[2010-08-23 21:10:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CS\.gstreamer-0.10
[2010-08-23 21:08:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-08-23 21:08:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CS\Dane aplikacji\OpenFM
[2010-08-23 21:06:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010-08-23 21:04:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2010-08-23 21:04:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010-08-23 21:03:50 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010-08-23 20:58:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CS\Dane aplikacji\Sun
[2010-08-23 20:39:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CS\Ustawienia lokalne\Dane aplikacji\cache
[2010-08-23 17:51:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CS\Dane aplikacji\Gadu-Gadu 10
[2010-08-23 17:46:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-08-23 17:45:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2010-08-23 17:37:20 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10
[2010-08-23 16:30:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CS\Dane aplikacji\Macromedia
[2010-08-23 16:27:12 | 000,364,629 | ---- | C] (Atheros) -- C:\WINDOWS\System32\acs.exe
[2010-08-23 16:26:53 | 000,249,925 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\wsimd.dll
[2010-08-23 16:26:52 | 001,241,166 | ---- | C] (Devicescape) -- C:\WINDOWS\System32\dsa.dll
[2010-08-23 16:26:52 | 000,393,216 | ---- | C] (Atheros) -- C:\WINDOWS\System32\wcapi.dll
[2010-08-23 16:26:52 | 000,344,156 | ---- | C] (Atheros) -- C:\WINDOWS\System32\wcapiU.dll
[2010-08-23 16:26:52 | 000,303,199 | ---- | C] (Atheros) -- C:\WINDOWS\System32\athcfg20U.dll
[2010-08-23 16:26:52 | 000,254,023 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\wsfwDS.dll
[2010-08-23 16:26:52 | 000,114,792 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\athcfg20resU.dll
[2010-08-23 16:26:52 | 000,082,017 | ---- | C] (Devicescape, Inc.) -- C:\WINDOWS\System32\dsaNac.dll
[2010-08-23 16:26:52 | 000,055,840 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\wsimd.sys
[2010-08-23 16:26:52 | 000,055,840 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\wsimd.sys
[2010-08-23 16:26:51 | 000,237,568 | ---- | C] (Atheros) -- C:\WINDOWS\System32\athcfg20.dll
[2010-08-23 16:26:51 | 000,114,766 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\athcfg20res.dll
[2010-08-23 16:26:48 | 000,000,000 | ---D | C] -- C:\Program Files\TP-LINK
[2010-08-23 16:26:27 | 000,543,712 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\ar5211.sys
[2010-08-23 16:26:27 | 000,543,712 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\ar5211.sys
[2010-08-23 16:25:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TP-LINK
[2010-08-18 14:48:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\France Telecom
[2010-08-05 22:43:07 | 000,100,488 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115mgmt.sys
[2010-08-05 22:43:03 | 000,098,568 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115obex.sys
[2010-08-05 22:42:54 | 000,108,680 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115mdm.sys
[2010-08-05 22:42:54 | 000,015,112 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115mdfl.sys
[2010-08-05 22:42:54 | 000,012,424 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115cmnt.sys
[2010-08-05 22:42:54 | 000,012,424 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115cm.sys
[2010-08-05 22:42:50 | 000,083,208 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115bus.sys
[2010-08-05 22:42:50 | 000,012,424 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115whnt.sys
[2010-08-05 22:42:50 | 000,012,424 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115wh.sys
[2010-08-05 22:36:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sony Ericsson Shared
[2010-08-05 22:36:52 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson
[2010-08-05 22:36:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2010-08-05 22:35:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Teleca
[2010-08-05 22:35:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony Ericsson
[2010-07-13 07:31:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Apple
[2010-07-05 23:14:10 | 000,000,000 | ---D | C] -- C:\Program Files\RAR Password Cracker
[2010-07-05 23:09:13 | 000,000,000 | ---D | C] -- C:\Program Files\ElcomSoft
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-08-27 10:25:53 | 001,092,142 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-08-27 10:25:53 | 000,493,976 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-08-27 10:25:53 | 000,435,396 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-08-27 10:25:53 | 000,085,136 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-08-27 10:25:53 | 000,068,292 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-08-27 10:24:21 | 000,000,224 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf
[2010-08-27 10:24:09 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\CS\Pulpit\OTL.exe
