hajnel29 utworzono 19 września 2010 utworzono 19 września 2010 Witam, Jestem kolejną ofiarą Search Settingu 1.2.3 i to ofiarą która liczy na Waszą pomoc. Mam nadzieję że dobrze wkleiłem plik OTL Pozdrawiam hajnel29 [log]OTL logfile created on: 2010-09-19 16:13:05 - Run 1 OTL by OldTimer - Version 3.2.12.1 Folder = C:\Documents and Settings\Piotrek\Desktop Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 022,00 Mb Total Physical Memory | 322,00 Mb Available Physical Memory | 32,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 92,91 Gb Total Space | 8,79 Gb Free Space | 9,46% Space Free | Partition Type: NTFS Drive D: | 632,29 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: PIOTRESZ Current User Name: Piotrek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-09-19 16:10:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piotrek\Desktop\OTL.exe PRC - [2010-09-02 01:04:40 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-08-17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\Eset\ESET Smart Security\ekrn.exe PRC - [2010-04-07 21:07:04 | 002,145,000 | ---- | M] (ESET) -- C:\Program Files\Eset\ESET Smart Security\egui.exe PRC - [2010-01-08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe PRC - [2009-03-08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe PRC - [2009-02-06 13:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-09-25 17:59:14 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2008-04-14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 02:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe PRC - [2008-04-14 02:12:28 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msiexec.exe PRC - [2008-04-14 02:12:28 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe PRC - [2008-04-14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 02:12:17 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dllhost.exe PRC - [2008-04-14 02:12:16 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-14 02:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 02:12:12 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2008-04-01 20:49:42 | 000,036,352 | ---- | M] () -- C:\Winamp\winampa.exe PRC - [2006-03-15 19:12:24 | 001,769,472 | ---- | M] (TOSHIBA Inc.) -- C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe PRC - [2006-03-03 01:02:08 | 000,761,948 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2006-03-03 00:50:52 | 000,151,552 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\Toshiba.exe PRC - [2005-12-05 12:37:40 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe PRC - [2005-11-28 11:41:50 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe PRC - [2005-11-28 11:37:52 | 000,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe PRC - [2005-11-28 11:31:32 | 000,540,745 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe PRC - [2005-11-28 11:29:00 | 000,114,753 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe PRC - [2005-11-28 11:28:14 | 000,217,164 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe PRC - [2005-11-04 00:22:28 | 000,159,744 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe PRC - [2005-11-03 01:41:04 | 000,978,944 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe PRC - [2005-10-11 09:40:32 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehrecvr.exe PRC - [2005-10-06 06:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE PRC - [2005-08-05 14:56:34 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehtray.exe PRC - [2005-08-05 14:56:32 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehSched.exe PRC - [2005-08-05 14:56:28 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehmsas.exe PRC - [2005-08-05 14:27:08 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe PRC - [2005-05-13 12:03:16 | 000,118,784 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe PRC - [2005-04-12 13:04:18 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe PRC - [2005-01-18 01:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe PRC - [2004-04-13 07:07:18 | 000,069,632 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe PRC - [2004-01-26 11:38:38 | 000,866,816 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe PRC - [2003-10-16 19:07:12 | 000,626,688 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\NeostradaTP.exe PRC - [2003-10-16 19:07:12 | 000,053,248 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\TaskBarIcon.exe PRC - [2003-10-16 19:07:12 | 000,020,480 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\Watch.exe PRC - [2003-10-16 19:07:10 | 000,200,704 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\ComComp.exe PRC - [2001-11-12 14:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Program Files\Common Files\X10\Common\X10nets.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-09-19 16:10:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piotrek\Desktop\OTL.exe MOD - [2010-07-27 08:30:35 | 008,462,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2010-07-22 17:49:15 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2010-04-16 17:36:56 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll MOD - [2009-12-08 11:23:28 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 10:25:26 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-03-21 16:06:58 | 000,989,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 14:10:48 | 000,714,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2009-02-09 14:10:48 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-10-23 14:36:14 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-04-14 05:42:06 | 000,985,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 02:12:51 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2008-04-14 02:12:45 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 02:12:09 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2008-04-14 02:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 02:12:08 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 02:12:08 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 02:12:07 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 02:12:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2008-04-14 02:12:03 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 02:12:02 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-04-14 02:12:02 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 02:12:02 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2008-04-14 02:12:02 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 02:12:01 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 02:11:58 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll MOD - [2008-04-14 02:11:56 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lpk.dll MOD - [2008-04-14 02:11:54 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2008-04-14 02:11:53 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 02:11:51 | 000,792,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-14 02:11:51 | 000,276,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 02:11:50 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 02:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-14 02:10:06 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-04-07 21:10:38 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - [2010-01-08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater) SRV - [2009-12-15 23:28:31 | 000,304,528 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\WINDOWS\System32\appdrvrem01.exe -- (appdrvrem01) Application Driver Auto Removal Service (01) SRV - [2006-03-30 10:51:44 | 000,091,648 | ---- | M] (Agnitum Ltd.) [Auto | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\outpost.exe -- (OutpostFirewall) SRV - [2005-11-28 11:31:32 | 000,540,745 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R) SRV - [2005-11-28 11:29:00 | 000,114,753 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R) SRV - [2005-11-28 11:28:14 | 000,217,164 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R) SRV - [2005-01-18 01:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs) SRV - [2001-11-12 14:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS -- (UIUSys) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\159.tmp -- (MEMSWEEP2) DRV - [2010-04-07 21:08:08 | 000,055,232 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi) DRV - [2010-04-07 21:08:06 | 000,032,584 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis) DRV - [2010-04-07 21:08:04 | 000,134,488 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw) DRV - [2010-04-07 21:07:08 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010-04-07 21:03:44 | 000,139,192 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2009-12-15 23:28:33 | 002,915,944 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01) DRV - [2008-04-13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008-03-05 19:25:30 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2008-03-05 19:25:29 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2006-03-30 10:53:16 | 000,017,440 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\arp.dll -- (ARP.DLL) Outpost Firewall PlugIn (ARP.DLL) DRV - [2006-03-30 10:53:16 | 000,016,960 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\protect.dll -- (PROTECT.DLL) Outpost Firewall PlugIn (PROTECT.DLL) DRV - [2006-03-30 10:53:16 | 000,009,696 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\secret.dll -- (SECRET.DLL) Outpost Firewall PlugIn (SECRET.DLL) DRV - [2006-03-30 10:53:16 | 000,009,024 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\ftpfilt.dll -- (FTPFILT.DLL) Outpost Firewall PlugIn (FTPFILT.DLL) DRV - [2006-03-30 10:53:16 | 000,007,200 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\imapfilt.dll -- (IMAPFILT.DLL) Outpost Firewall PlugIn (IMAPFILT.DLL) DRV - [2006-03-30 10:53:16 | 000,006,752 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\nntpfilt.dll -- (NNTPFILT.DLL) Outpost Firewall PlugIn (NNTPFILT.DLL) DRV - [2006-03-30 10:53:14 | 000,033,600 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\Adblock.dll -- (ADBLOCK.DLL) Outpost Firewall PlugIn (ADBLOCK.DLL) DRV - [2006-03-30 10:53:14 | 000,014,912 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\mailfilt.dll -- (MAILFILT.DLL) Outpost Firewall PlugIn (MAILFILT.DLL) DRV - [2006-03-30 10:53:14 | 000,011,552 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\htmlfilt.dll -- (HTMLFILT.DLL) Outpost Firewall PlugIn (HTMLFILT.DLL) DRV - [2006-03-30 10:53:14 | 000,009,984 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\pop3filt.dll -- (POP3FILT.DLL) Outpost Firewall PlugIn (POP3FILT.DLL) DRV - [2006-03-30 10:53:14 | 000,004,896 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\Content.dll -- (CONTENT.DLL) Outpost Firewall PlugIn (CONTENT.DLL) DRV - [2006-03-30 10:53:12 | 000,014,304 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\Dnscache.dll -- (DNSCACHE.DLL) Outpost Firewall PlugIn (DNSCACHE.DLL) DRV - [2006-03-30 10:53:12 | 000,013,248 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\Httpfilt.dll -- (HTTPFILT.DLL) Outpost Firewall PlugIn (HTTPFILT.DLL) DRV - [2006-03-30 10:53:04 | 000,125,216 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\FILTNT.SYS -- (VFILT) DRV - [2006-03-26 14:22:14 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2006-03-13 11:38:23 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) DRV - [2006-03-03 00:46:54 | 000,191,968 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2006-02-16 18:34:00 | 003,642,944 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2006-01-12 17:21:18 | 000,031,872 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\qkbfiltr.sys -- (qkbfiltr) DRV - [2005-12-29 23:20:38 | 000,561,664 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService) DRV - [2005-12-05 10:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R) DRV - [2005-11-30 19:12:00 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21) DRV - [2005-11-28 12:09:26 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) DRV - [2005-11-28 11:45:16 | 000,007,040 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\x10hid.sys -- (X10Hid) DRV - [2005-11-09 00:12:00 | 000,997,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV) DRV - [2005-11-09 00:11:00 | 000,723,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2005-11-09 00:11:00 | 000,202,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL) DRV - [2005-10-06 06:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM) DRV - [2005-10-06 06:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M) DRV - [2005-10-06 06:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M) DRV - [2005-10-06 06:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM) DRV - [2005-10-06 06:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM) DRV - [2005-10-06 06:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM) DRV - [2005-10-06 06:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN) DRV - [2005-09-15 03:24:08 | 000,179,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel(R) DRV - [2005-09-12 04:30:00 | 000,089,264 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB) DRV - [2005-09-09 15:47:10 | 000,009,344 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfec.sys -- (tosrfec) DRV - [2005-08-25 13:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM) DRV - [2005-08-25 13:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N) DRV - [2005-08-12 06:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM) DRV - [2005-06-11 06:42:00 | 000,005,504 | ---- | M] (Quanta Computer Corp) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BoiHwSetup.sys -- (BoiHwsetup) DRV - [2005-05-05 15:27:38 | 000,007,936 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\qmofiltr.sys -- (qmofiltr) DRV - [2004-07-19 18:41:48 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32) DRV - [2003-12-08 11:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN) DRV - [2003-12-08 11:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl) DRV - [2003-09-19 02:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc) DRV - [2003-09-11 00:36:54 | 000,021,060 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi) DRV - [2003-01-29 23:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl IE - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Neostrada TP\SearchPageURL.dll () IE - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Value error. File not found IE - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-04-28 18:25:19 | 000,000,000 | ---D | M] O1 HOSTS File: ([2004-08-10 15:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll File not found O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll () O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.) O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Value error. File not found O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll File not found O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll () O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found. O3 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found. O3 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll () O3 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows (R) Server 2003 DDK provider) O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation) O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation) O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [NDSTray.exe] File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe (Agnitum Ltd.) O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe (Agnitum Ltd.) O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [SpeedTouch USB Diagnostics] C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe (THOMSON Telecom Belgium) O4 - HKLM..\Run: [Toshiba Hotkey Utility] C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe (TOSHIBA Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Winamp\winampa.exe () O4 - HKLM..\Run: [WooCnxMon] C:\Program Files\Neostrada TP\CnxMon.exe () O4 - HKLM..\Run: [WOOTASKBARICON] C:\Program Files\Neostrada TP\TaskBarIcon.exe (France Télécom R&D) O4 - HKLM..\Run: [WOOWATCH] C:\Program Files\Neostrada TP\Watch.exe (France Télécom R&D) O4 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data] O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html () O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Szybkie dostosowywanie programu Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll (Agnitum Ltd.) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O20 - AppInit_DLLs: (C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll) - C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Agnitum Ltd.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O24 - Desktop WallPaper: C:\Documents and Settings\Piotrek\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Piotrek\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-03-10 16:30:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2002-06-06 14:03:46 | 000,040,960 | R--- | M] () - D:\autoplay.exe -- [ CDFS ] O32 - AutoRun File - [2001-07-23 20:25:04 | 000,000,047 | R--- | M] () - D:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{43532e0a-608c-11de-b0a8-0013022d6e72}\Shell - "" = AutoRun O33 - MountPoints2\{43532e0a-608c-11de-b0a8-0013022d6e72}\Shell\AutoRun\command - "" = D:\autoplay.exe -- [2002-06-06 14:03:46 | 000,040,960 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-09-19 16:10:05 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Piotrek\Desktop\OTL.exe [2010-09-18 13:49:31 | 000,126,976 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe [2010-09-18 13:45:01 | 000,000,000 | ---D | C] -- C:\Program Files\Warcraft III [2010-09-18 02:27:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\My Documents\Nowy folder [2010-09-18 02:18:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Application Data\FreeFLVConverter [2010-09-13 23:25:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Application Data\InstallShield Installation Information [2010-09-13 23:25:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Application Data\2K Games [2010-09-13 23:23:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Application Data\InstallShield [2010-09-13 23:05:30 | 000,140,800 | ---- | C] (The Duck Corporation) -- C:\WINDOWS\System32\tm20dec.ax [2010-09-02 01:18:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Application Data\.freeciv [2010-09-02 01:05:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun [2010-09-02 01:04:32 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2010-08-03 18:48:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\My Documents\Ascaron Entertainment [2010-08-03 18:48:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Application Data\Ascaron Entertainment [2010-07-22 00:47:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Desktop\Filmy [2008-07-05 11:55:53 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Piotrek\Application Data\pcouffin.sys [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-09-19 16:15:23 | 008,912,896 | -H-- | M] () -- C:\Documents and Settings\Piotrek\NTUSER.DAT [2010-09-19 16:10:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piotrek\Desktop\OTL.exe [2010-09-18 13:49:38 | 000,016,696 | ---- | M] () -- C:\WINDOWS\War3Unin.dat [2010-09-18 13:49:38 | 000,001,612 | ---- | M] () -- C:\Documents and Settings\Piotrek\Desktop\Warcraft III.lnk [2010-09-18 13:49:32 | 000,002,829 | ---- | M] () -- C:\WINDOWS\War3Unin.pif [2010-09-18 13:49:31 | 000,126,976 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe [2010-09-18 02:20:52 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Piotrek\Desktop\Free FLV Converter.lnk [2010-09-16 17:52:08 | 000,000,534 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2010-09-16 17:50:59 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-09-16 17:50:26 | 000,000,049 | ---- | M] () -- C:\WINDOWS\transp.gif [2010-09-16 17:50:22 | 000,045,378 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010-09-16 17:50:17 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-09-16 17:50:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-09-16 17:50:10 | 1071,828,992 | -HS- | M] () -- C:\hiberfil.sys [2010-09-16 17:50:10 | 000,222,432 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-09-16 17:48:34 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Piotrek\ntuser.ini [2010-09-16 17:27:36 | 000,000,573 | ---- | M] () -- C:\WINDOWS\win.ini [2010-09-16 17:27:05 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-09-15 04:58:26 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-09-13 23:36:24 | 000,001,817 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Railroad Tycoon 3.lnk [2010-09-13 23:25:09 | 000,002,089 | ---- | M] () -- C:\Documents and Settings\Piotrek\Desktop\Railroads!.lnk [2010-09-13 23:05:27 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\Piotrek\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk [2010-09-13 23:05:27 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\Piotrek\Desktop\Windows Media Player.lnk [2010-09-13 23:05:23 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2010-09-13 23:05:23 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2010-09-10 20:17:21 | 000,444,362 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-09-10 20:17:21 | 000,072,238 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-09-10 20:17:20 | 000,523,092 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-09-10 17:12:22 | 000,107,520 | ---- | M] () -- C:\Documents and Settings\Piotrek\Desktop\Samoloty.xls [2010-09-04 18:22:03 | 000,006,910 | ---- | M] () -- C:\Documents and Settings\Piotrek\Application Data\.freeciv-client-rc-2.2 [2010-08-29 13:15:46 | 002,640,666 | -H-- | M] () -- C:\Documents and Settings\Piotrek\Local Settings\Application Data\IconCache.db [2010-08-23 20:49:19 | 000,002,455 | ---- | M] () -- C:\Documents and Settings\Piotrek\Application Data\Microsoft\Internet Explorer\Quick Launch\Word 2003 (2).lnk [2010-08-15 07:31:02 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Piotrek\Application Data\Microsoft\Internet Explorer\Quick Launch\Excel 2003.lnk [2010-08-14 20:27:29 | 000,020,480 | ---- | M] () -- C:\player0.rep [2010-08-14 20:22:03 | 000,000,008 | ---- | M] () -- C:\player1.rep [2010-08-11 23:50:28 | 000,307,200 | ---- | M] (Koyote Soft - http://www.koyotesoft.com) -- C:\WINDOWS\System32\TubeFinder.exe [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-09-18 13:49:38 | 000,001,612 | ---- | C] () -- C:\Documents and Settings\Piotrek\Desktop\Warcraft III.lnk [2010-09-18 13:49:32 | 000,016,696 | ---- | C] () -- C:\WINDOWS\War3Unin.dat [2010-09-18 13:49:32 | 000,002,829 | ---- | C] () -- C:\WINDOWS\War3Unin.pif [2010-09-18 02:19:15 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Piotrek\Desktop\Free FLV Converter.lnk [2010-09-13 23:36:24 | 000,001,817 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Railroad Tycoon 3.lnk [2010-09-13 23:25:09 | 000,002,089 | ---- | C] () -- C:\Documents and Settings\Piotrek\Desktop\Railroads!.lnk [2010-09-13 23:05:27 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\Piotrek\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk [2010-09-13 23:05:16 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [2010-09-13 23:05:16 | 000,005,672 | ---- | C] () -- C:\WINDOWS\System32\quartz.vxd [2010-09-04 18:31:03 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll [2010-09-04 18:31:03 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax [2010-09-04 18:31:03 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll [2010-09-04 18:31:02 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll [2010-09-04 18:31:02 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll [2010-09-02 01:21:27 | 000,006,910 | ---- | C] () -- C:\Documents and Settings\Piotrek\Application Data\.freeciv-client-rc-2.2 [2010-02-14 23:23:08 | 000,000,032 | ---- | C] () -- C:\WINDOWS\Kit.ini [2010-02-05 19:41:48 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2010-02-05 19:41:48 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2010-02-05 19:41:48 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2010-02-05 19:36:54 | 000,000,025 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2009-04-06 09:05:55 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2009-04-06 09:05:55 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2009-04-06 09:05:54 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2009-04-06 09:05:52 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2009-04-06 09:05:52 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2009-04-06 09:05:52 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2008-09-25 20:14:45 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll [2008-09-25 20:14:45 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll [2008-09-25 20:14:45 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll [2008-09-25 20:14:45 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll [2008-09-25 20:14:45 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll [2008-07-05 11:56:19 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Piotrek\Application Data\pcouffin.log [2008-07-05 11:55:54 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Piotrek\Application Data\inst.exe [2008-07-05 11:55:54 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Piotrek\Application Data\pcouffin.cat [2008-07-05 11:55:53 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Piotrek\Application Data\pcouffin.inf [2008-04-23 18:34:29 | 000,000,066 | ---- | C] () -- C:\WINDOWS\Kingdia DVD to MP3 Ripper.INI [2008-04-20 15:53:29 | 000,000,101 | ---- | C] () -- C:\WINDOWS\powerplayer.ini [2008-04-20 15:53:29 | 000,000,020 | ---- | C] () -- C:\WINDOWS\powerlist.ini [2008-04-20 15:53:09 | 000,000,796 | ---- | C] () -- C:\WINDOWS\psnetwork.ini [2008-03-05 21:49:15 | 000,000,067 | ---- | C] () -- C:\WINDOWS\#1 DVD Audio Ripper.INI [2008-03-05 19:25:30 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2008-03-05 19:25:29 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2008-01-13 18:41:54 | 000,404,992 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2008-01-13 18:41:50 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll [2008-01-13 18:41:49 | 003,097,088 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2008-01-13 18:41:24 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll [2008-01-13 18:41:24 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2008-01-13 18:41:23 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll [2008-01-13 18:41:22 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll [2008-01-13 18:41:20 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\ff_realaac.dll [2008-01-13 18:41:19 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll [2008-01-13 18:41:17 | 000,397,312 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll [2008-01-13 18:41:14 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll [2008-01-13 18:41:12 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll [2008-01-13 18:41:12 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll [2008-01-13 18:41:09 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2008-01-13 18:41:02 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2008-01-13 18:41:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2008-01-13 18:40:54 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2008-01-13 18:40:29 | 001,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2008-01-13 18:40:11 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll [2008-01-13 18:40:10 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\avi.dll [2008-01-13 18:40:09 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\ts.dll [2008-01-13 18:40:07 | 000,142,848 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll [2008-01-13 18:40:06 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll [2008-01-13 18:40:05 | 000,151,040 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll [2008-01-13 18:40:04 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll [2007-03-26 11:45:18 | 000,071,208 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll [2007-02-20 15:59:08 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2007-02-20 15:59:04 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2006-08-05 08:28:43 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll [2006-08-01 23:02:31 | 000,093,184 | ---- | C] () -- C:\Documents and Settings\Piotrek\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006-07-29 20:19:48 | 000,000,155 | ---- | C] () -- C:\WINDOWS\winamp.ini [2006-07-02 19:20:19 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll [2006-06-23 16:19:37 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Piotrek\Local Settings\Application Data\fusioncache.dat [2006-04-06 16:24:20 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006-04-06 16:12:11 | 000,000,466 | ---- | C] () -- C:\WINDOWS\TBTdetect.ini [2006-04-06 16:02:13 | 000,000,534 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006-04-06 15:41:19 | 000,000,222 | ---- | C] () -- C:\WINDOWS\wininit.ini [2006-04-06 15:14:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI [2006-04-06 15:13:41 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2006-04-06 15:13:41 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2006-04-06 15:13:41 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2006-04-06 15:13:41 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2006-04-06 15:13:40 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2006-04-06 15:13:40 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2006-04-06 15:04:09 | 000,012,430 | ---- | C] () -- C:\WINDOWS\HWSetupStr.ini [2006-04-06 15:04:09 | 000,002,070 | R--- | C] () -- C:\WINDOWS\SVPW32Str.ini [2006-04-06 14:50:10 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini [2006-04-06 14:50:10 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll [2006-04-06 14:50:10 | 000,009,348 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini [2006-04-06 14:50:10 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini [2006-03-10 15:13:44 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll [2006-03-10 15:13:43 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2006-01-26 19:03:32 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\TPeculiarity.dll [2005-12-08 20:56:50 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\tsbwls.dll [2005-11-29 05:33:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2005-09-02 15:44:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll [2005-08-05 15:01:54 | 000,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2005-07-22 22:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll [2004-07-20 18:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll [2004-01-15 15:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll [2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002-07-01 16:13:30 | 000,000,243 | -HS- | C] () -- C:\Documents and Settings\Piotrek\Application Data\system16driver.dat [2002-03-21 14:39:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL [2002-03-20 21:01:06 | 000,006,688 | ---- | C] () -- C:\WINDOWS\System32\Digita.sys [2002-03-20 21:00:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportUSB.dll [2002-03-20 21:00:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportSerial.dll [2002-03-20 21:00:18 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportIrDA.dll [2002-03-20 21:00:18 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportIrCOMM.dll [color=#E56717]========== LOP Check ==========[/color] [2006-03-17 23:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\toshiba [2006-07-29 20:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems [2006-12-27 23:34:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Age of Empires 3 [2009-06-27 19:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarWrapper [2010-04-28 18:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET [2008-09-18 19:00:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN [2008-04-26 02:57:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Keronsoft [2008-11-11 12:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9 [2006-07-27 19:54:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OLYMPUS [2008-04-23 19:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2008-07-05 