[2010-08-27 10:11:42 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2010-08-27 10:11:22 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\BearShareNAG.job
[2010-08-27 10:11:22 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-08-27 10:11:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-08-27 02:19:32 | 007,864,320 | -H-- | M] () -- C:\Documents and Settings\CS\NTUSER.DAT
[2010-08-27 02:19:02 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-08-27 02:18:01 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\CS\ntuser.ini
[2010-08-27 02:01:06 | 000,000,228 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010-08-27 01:12:05 | 000,001,065 | ---- | M] () -- C:\WINDOWS\winamp.ini
[2010-08-26 22:11:38 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\EuroGrand Casino.lnk
[2010-08-26 13:10:45 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-08-26 12:24:43 | 000,000,845 | ---- | M] () -- C:\Documents and Settings\CS\Pulpit\BearShare.lnk
[2010-08-26 12:19:47 | 000,000,139 | ---- | M] () -- C:\Documents and Settings\CS\Pulpit\Kontynuuj instalacje programu BearShare.url
[2010-08-26 12:16:59 | 002,242,448 | ---- | M] (Musiclab, LLC ) -- C:\Documents and Settings\CS\Pulpit\BearShareV9pl.exe
[2010-08-26 10:43:17 | 000,293,272 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-08-26 02:10:03 | 000,027,920 | ---- | M] () -- C:\Documents and Settings\CS\Moje dokumenty\tibiaAuto.cfg.Kamaszi.xml
[2010-08-26 01:20:28 | 000,001,573 | ---- | M] () -- C:\Documents and Settings\CS\Pulpit\Tibia Auto.lnk
[2010-08-26 01:19:58 | 003,084,608 | ---- | M] () -- C:\Documents and Settings\CS\Pulpit\TibiaAutoSetup_2_1_2.exe
[2010-08-26 01:11:28 | 000,000,623 | ---- | M] () -- C:\Documents and Settings\CS\Pulpit\ElfBot NG.lnk
[2010-08-26 01:11:14 | 002,110,837 | ---- | M] (NGSoft, LLC ) -- C:\Documents and Settings\CS\Pulpit\setup-4.5.9.exe
[2010-08-25 22:39:55 | 000,001,590 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Stellarium.lnk
[2010-08-24 23:24:11 | 000,000,684 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Tibia.lnk
[2010-08-24 23:23:01 | 000,000,406 | ---- | M] () -- C:\Documents and Settings\CS\Pulpit\mousefix.zip
[2010-08-24 12:25:43 | 000,000,130 | ---- | M] () -- C:\Documents and Settings\CS\Pulpit\Copy of Kaspersky.Anti.Virus.9.0.0.736.rar
[2010-08-24 00:27:49 | 000,000,842 | ---- | M] () -- C:\Documents and Settings\CS\Pulpit\Colasoft MAC Scanner 2.2 Pro Demo.lnk
[2010-08-23 23:13:20 | 000,001,202 | ---- | M] () -- C:\Documents and Settings\CS\Pulpit\Funkcje cFosSpeed.lnk
[2010-08-23 23:06:16 | 000,000,414 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2010-08-23 22:38:03 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\BitTorrent.lnk
[2010-08-23 17:46:51 | 000,000,791 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2010-08-23 17:46:51 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2010-08-23 16:27:15 | 000,001,875 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TP-LINK Wireless Client Utility.lnk
[2010-08-20 22:48:49 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-08-16 11:40:22 | 003,931,034 | ---- | M] () -- C:\Documents and Settings\CS\Pulpit\Masters - Żono moja.mp3
[2010-07-24 18:46:23 | 004,469,885 | ---- | M] () -- C:\Documents and Settings\CS\Moje dokumenty\nati xd.vmo
[2010-07-24 18:40:21 | 004,413,339 | ---- | M] () -- C:\Documents and Settings\CS\Moje dokumenty\rtt.vmo
[2010-07-24 16:18:39 | 265,814,016 | ---- | M] () -- C:\Documents and Settings\CS\Moje dokumenty\cns-mrbe_www.ajo.pl.avi
[2010-07-24 16:17:38 | 028,839,936 | ---- | M] () -- C:\Documents and Settings\CS\Moje dokumenty\Łowcy.B - Autobus.avi
[2010-07-13 07:31:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010-07-06 13:22:47 | 000,016,010 | ---- | M] () -- C:\Documents and Settings\CS\Moje dokumenty\Grecja i Rzym.docx
[2010-06-28 12:15:09 | 000,000,110 | ---- | M] () -- C:\WINDOWS\kalkulator.ini
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-08-27 10:25:41 | 000,176,144 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2010-08-27 10:24:21 | 000,000,224 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf
[2010-08-26 22:11:36 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\EuroGrand Casino.lnk
[2010-08-26 12:27:02 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\BearShareNAG.job
[2010-08-26 12:24:43 | 000,000,845 | ---- | C] () -- C:\Documents and Settings\CS\Pulpit\BearShare.lnk
[2010-08-26 12:19:47 | 000,000,139 | ---- | C] () -- C:\Documents and Settings\CS\Pulpit\Kontynuuj instalacje programu BearShare.url
[2010-08-26 02:24:17 | 000,000,260 | ---- | C] () -- C:\WINDOWS\tasks\WGASetup.job
[2010-08-26 02:10:03 | 000,027,920 | ---- | C] () -- C:\Documents and Settings\CS\Moje dokumenty\tibiaAuto.cfg.Kamaszi.xml
[2010-08-26 01:20:28 | 000,001,573 | ---- | C] () -- C:\Documents and Settings\CS\Pulpit\Tibia Auto.lnk
[2010-08-26 01:18:55 | 003,084,608 | ---- | C] () -- C:\Documents and Settings\CS\Pulpit\TibiaAutoSetup_2_1_2.exe
[2010-08-26 01:11:28 | 000,000,623 | ---- | C] () -- C:\Documents and Settings\CS\Pulpit\ElfBot NG.lnk