12:42:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk [2006-03-17 23:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\toshiba [2006-03-17 23:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\X10 Commander [2010-09-02 01:20:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\.freeciv [2010-09-13 23:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\2K Games [2006-07-29 20:15:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\ACD Systems [2010-08-03 18:48:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Ascaron Entertainment [2009-12-27 14:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Atari [2007-08-28 05:33:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Black Sea Studios [2010-01-10 22:45:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Dealio [2010-04-28 18:27:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\ESET [2010-09-18 02:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\FreeFLVConverter [2007-05-15 18:25:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Gadu-Gadu [2008-11-11 12:55:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\GameHouse [2009-10-16 18:15:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\GARMIN [2006-06-23 22:01:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\InterVideo [2009-03-04 21:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\MagicMatch [2006-06-23 19:59:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\My Games [2010-01-05 22:46:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Outlook AutoConfig [2008-04-20 15:54:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\PPMate [2008-04-20 16:30:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\ppstream [2009-05-10 14:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\RayV [2008-12-15 20:04:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Red Alert 3 [2009-03-04 21:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Saqqarah [2010-09-19 16:09:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Search Settings [2007-12-15 13:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Sierra Entertainment [2008-04-27 22:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\SogouPY [2008-05-03 17:23:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Spamihilator [2009-03-04 21:47:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\StoneLoops [2009-03-04 21:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\StoneLoops! [2008-08-10 13:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Summer Athletics 2008 [2006-03-17 23:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\toshiba [2010-05-30 00:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\uTorrent [2010-09-18 02:16:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Vso [color=#E56717]========== Purity Check ==========[/color] < End of report > [/log] [color="#FF0000"]//Logi wklejamy w tagi [log] //Zmieniam //Tom01[/color]
Tomek01 komentarz 19 września 2010 komentarz 19 września 2010 Odinstaluj:Winamp Toolbar, Dealio Toolbar, Search Settings (jeśli jest w panelu dodaj/usuń) W OTL, w oknie Custom scan/fixes wklej: [code]:Processes Explorer.exe :OTL PRC - [2010-01-08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe SRV - [2010-01-08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater) IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll File not found O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Value error. File not found O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll File not found O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found. O3 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found. O3 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) :Files C:\Documents and Settings\Piotrek\Application Data\Search Settings :Commands [emptytemp] [start explorer] [Reboot] [/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzucasz log z usuwania oraz nowe logi OTL i RSIT.
hajnel29 komentarz 19 września 2010 Autor komentarz 19 września 2010 Odinstalowałem, wkleiłem, zrestartowałem i chyba się udało Chłopie, wiem że dla Ciebie to pewno rutyna, zwyczajna rzecz taka porada ale jestem starej daty (49 lat)i choć komputer używam do czasów Spectrum to moja wiedza to w miarę dobrze windows i office więc proszę bez obrazy że tacy jak ja działamy dla Was fachowców nieco denerwująco Szacunek mój dla Twojej wiedzy jest gigantyczny co to znaczy logi wklejamy w tagi - wkleiłem tam gdzie pisze załącz ten plik [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Piotrek at 2010-09-19 17:56:19 Microsoft Windows XP Professional Service Pack 3 System drive C: has 13 GB (14%) free of 95 GB Total RAM: 1022 MB (39% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:56:30, on 2010-09-19 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\TOSHIBA\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\PROGRA~1\NEOSTR~1\CnxMon.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Winamp\winampa.exe C:\Program Files\Synaptics\SynTP\Toshiba.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Neostrada TP\NeostradaTP.exe C:\Program Files\Neostrada TP\ComComp.exe C:\Program Files\Neostrada TP\Watch.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Piotrek\Desktop\OTL.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\notepad.exe C:\Documents and Settings\Piotrek\Desktop\RSIT.exe C:\Program Files\trend micro\Piotrek.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://szukaj.wp.pl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=488 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Toshiba Hotkey Utility] "C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe" /lang PL O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe O4 - HKLM\..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dump:os_startup O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [WinampAgent] C:\Winamp\winampa.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Szybkie dostosowywanie programu Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{C0F58EFD-36FA-4E22-BDD2-962E6E330B2A}: NameServer = 194.204.152.34 194.204.159.1 O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\WINDOWS\System32\appdrvrem01.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 10306 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}] DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2005-10-06 110652] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-09-25 193136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-03 764912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-02 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-02 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-09-25 193136] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512] "High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\CHDAudPropShortcut.exe [2005-12-29 61952] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-03 761948] "Toshiba Hotkey Utility"=C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe [2006-03-15 1769472] "NDSTray.exe"=NDSTray.exe [] "SmoothView"=C:\Program Files\TOSHIBA\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe [2005-05-13 118784] "DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2005-10-06 122940] "IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2005-12-05 667718] "IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2005-11-28 602182] "WooCnxMon"=C:\PROGRA~1\NEOSTR~1\CnxMon.exe [2003-10-16 24576] "SpeedTouch USB Diagnostics"=C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [2004-01-26 866816] "WOOWATCH"=C:\PROGRA~1\NEOSTR~1\Watch.exe [2003-10-16 20480] "WOOTASKBARICON"=C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe [2003-10-16 53248] "OutpostFeedBack"=C:\Program Files\Agnitum\Outpost Firewall\feedback.exe [2006-05-11 356420] "ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-04-17 196608] "ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-04-13 69632] "WinampAgent"=C:\Winamp\winampa.exe [2008-04-01 36352] "nwiz"=nwiz.exe /installquiet [] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-02-16 7557120] "Outpost Firewall"=C:\Program Files\Agnitum\Outpost Firewall\outpost.exe [2006-03-30 91648] "egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-04-07 2145000] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2005-04-12 65536] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-09-25 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2005-11-04 135168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=0x95000000 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Telewizje internetowe\PPStream\PPStream.exe"="C:\Telewizje internetowe\PPStream\PPStream.exe:*:Enabled:PPStream" "C:\Telewizje internetowe\PPLive\PPLive.exe"="C:\Telewizje internetowe\PPLive\PPLive.exe:*:Enabled:PPLive" "C:\TELEWI~1\PCast\PODCAS~1\PODCAS~2.EXE"="C:\TELEWI~1\PCast\PODCAS~1\PODCAS~2.EXE:*:Enabled:Share Streaming" "C:\Telewizje internetowe\PCast\PodcastbarMini\PodcastBarMini.exe"="C:\Telewizje internetowe\PCast\PodcastbarMini\PodcastBarMini.exe:*:Enabled:Share Streaming" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb" "C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray" "C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client" "C:\Program Files\PPMate\ppmate.exe"="C:\Program Files\PPMate\ppmate.exe:*:Enabled:PPMate" "C:\Program Files\PPMate\ppamnet.exe"="C:\Program Files\PPMate\ppamnet.exe:*:Enabled:PPMate" "C:\Program Files\PPLive\PPLive.exe"="C:\Program Files\PPLive\PPLive.exe:*:Enabled:PPLive" "C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe"="C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe:*:Enabled:Sid Meier's Civilization IV Colonization" "C:\Program Files\RayV\RayV\RayV.dll"="C:\Program Files\RayV\RayV\RayV.dll:*:Enabled:RayV" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" ======List of files/folders created in the last 2 months====== 2010-09-19 17:56:19 ----D---- C:\rsit 2010-09-19 17:56:19 ----D---- C:\Program Files\trend micro 2010-09-19 17:28:46 ----D---- C:\_OTL 2010-09-18 13:49:32 ----A---- C:\WINDOWS\War3Unin.pif 2010-09-18 13:49:31 ----A---- C:\WINDOWS\War3Unin.exe 2010-09-18 13:45:01 ----D---- C:\Program Files\Warcraft III 2010-09-18 02:18:19 ----D---- C:\Documents and Settings\Piotrek\Application Data\FreeFLVConverter 2010-09-16 17:27:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$ 2010-09-16 17:26:58 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$ 2010-09-16 17:26:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$ 2010-09-16 17:26:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$ 2010-09-16 17:26:27 ----HDC---- C:\WINDOWS\$NtUninstallKB982802$ 2010-09-16 17:25:32 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$ 2010-09-16 17:19:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$ 2010-09-13 23:25:06 ----D---- C:\Documents and Settings\Piotrek\Application Data\InstallShield Installation Information 2010-09-13 23:25:01 ----D---- C:\Documents and Settings\Piotrek\Application Data\2K Games 2010-09-13 23:23:53 ----D---- C:\Documents and Settings\Piotrek\Application Data\InstallShield 2010-09-13 23:05:30 ----A---- C:\WINDOWS\system32\LMRTREND.dll 2010-09-13 23:05:28 ----A---- C:\WINDOWS\system32\dxtmsft3.dll 2010-09-13 23:05:20 ----A---- C:\WINDOWS\system32\unam4ie.exe 2010-09-13 23:05:16 ----A---- C:\WINDOWS\system32\vidx16.dll 2010-09-13 23:05:15 ----A---- C:\WINDOWS\system32\qcut.dll 2010-09-13 23:05:14 ----A---- C:\WINDOWS\system32\w95inf32.dll 2010-09-13 23:05:14 ----A---- C:\WINDOWS\system32\w95inf16.dll 2010-09-04 18:31:05 ----A---- C:\WINDOWS\system32\drivers\wstcodec.sys 2010-09-04 18:31:05 ----A---- C:\WINDOWS\system32\drivers\streamip.sys 2010-09-04 18:31:05 ----A---- C:\WINDOWS\system32\drivers\slip.sys 2010-09-04 18:31:05 ----A---- C:\WINDOWS\system32\drivers\ndisip.sys 2010-09-04 18:31:05 ----A---- C:\WINDOWS\system32\drivers\nabtsfec.sys 2010-09-04 18:31:04 ----A---- C:\WINDOWS\system32\drivers\mstee.sys 2010-09-04 18:31:04 ----A---- C:\WINDOWS\system32\drivers\msdv.sys 2010-09-04 18:31:04 ----A---- C:\WINDOWS\system32\drivers\mpe.sys 2010-09-04 18:31:04 ----A---- C:\WINDOWS\system32\drivers\ccdecode.sys 2010-09-04 18:31:04 ----A---- C:\WINDOWS\system32\drivers\bdasup.sys 2010-09-04 18:31:00 ----A---- C:\WINDOWS\system32\dxdllreg.exe 2010-09-02 01:18:45 ----D---- C:\Documents and Settings\Piotrek\Application Data\.freeciv 2010-09-02 01:05:12 ----D---- C:\Documents and Settings\All Users\Application Data\Sun 2010-09-02 01:04:56 ----A---- C:\WINDOWS\system32\javaws.exe 2010-09-02 01:04:56 ----A---- C:\WINDOWS\system32\javaw.exe 2010-09-02 01:04:56 ----A---- C:\WINDOWS\system32\java.exe 2010-09-02 01:04:56 ----A---- C:\WINDOWS\system32\deployJava1.dll 2010-09-02 01:04:32 ----D---- C:\Program Files\Java 2010-08-11 22:01:34 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$ 2010-08-11 22:01:20 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$ 2010-08-11 22:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$ 2010-08-11 22:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$ 2010-08-11 22:00:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$ 2010-08-11 21:59:52 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$ 2010-08-11 21:51:04 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$ 2010-08-03 19:36:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$ 2010-08-03 18:48:44 ----D---- C:\Documents and Settings\Piotrek\Application Data\Ascaron Entertainment ======List of files/folders modified in the last 2 months====== 2010-09-19 17:56:20 ----D---- C:\WINDOWS\Temp 2010-09-19 17:56:19 ----RD---- C:\Program Files 2010-09-19 17:46:30 ----D---- C:\Program Files\Neostrada TP 2010-09-19 17:43:17 ----D---- C:\WINDOWS 2010-09-19 17:42:44 ----D---- C:\WINDOWS\Registration 2010-09-19 17:42:42 ----A---- C:\WINDOWS\ODBC.INI 2010-09-19 17:41:05 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-09-19 17:40:30 ----D---- C:\WINDOWS\system32 2010-09-19 17:14:49 ----D---- C:\WINDOWS\WinSxS 2010-09-19 17:14:21 ----SHD---- C:\WINDOWS\Installer 2010-09-18 13:51:46 ----D---- C:\WINDOWS\system32\CatRoot2 2010-09-18 02:38:03 ----D---- C:\Program Files\Free FLV Converter 2010-09-18 02:16:46 ----D---- C:\Documents and Settings\Piotrek\Application Data\Vso 2010-09-18 01:19:54 ----D---- C:\WINDOWS\Prefetch 2010-09-17 23:05:17 ----D---- C:\Moje statystyki 2010-09-16 17:50:08 ----D---- C:\Program Files\Microsoft Silverlight 2010-09-16 17:27:36 ----A---- C:\WINDOWS\win.ini 2010-09-16 17:27:13 ----HD---- C:\WINDOWS\inf 2010-09-16 17:27:08 ----HD---- C:\WINDOWS\$hf_mig$ 2010-09-16 17:27:05 ----A---- C:\WINDOWS\imsins.BAK 2010-09-16 17:27:03 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-09-16 17:21:53 ----A---- C:\WINDOWS\system32\MRT.exe 2010-09-13 23:33:18 ----HD---- C:\Program Files\InstallShield Installation Information 2010-09-13 23:25:00 ----RSD---- C:\WINDOWS\assembly 2010-09-13 23:25:00 ----D---- C:\WINDOWS\system32\DirectX 2010-09-13 23:05:30 ----D---- C:\Program Files\Windows Media Player 2010-09-13 23:05:20 ----D---- C:\WINDOWS\Help 2010-09-13 22:42:30 ----RSD---- C:\WINDOWS\Fonts 2010-09-13 22:40:08 ----D---- C:\Gry 2010-09-10 20:17:21 ----D---- C:\WINDOWS\system32\wbem 2010-09-10 20:17:20 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-09-10 20:17:18 ----SD---- C:\Documents and Settings\Piotrek\Application Data\Microsoft 2010-09-04 18:31:43 ----D---- C:\WINDOWS\system32\drivers 2010-09-02 01:16:39 ----D---- C:\Pliki z internetu 2010-09-02 01:05:11 ----D---- C:\Program Files\Common Files\Java 2010-08-29 00:46:22 ----D---- C:\Płyty MP3 2010-08-25 19:19:31 ----D---- C:\DOSBox-0.65 2010-08-25 19:10:03 ----D---- C:\DN 2010-08-17 15:17:06 ----A---- C:\WINDOWS\system32\spoolsv.exe 2010-08-14 18:30:16 ----D---- C:\WINDOWS\Microsoft.NET 2010-08-13 05:45:49 ----D---- C:\Garmin 2010-08-11 23:50:28 ----A---- C:\WINDOWS\system32\TubeFinder.exe 2010-08-11 22:04:01 ----D---- C:\Program Files\Internet Explorer 2010-08-11 22:00:47 ----D---- C:\WINDOWS\ie8updates 2010-08-11 22:00:23 ----D---- C:\Program Files\Movie Maker 2010-08-03 19:38:13 ----D---- C:\Program Files\SogouInput 2010-08-03 19:31:21 ----D---- C:\Program Files\AviSynth 2.5 2010-08-03 19:30:40 ----D---- C:\Program Files\Atari 2010-08-03 19:30:03 ----D---- C:\Program Files\Ubisoft 2010-08-03 19:28:38 ----D---- C:\Program Files\Kalypso 2010-08-03 18:41:20 ----D---- C:\Program Files\Common Files\Wise Installation Wizard 2010-07-31 17:51:20 ----D---- C:\Program Files\Empire Interactive 2010-07-27 08:30:35 ----A---- C:\WINDOWS\system32\shell32.dll 2010-07-22 17:49:15 ----A---- C:\WINDOWS\system32\rpcrt4.dll 2010-07-22 07:57:20 ----A---- C:\WINDOWS\system32\xpsp4res.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 DRVMCDB;DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [2005-09-12 89264] R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528] R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2006-03-26 51200] R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-03-13 6656] R1 appdrv01;Application Driver (01); C:\WINDOWS\System32\Drivers\appdrv01.sys [2009-12-15 2915944] R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-08-25 5628] R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-08-25 22684] R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-04-07 114984] R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2010-04-07 55232] R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352] R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592] R1 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-02-16 3642944] R1 VFILT;Outpost Firewall Kernel Driver; \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS [] R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-06-23 21275] R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2004-07-19 16512] R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-03-05 278984] R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-10-06 25628] R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-10-06 2496] R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-10-06 86524] R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-10-06 14684] R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-10-06 6364] R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-10-06 87036] R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-10-06 94332] R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544] R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-04-07 139192] R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2010-04-07 134488] R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-03-05 25416] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-06 12544] R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\netdevio.sys [2003-01-29 12032] R2 s24trans;Transport WLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568] R3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\system32\DRIVERS\alcan5wn.sys [2003-12-08 53600] R3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2003-12-08 70688] R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 BoiHwsetup;Access 32bits INT15 routine; C:\WINDOWS\system32\drivers\BoiHwSetup.sys [2005-06-11 5504] R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2005-09-15 179200] R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2010-04-07 32584] R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2005-12-29 561664] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-11-09 997376] R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-11-09 202240] R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-11 21060] R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160] R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-07-05 47360] R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368] R3 qkbfiltr;Quanta HotKey Keyboard Filter Driver; C:\WINDOWS\system32\drivers\qkbfiltr.sys [2006-01-12 31872] R3 qmofiltr;Quanta HotKey Mouse Filter Driver; C:\WINDOWS\system32\drivers\qmofiltr.sys [2005-05-05 7936] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 191968] R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-11-30 162560] R3 tosrfec;Bluetooth ACPI from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2005-09-09 9344] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-12-05 1428096] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-11-09 723712] R3 X10Hid;X10 Hid Device; C:\WINDOWS\System32\Drivers\x10hid.sys [2005-11-28 7040] S3 ADBLOCK.DLL;Outpost Firewall PlugIn (ADBLOCK.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\ADBLOCK.DLL [] S3 ARP.DLL;Outpost Firewall PlugIn (ARP.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\ARP.DLL [] S3 CONTENT.DLL;Outpost Firewall PlugIn (CONTENT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\CONTENT.DLL [] S3 DNSCACHE.DLL;Outpost Firewall PlugIn (DNSCACHE.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\DNSCACHE.DLL [] S3 FTPFILT.DLL;Outpost Firewall PlugIn (FTPFILT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FTPFILT.DLL [] S3 HTMLFILT.DLL;Outpost Firewall PlugIn (HTMLFILT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\HTMLFILT.DLL [] S3 HTTPFILT.DLL;Outpost Firewall PlugIn (HTTPFILT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\HTTPFILT.DLL [] S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-04 1353820] S3 IMAPFILT.DLL;Outpost Firewall PlugIn (IMAPFILT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\IMAPFILT.DLL [] S3 MAILFILT.DLL;Outpost Firewall PlugIn (MAILFILT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\MAILFILT.DLL [] S3 MEMSWEEP2;MEMSWEEP2; \??