[2010-08-25 22:39:55 | 000,001,590 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Stellarium.lnk
[2010-08-24 23:22:55 | 000,000,406 | ---- | C] () -- C:\Documents and Settings\CS\Pulpit\mousefix.zip
[2010-08-24 12:01:23 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\CS\Pulpit\Copy of Kaspersky.Anti.Virus.9.0.0.736.rar
[2010-08-24 00:27:48 | 000,000,842 | ---- | C] () -- C:\Documents and Settings\CS\Pulpit\Colasoft MAC Scanner 2.2 Pro Demo.lnk
[2010-08-23 23:13:20 | 000,001,202 | ---- | C] () -- C:\Documents and Settings\CS\Pulpit\Funkcje cFosSpeed.lnk
[2010-08-23 22:38:29 | 000,000,228 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010-08-23 22:38:03 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\BitTorrent.lnk
[2010-08-23 22:30:37 | 000,000,684 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Tibia.lnk
[2010-08-23 17:46:51 | 000,000,791 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2010-08-23 17:46:51 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2010-08-23 16:26:52 | 000,377,014 | ---- | C] () -- C:\WINDOWS\System32\wgapi.dll
[2010-08-23 16:26:52 | 000,009,098 | ---- | C] () -- C:\WINDOWS\System32\wsimdp.cat
[2010-08-23 16:26:52 | 000,008,675 | ---- | C] () -- C:\WINDOWS\System32\wsimd.cat
[2010-08-23 16:26:52 | 000,005,311 | ---- | C] () -- C:\WINDOWS\System32\wsimdp.inf
[2010-08-23 16:26:52 | 000,002,133 | ---- | C] () -- C:\WINDOWS\System32\wsimd.inf
[2010-08-23 16:26:51 | 000,001,875 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TP-LINK Wireless Client Utility.lnk
[2010-08-23 16:26:27 | 000,062,028 | ---- | C] () -- C:\WINDOWS\System32\net5211.inf
[2010-08-23 16:26:27 | 000,019,380 | ---- | C] () -- C:\WINDOWS\System32\net5211.cat
[2010-08-16 11:40:22 | 003,931,034 | ---- | C] () -- C:\Documents and Settings\CS\Pulpit\Masters - Żono moja.mp3
[2010-08-05 22:37:04 | 000,002,673 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Sony Ericsson PC Suite.lnk
[2010-07-24 18:46:23 | 004,469,885 | ---- | C] () -- C:\Documents and Settings\CS\Moje dokumenty\nati xd.vmo
[2010-07-24 18:40:21 | 004,413,339 | ---- | C] () -- C:\Documents and Settings\CS\Moje dokumenty\rtt.vmo
[2010-07-24 16:17:49 | 265,814,016 | ---- | C] () -- C:\Documents and Settings\CS\Moje dokumenty\cns-mrbe_www.ajo.pl.avi
[2010-07-24 16:17:34 | 028,839,936 | ---- | C] () -- C:\Documents and Settings\CS\Moje dokumenty\Łowcy.B - Autobus.avi
[2010-07-06 13:22:47 | 000,016,010 | ---- | C] () -- C:\Documents and Settings\CS\Moje dokumenty\Grecja i Rzym.docx
[2010-06-07 20:59:32 | 000,010,659 | ---- | C] () -- C:\WINDOWS\hpdj3840.ini
[2010-06-05 21:23:24 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\QTUninst.dll
[2010-05-21 21:12:47 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini
[2010-05-12 23:47:40 | 000,000,110 | ---- | C] () -- C:\WINDOWS\kalkulator.ini
[2010-05-11 21:45:54 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010-03-21 19:26:17 | 000,000,048 | ---- | C] () -- C:\WINDOWS\picture2avi.ini
[2010-03-08 21:14:14 | 000,007,420 | ---- | C] () -- C:\WINDOWS\UA000106.DLL
[2010-02-17 17:34:20 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\CS\Dane aplikacji\PnkBstrK.sys
[2010-01-28 00:40:57 | 000,055,296 | ---- | C] () -- C:\Documents and Settings\CS\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-01-27 01:42:59 | 000,000,040 | ---- | C] () -- C:\WINDOWS\pipeta.INI
[2010-01-10 22:51:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Ultra.dll
[2010-01-01 22:22:54 | 001,867,776 | ---- | C] () -- C:\WINDOWS\python24.dll
[2009-12-29 22:12:10 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\sknc.dll
[2009-12-28 16:35:37 | 000,001,065 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2009-12-22 23:39:56 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-12-22 23:39:55 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009-12-22 23:39:53 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-12-22 23:39:53 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-12-22 23:39:49 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-12-22 23:39:49 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-12-15 22:53:54 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2009-12-12 23:35:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2009-12-10 23:04:51 | 000,000,400 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log
[2009-12-10 23:04:16 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2009-12-10 22:47:52 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2009-12-10 22:31:50 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-12-10 22:12:44 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2009-12-10 22:12:43 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2009-12-10 22:12:42 | 000,000,059 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2009-12-10 22:12:41 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2009-12-10 22:12:39 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2004-07-17 12:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[1996-04-03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