\C:\WINDOWS\system32\159.tmp [] S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008] S3 NNTPFILT.DLL;Outpost Firewall PlugIn (NNTPFILT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\NNTPFILT.DLL [] S3 POP3FILT.DLL;Outpost Firewall PlugIn (POP3FILT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\POP3FILT.DLL [] S3 PROTECT.DLL;Outpost Firewall PlugIn (PROTECT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\PROTECT.DLL [] S3 SECRET.DLL;Outpost Firewall PlugIn (SECRET.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\SECRET.DLL [] S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904] S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008] S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS [] S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S4 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-10 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2005-01-18 40960] R2 ehRecvr;Usługa Odbiornik Media Center; C:\WINDOWS\eHome\ehRecvr.exe [2005-10-11 237568] R2 ehSched;Usługa Planowanie nagrywania; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912] R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-04-07 810120] R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-02 153376] R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-02-16 143426] R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164] R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745] R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480] S2 appdrvrem01;Application Driver Auto Removal Service (01); C:\WINDOWS\System32\appdrvrem01.exe [2009-12-15 304528] S2 OutpostFirewall;Outpost Firewall Service; C:\Program Files\Agnitum\Outpost Firewall\outpost.exe [2006-03-30 91648] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-04-07 33560] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-25 156656] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-08-04 38912] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- [/log] [log]OTL logfile created on: 2010-09-19 17:48:07 - Run 2 OTL by OldTimer - Version 3.2.12.1 Folder = C:\Documents and Settings\Piotrek\Desktop Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 022,00 Mb Total Physical Memory | 449,00 Mb Available Physical Memory | 44,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 92,91 Gb Total Space | 12,89 Gb Free Space | 13,87% Space Free | Partition Type: NTFS Drive D: | 632,29 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: PIOTRESZ Current User Name: Piotrek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 60 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-09-19 16:10:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piotrek\Desktop\OTL.exe PRC - [2010-09-02 01:04:40 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-08-17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\Eset\ESET Smart Security\ekrn.exe PRC - [2010-04-07 21:07:04 | 002,145,000 | ---- | M] (ESET) -- C:\Program Files\Eset\ESET Smart Security\egui.exe PRC - [2009-08-06 20:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe PRC - [2009-03-08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe PRC - [2009-02-06 13:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2009-02-06 12:10:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2008-09-25 17:59:14 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2008-04-14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 02:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe PRC - [2008-04-14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 02:12:17 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dllhost.exe PRC - [2008-04-14 02:12:16 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-14 02:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 02:12:12 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2008-04-01 20:49:42 | 000,036,352 | ---- | M] () -- C:\Winamp\winampa.exe PRC - [2006-03-15 19:12:24 | 001,769,472 | ---- | M] (TOSHIBA Inc.) -- C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe PRC - [2006-03-03 01:02:08 | 000,761,948 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2006-03-03 00:50:52 | 000,151,552 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\Toshiba.exe PRC - [2006-02-16 18:34:00 | 000,143,426 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2005-12-05 12:37:40 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe PRC - [2005-11-28 11:41:50 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe PRC - [2005-11-28 11:37:52 | 000,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe PRC - [2005-11-28 11:31:32 | 000,540,745 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe PRC - [2005-11-28 11:29:00 | 000,114,753 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe PRC - [2005-11-28 11:28:14 | 000,217,164 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe PRC - [2005-11-03 01:41:04 | 000,978,944 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe PRC - [2005-10-11 09:40:32 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehrecvr.exe PRC - [2005-10-06 06:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE PRC - [2005-08-05 14:56:34 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehtray.exe PRC - [2005-08-05 14:56:32 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehSched.exe PRC - [2005-08-05 14:56:28 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehmsas.exe PRC - [2005-08-05 14:27:08 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe PRC - [2005-05-13 12:03:16 | 000,118,784 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe PRC - [2005-04-12 13:04:18 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe PRC - [2005-01-18 01:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe PRC - [2004-04-13 07:07:18 | 000,069,632 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe PRC - [2004-01-26 11:38:38 | 000,866,816 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe PRC - [2003-10-16 19:07:12 | 000,626,688 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\NeostradaTP.exe PRC - [2003-10-16 19:07:12 | 000,053,248 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\TaskBarIcon.exe PRC - [2003-10-16 19:07:12 | 000,020,480 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\Watch.exe PRC - [2003-10-16 19:07:10 | 000,200,704 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\ComComp.exe PRC - [2003-10-16 19:07:10 | 000,024,576 | ---- | M] () -- C:\Program Files\Neostrada TP\CnxMon.exe PRC - [2001-11-12 14:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Program Files\Common Files\X10\Common\X10nets.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-09-19 16:10:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piotrek\Desktop\OTL.exe MOD - [2010-07-27 08:30:35 | 008,462,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2010-07-22 17:49:15 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2010-04-16 17:36:56 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll MOD - [2009-12-08 11:23:28 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 10:25:26 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-03-21 16:06:58 | 000,989,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 14:10:48 | 000,714,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2009-02-09 14:10:48 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-10-23 14:36:14 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-04-14 05:42:06 | 000,985,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 02:12:51 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2008-04-14 02:12:45 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 02:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 02:12:08 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 02:12:08 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 02:12:07 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 02:12:03 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 02:12:02 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-04-14 02:12:02 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 02:12:02 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 02:12:01 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 02:11:58 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll MOD - [2008-04-14 02:11:56 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lpk.dll MOD - [2008-04-14 02:11:54 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2008-04-14 02:11:53 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 02:11:51 | 000,792,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-14 02:11:51 | 000,276,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 02:11:50 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 02:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-14 02:10:06 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-04-07 21:10:38 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - [2009-12-15 23:28:31 | 000,304,528 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\WINDOWS\System32\appdrvrem01.exe -- (appdrvrem01) Application Driver Auto Removal Service (01) SRV - [2006-03-30 10:51:44 | 000,091,648 | ---- | M] (Agnitum Ltd.) [Auto | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\outpost.exe -- (OutpostFirewall) SRV - [2005-11-28 11:31:32 | 000,540,745 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R) SRV - [2005-11-28 11:29:00 | 000,114,753 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R) SRV - [2005-11-28 11:28:14 | 000,217,164 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R) SRV - [2005-01-18 01:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs) SRV - [2001-11-12 14:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS -- (UIUSys) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\159.tmp -- (MEMSWEEP2) DRV - [2010-04-07 21:08:08 | 000,055,232 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi) DRV - [2010-04-07 21:08:06 | 000,032,584 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis) DRV - [2010-04-07 21:08:04 | 000,134,488 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw) DRV - [2010-04-07 21:07:08 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010-04-07 21:03:44 | 000,139,192 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2009-12-15 23:28:33 | 002,915,944 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01) DRV - [2008-04-13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008-03-05 19:25:30 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2008-03-05 19:25:29 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2006-03-30 10:53:16 | 000,017,440 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\arp.dll -- (ARP.DLL) Outpost Firewall PlugIn (ARP.DLL) DRV - [2006-03-30 10:53:16 | 000,016,960 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\protect.dll -- (PROTECT.DLL) Outpost Firewall PlugIn (PROTECT.DLL) DRV - [2006-03-30 10:53:16 | 