[color=#E56717]========== LOP Check ==========[/color]

[2010-08-26 12:24:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BearShare
[2009-12-10 22:35:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-05-05 13:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EarthBrowser
[2010-01-22 22:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2010-08-23 17:46:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-08-26 01:38:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-04-05 21:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Recisio
[2010-08-05 22:37:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Teleca
[2010-08-26 01:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-12-10 22:36:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tlen.pl
[2010-08-23 16:26:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TP-LINK
[2010-04-17 09:57:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems
[2010-08-26 12:27:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{37490DE3-F7B0-4FFB-ACAD-E9674CA2AD24}
[2010-05-29 16:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CS\Dane aplikacji\Atari
[2010-08-27 10:12:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CS\Dane aplikacji\BitTorrent
[2010-03-16 15:48:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CS\Dane aplikacji\Colasoft MAC Scanner
[2010-02-07 11:04:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CS\Dane aplikacji\DAEMON Tools
[2010-02-07 11:04:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CS\Dane aplikacji\DAEMON Tools Lite
[2010-02-07 11:04:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CS\Dane aplikacji\DAEMON Tools Pro
[2010-05-05 13:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CS\Dane aplikacji\EarthBrowser
[2010-08-23 21:30:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CS\Dane aplikacji\Gadu-Gadu
[2010-08-23 20:39:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CS\Dane aplikacji\Gadu-Gadu 10
[2010-03-26 16:04:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CS\Dane aplikacji\gtk-2.0
[2010-02-21 12:55:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CS\Dane aplikacji\Moyea
[2010-08-23 21:08:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CS\Dane aplikacji\OpenFM
[2010-01-28 01:15:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CS\Dane aplikacji\Opera
[2010-08-25 22:41:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CS\Dane aplikacji\Stellarium
[2010-08-05 22:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CS\Dane aplikacji\Teleca
[2010-08-26 01:12:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CS\Dane aplikacji\Tibia
[2010-04-13 17:12:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CS\Dane aplikacji\Tlen.pl
[2010-03-09 10:21:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CS\Dane aplikacji\Ulead Systems
[2010-08-27 10:11:22 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\BearShareNAG.job
[2010-08-27 02:01:06 | 000,000,228 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2010-08-27 10:11:42 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009-12-10 21:58:34 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-04-28 20:35:54 | 000,000,123 | RHS- | M] () -- C:\autorun.inf
[2009-12-26 02:33:58 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2009-12-29 21:53:31 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2001-07-22 03:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2004-08-04 00:00:14 | 000,262,400 | ---- | M] () -- C:\cmldr
[2009-12-29 22:07:41 | 000,022,360 | ---- | M] () -- C:\ComboFix.txt
[2009-12-10 21:58:34 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-04-24 20:50:14 | 000,000,398 | ---- | M] () -- C:\gdi.log
[2010-07-08 23:06:21 | 000,007,452 | ---- | M] () -- C:\hpfr3840.log
[2009-12-10 21:58:34 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2005-11-22 17:41:08 | 2288,615,424 | ---- | M] () -- C:\MIR-NFSMW.mdf
[2005-11-22 17:41:08 | 000,004,314 | ---- | M] () -- C:\MIR-NFSMW.mds
[2009-12-10 21:58:34 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-03 23:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004-08-03 23:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr
[2010-08-27 10:11:10 | 419,430,400 | -HS- | M] () -- C:\pagefile.sys
[2010-03-22 18:52:20 | 000,446,976 | ---- | M] () -- C:\sample.avi
[2010-01-05 00:35:50 | 000,117,640 | ---- | M] () -- C:\test.htm
[2006-06-19 23:08:17 | 000,000,054 | ---- | M] () -- C:\ut.bat
[2006-06-22 05:03:22 | 000,000,056 | ---- | M] () -- C:\ut9x.bat