000,009,696 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\secret.dll -- (SECRET.DLL) Outpost Firewall PlugIn (SECRET.DLL) DRV - [2006-03-30 10:53:16 | 000,009,024 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\ftpfilt.dll -- (FTPFILT.DLL) Outpost Firewall PlugIn (FTPFILT.DLL) DRV - [2006-03-30 10:53:16 | 000,007,200 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\imapfilt.dll -- (IMAPFILT.DLL) Outpost Firewall PlugIn (IMAPFILT.DLL) DRV - [2006-03-30 10:53:16 | 000,006,752 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\nntpfilt.dll -- (NNTPFILT.DLL) Outpost Firewall PlugIn (NNTPFILT.DLL) DRV - [2006-03-30 10:53:14 | 000,033,600 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\Adblock.dll -- (ADBLOCK.DLL) Outpost Firewall PlugIn (ADBLOCK.DLL) DRV - [2006-03-30 10:53:14 | 000,014,912 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\mailfilt.dll -- (MAILFILT.DLL) Outpost Firewall PlugIn (MAILFILT.DLL) DRV - [2006-03-30 10:53:14 | 000,011,552 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\htmlfilt.dll -- (HTMLFILT.DLL) Outpost Firewall PlugIn (HTMLFILT.DLL) DRV - [2006-03-30 10:53:14 | 000,009,984 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\pop3filt.dll -- (POP3FILT.DLL) Outpost Firewall PlugIn (POP3FILT.DLL) DRV - [2006-03-30 10:53:14 | 000,004,896 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\Content.dll -- (CONTENT.DLL) Outpost Firewall PlugIn (CONTENT.DLL) DRV - [2006-03-30 10:53:12 | 000,014,304 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\Dnscache.dll -- (DNSCACHE.DLL) Outpost Firewall PlugIn (DNSCACHE.DLL) DRV - [2006-03-30 10:53:12 | 000,013,248 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\Httpfilt.dll -- (HTTPFILT.DLL) Outpost Firewall PlugIn (HTTPFILT.DLL) DRV - [2006-03-30 10:53:04 | 000,125,216 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\FILTNT.SYS -- (VFILT) DRV - [2006-03-26 14:22:14 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2006-03-13 11:38:23 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) DRV - [2006-03-03 00:46:54 | 000,191,968 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2006-02-16 18:34:00 | 003,642,944 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2006-01-12 17:21:18 | 000,031,872 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\qkbfiltr.sys -- (qkbfiltr) DRV - [2005-12-29 23:20:38 | 000,561,664 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService) DRV - [2005-12-05 10:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R) DRV - [2005-11-30 19:12:00 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21) DRV - [2005-11-28 12:09:26 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) DRV - [2005-11-28 11:45:16 | 000,007,040 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\x10hid.sys -- (X10Hid) DRV - [2005-11-09 00:12:00 | 000,997,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV) DRV - [2005-11-09 00:11:00 | 000,723,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2005-11-09 00:11:00 | 000,202,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL) DRV - [2005-10-06 06:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM) DRV - [2005-10-06 06:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M) DRV - [2005-10-06 06:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M) DRV - [2005-10-06 06:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM) DRV - [2005-10-06 06:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM) DRV - [2005-10-06 06:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM) DRV - [2005-10-06 06:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN) DRV - [2005-09-15 03:24:08 | 000,179,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel(R) DRV - [2005-09-12 04:30:00 | 000,089,264 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB) DRV - [2005-09-09 15:47:10 | 000,009,344 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfec.sys -- (tosrfec) DRV - [2005-08-25 13:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM) DRV - [2005-08-25 13:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N) DRV - [2005-08-12 06:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM) DRV - [2005-06-11 06:42:00 | 000,005,504 | ---- | M] (Quanta Computer Corp) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BoiHwSetup.sys -- (BoiHwsetup) DRV - [2005-05-05 15:27:38 | 000,007,936 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\qmofiltr.sys -- (qmofiltr) DRV - [2004-07-19 18:41:48 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32) DRV - [2003-12-08 11:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN) DRV - [2003-12-08 11:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl) DRV - [2003-09-19 02:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc) DRV - [2003-09-11 00:36:54 | 000,021,060 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi) DRV - [2003-01-29 23:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl IE - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Neostrada TP\SearchPageURL.dll () IE - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-04-28 18:25:19 | 000,000,000 | ---D | M] O1 HOSTS File: ([2004-08-10 15:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll () O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll () O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll () O3 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows (R) Server 2003 DDK provider) O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation) O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation) O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [NDSTray.exe] File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe (Agnitum Ltd.) O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe (Agnitum Ltd.) O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [SpeedTouch USB Diagnostics] C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe (THOMSON Telecom Belgium) O4 - HKLM..\Run: [Toshiba Hotkey Utility] C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe (TOSHIBA Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Winamp\winampa.exe () O4 - HKLM..\Run: [WooCnxMon] C:\Program Files\Neostrada TP\CnxMon.exe () O4 - HKLM..\Run: [WOOTASKBARICON] C:\Program Files\Neostrada TP\TaskBarIcon.exe (France Télécom R&D) O4 - HKLM..\Run: [WOOWATCH] C:\Program Files\Neostrada TP\Watch.exe (France Télécom R&D) O4 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data] O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Szybkie dostosowywanie programu Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll (Agnitum Ltd.) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O20 - AppInit_DLLs: (C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll) - C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Agnitum Ltd.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O24 - Desktop WallPaper: C:\Documents and Settings\Piotrek\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Piotrek\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-03-10 16:30:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2002-06-06 14:03:46 | 000,040,960 | R--- | M] () - D:\autoplay.exe -- [ CDFS ] O32 - AutoRun File - [2001-07-23 20:25:04 | 000,000,047 | R--- | M] () - D:\autorun.inf -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-09-19 17:28:46 | 000,000,000 | ---D | C] -- C:\_OTL [2010-09-19 16:10:05 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Piotrek\Desktop\OTL.exe [2010-09-18 13:49:31 | 000,126,976 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe [2010-09-18 13:45:01 | 000,000,000 | ---D | C] -- C:\Program Files\Warcraft III [2010-09-18 02:27:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\My Documents\Nowy folder [2010-09-18 02:18:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Application Data\FreeFLVConverter [2010-09-13 23:25:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Application Data\InstallShield Installation Information [2010-09-13 23:25:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Application Data\2K Games [2010-09-13 23:23:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Application Data\InstallShield [2010-09-13 23:05:30 | 000,140,800 | ---- | C] (The Duck Corporation) -- C:\WINDOWS\System32\tm20dec.ax [2010-09-02 01:18:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Application Data\.freeciv [2010-09-02 01:05:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun [2010-09-02 01:04:32 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2010-08-03 18:48:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\My Documents\Ascaron Entertainment [2010-08-03 18:48:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Application Data\Ascaron Entertainment [2010-07-22 00:47:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Desktop\Filmy [2008-07-05 11:55:53 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Piotrek\Application Data\pcouffin.sys [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-09-19 17:43:17 | 000,045,378 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010-09-19 17:42:53 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-09-19 17:42:42 | 000,000,534 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2010-09-19 17:42:40 | 000,000,049 | ---- | M] () -- C:\WINDOWS\transp.gif [2010-09-19 17:42:36 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-09-19 17:42:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-09-19 17:42:30 | 1071,828,992 | -HS- | M] () -- C:\hiberfil.sys [2010-09-19 17:41:25 | 008,912,896 | -H-- | M] () -- C:\Documents and Settings\Piotrek\NTUSER.DAT [2010-09-19 17:41:01 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Piotrek\ntuser.ini [2010-09-19 17:23:11 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Piotrek\Desktop\RSIT.exe [2010-09-19 16:10:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piotrek\Desktop\OTL.exe [2010-09-18 13:49:38 | 000,016,696 | ---- | M] () -- C:\WINDOWS\War3Unin.dat [2010-09-18 13:49:38 | 000,001,612 | ---- | M] () -- C:\Documents and Settings\Piotrek\Desktop\Warcraft III.lnk [2010-09-18 13:49:32 | 000,002,829 | ---- | M] () -- C:\WINDOWS\War3Unin.pif [2010-09-18 13:49:31 | 000,126,976 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe [2010-09-18 02:20:52 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Piotrek\Desktop\Free FLV Converter.lnk [2010-09-16 17:50:10 | 000,222,432 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-09-16 17:27:36 | 000,000,573 | ---- | M] () -- C:\WINDOWS\win.ini [2010-09-16 17:27:05 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-09-15 04:58:26 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-09-13 23:36:24 | 000,001,817 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Railroad Tycoon 3.lnk [2010-09-13 23:25:09 | 000,002,089 | ---- | M] () -- C:\Documents and