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-04 01:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\agp440.sys
[2004-08-04 01:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ERDNT\cache\AGP440.SYS
[2004-08-04 01:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\backup\agp440.sys
[2004-08-04 01:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\AGP440.SYS

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-04 01:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004-08-03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2004-08-03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\backup\atapi.sys
[2004-08-03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\atapi.sys
[2004-08-03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-18 02:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys
[2001-08-18 02:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-18 02:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-04 01:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004-08-03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\backup\cdrom.sys
[2004-08-03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\cdrom.sys
[2004-08-03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-04 01:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2004-08-04 01:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\backup\eventlog.dll
[2004-08-04 01:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\eventlog.dll
[2004-08-04 01:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004-08-04 01:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2004-08-04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2004-08-04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\backup\ndis.sys
[2004-08-04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\ndis.sys
[2004-08-04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004-08-04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-04 01:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2004-08-04 01:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\SoftwareDistribution\Download\51fc2b55c6deef38fc801319336cdbc7\backup\winlogon.exe
[2004-08-04 01:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\SoftwareDistribution\Download\ed6d6d62d5e16751de83264797e1efd6\backup\winlogon.exe
[2004-08-04 01:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004-08-04 01:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:A8ADE5D8
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2
< End of report >
[/log]

Pozdrawiam

// Proszę o usunięcie poprzedniego mojego tematu, wysłany został przez zamulający internet.

Tomek01
komentarz
komentarz

Odinstaluj Ask Toolbar,


W OTL, w oknie Custom scan/fixes wklej:
[code]:Processes
Explorer.exe

:OTL
IE - HKU\S-1-5-21-299502267-725345543-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=13170&l=dis
IE - HKU\S-1-5-21-299502267-725345543-682003330-1004\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKU\S-1-5-21-299502267-725345543-682003330-1004\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Livebox\SearchURLHook\SearchPageURL.dll File not found
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://www.ask.com?o=13170&l=dis"
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=BT5&o=15443&locale=en_US&q="
[2010-08-23 22:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CS\Dane aplikacji\Mozilla\Firefox\Profiles\1kmfd40a.default\extensions\toolbar@ask.com
[2010-08-23 22:46:01 | 000,002,424 | ---- | M] () -- C:\Documents and Settings\CS\Dane aplikacji\Mozilla\Firefox\Profiles\1kmfd40a.default\searchplugins\askcom.xml
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - No CLSID value found.
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-299502267-725345543-682003330-1004\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKU\S-1-5-21-299502267-725345543-682003330-1004..\Run: [wsctf.exe] File not found
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:A8ADE5D8
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2

:Files
C:^Documents and Settings\kshi\Menu Start\Programy\Autostart\raw32.dll
C:\Documents and Settings\CS\Ustawienia lokalne\Dane aplikacji\AskToolbar
C:\Program Files\Ask.comC:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]

Klikasz run fix, komputer uruchamia się ponownie.

Wrzucasz log z usuwania oraz nowe logi OTL i RSIT.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.