Settings\Piotrek\Desktop\Railroads!.lnk [2010-09-13 23:05:27 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\Piotrek\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk [2010-09-13 23:05:27 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\Piotrek\Desktop\Windows Media Player.lnk [2010-09-13 23:05:23 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2010-09-13 23:05:23 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2010-09-10 20:17:21 | 000,444,362 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-09-10 20:17:21 | 000,072,238 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-09-10 20:17:20 | 000,523,092 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-09-10 17:12:22 | 000,107,520 | ---- | M] () -- C:\Documents and Settings\Piotrek\Desktop\Samoloty.xls [2010-09-04 18:22:03 | 000,006,910 | ---- | M] () -- C:\Documents and Settings\Piotrek\Application Data\.freeciv-client-rc-2.2 [2010-08-29 13:15:46 | 002,640,666 | -H-- | M] () -- C:\Documents and Settings\Piotrek\Local Settings\Application Data\IconCache.db [2010-08-23 20:49:19 | 000,002,455 | ---- | M] () -- C:\Documents and Settings\Piotrek\Application Data\Microsoft\Internet Explorer\Quick Launch\Word 2003 (2).lnk [2010-08-15 07:31:02 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Piotrek\Application Data\Microsoft\Internet Explorer\Quick Launch\Excel 2003.lnk [2010-08-14 20:27:29 | 000,020,480 | ---- | M] () -- C:\player0.rep [2010-08-14 20:22:03 | 000,000,008 | ---- | M] () -- C:\player1.rep [2010-08-11 23:50:28 | 000,307,200 | ---- | M] (Koyote Soft - http://www.koyotesoft.com) -- C:\WINDOWS\System32\TubeFinder.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-09-19 17:23:02 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Piotrek\Desktop\RSIT.exe [2010-09-18 13:49:38 | 000,001,612 | ---- | C] () -- C:\Documents and Settings\Piotrek\Desktop\Warcraft III.lnk [2010-09-18 13:49:32 | 000,016,696 | ---- | C] () -- C:\WINDOWS\War3Unin.dat [2010-09-18 13:49:32 | 000,002,829 | ---- | C] () -- C:\WINDOWS\War3Unin.pif [2010-09-18 02:19:15 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Piotrek\Desktop\Free FLV Converter.lnk [2010-09-13 23:36:24 | 000,001,817 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Railroad Tycoon 3.lnk [2010-09-13 23:25:09 | 000,002,089 | ---- | C] () -- C:\Documents and Settings\Piotrek\Desktop\Railroads!.lnk [2010-09-13 23:05:27 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\Piotrek\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk [2010-09-13 23:05:16 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [2010-09-13 23:05:16 | 000,005,672 | ---- | C] () -- C:\WINDOWS\System32\quartz.vxd [2010-09-04 18:31:03 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll [2010-09-04 18:31:03 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax [2010-09-04 18:31:03 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll [2010-09-04 18:31:02 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll [2010-09-04 18:31:02 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll [2010-09-02 01:21:27 | 000,006,910 | ---- | C] () -- C:\Documents and Settings\Piotrek\Application Data\.freeciv-client-rc-2.2 [2010-02-14 23:23:08 | 000,000,032 | ---- | C] () -- C:\WINDOWS\Kit.ini [2010-02-05 19:41:48 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2010-02-05 19:41:48 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2010-02-05 19:41:48 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2010-02-05 19:36:54 | 000,000,025 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2009-04-06 09:05:55 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2009-04-06 09:05:55 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2009-04-06 09:05:54 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2009-04-06 09:05:52 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2009-04-06 09:05:52 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2009-04-06 09:05:52 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2008-09-25 20:14:45 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll [2008-09-25 20:14:45 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll [2008-09-25 20:14:45 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll [2008-09-25 20:14:45 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll [2008-09-25 20:14:45 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll [2008-07-05 11:56:19 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Piotrek\Application Data\pcouffin.log [2008-07-05 11:55:54 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Piotrek\Application Data\inst.exe [2008-07-05 11:55:54 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Piotrek\Application Data\pcouffin.cat [2008-07-05 11:55:53 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Piotrek\Application Data\pcouffin.inf [2008-04-23 18:34:29 | 000,000,066 | ---- | C] () -- C:\WINDOWS\Kingdia DVD to MP3 Ripper.INI [2008-04-20 15:53:29 | 000,000,101 | ---- | C] () -- C:\WINDOWS\powerplayer.ini [2008-04-20 15:53:29 | 000,000,020 | ---- | C] () -- C:\WINDOWS\powerlist.ini [2008-04-20 15:53:09 | 000,000,796 | ---- | C] () -- C:\WINDOWS\psnetwork.ini [2008-03-05 21:49:15 | 000,000,067 | ---- | C] () -- C:\WINDOWS\#1 DVD Audio Ripper.INI [2008-03-05 19:25:30 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2008-03-05 19:25:29 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2008-01-13 18:41:54 | 000,404,992 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2008-01-13 18:41:50 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll [2008-01-13 18:41:49 | 003,097,088 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2008-01-13 18:41:24 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll [2008-01-13 18:41:24 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2008-01-13 18:41:23 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll [2008-01-13 18:41:22 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll [2008-01-13 18:41:20 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\ff_realaac.dll [2008-01-13 18:41:19 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll [2008-01-13 18:41:17 | 000,397,312 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll [2008-01-13 18:41:14 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll [2008-01-13 18:41:12 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll [2008-01-13 18:41:12 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll [2008-01-13 18:41:09 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2008-01-13 18:41:02 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2008-01-13 18:41:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2008-01-13 18:40:54 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2008-01-13 18:40:29 | 001,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2008-01-13 18:40:11 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll [2008-01-13 18:40:10 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\avi.dll [2008-01-13 18:40:09 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\ts.dll [2008-01-13 18:40:07 | 000,142,848 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll [2008-01-13 18:40:06 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll [2008-01-13 18:40:05 | 000,151,040 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll [2008-01-13 18:40:04 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll [2007-03-26 11:45:18 | 000,071,208 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll [2007-02-20 15:59:08 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2007-02-20 15:59:04 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2006-08-05 08:28:43 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll [2006-08-01 23:02:31 | 000,093,184 | ---- | C] () -- C:\Documents and Settings\Piotrek\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006-07-29 20:19:48 | 000,000,155 | ---- | C] () -- C:\WINDOWS\winamp.ini [2006-07-02 19:20:19 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll [2006-06-23 16:19:37 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Piotrek\Local Settings\Application Data\fusioncache.dat [2006-04-06 16:24:20 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006-04-06 16:12:11 | 000,000,466 | ---- | C] () -- C:\WINDOWS\TBTdetect.ini [2006-04-06 16:02:13 | 000,000,534 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006-04-06 15:41:19 | 000,000,222 | ---- | C] () -- C:\WINDOWS\wininit.ini [2006-04-06 15:14:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI [2006-04-06 15:13:41 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2006-04-06 15:13:41 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2006-04-06 15:13:41 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2006-04-06 15:13:41 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2006-04-06 15:13:40 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2006-04-06 15:13:40 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2006-04-06 15:04:09 | 000,012,430 | ---- | C] () -- C:\WINDOWS\HWSetupStr.ini [2006-04-06 15:04:09 | 000,002,070 | R--- | C] () -- C:\WINDOWS\SVPW32Str.ini [2006-04-06 14:50:10 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini [2006-04-06 14:50:10 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll [2006-04-06 14:50:10 | 000,009,348 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini [2006-04-06 14:50:10 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini [2006-03-10 15:13:44 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll [2006-03-10 15:13:43 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2006-01-26 19:03:32 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\TPeculiarity.dll [2005-12-08 20:56:50 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\tsbwls.dll [2005-11-29 05:33:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2005-09-02 15:44:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll [2005-08-05 15:01:54 | 000,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2005-07-22 22:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll [2004-07-20 18:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll [2004-01-15 15:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll [2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002-07-01 16:13:30 | 000,000,243 | -HS- | C] () -- C:\Documents and Settings\Piotrek\Application Data\system16driver.dat [2002-03-21 14:39:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL [2002-03-20 21:01:06 | 000,006,688 | ---- | C] () -- C:\WINDOWS\System32\Digita.sys [2002-03-20 21:00:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportUSB.dll [2002-03-20 21:00:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportSerial.dll [2002-03-20 21:00:18 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportIrDA.dll [2002-03-20 21:00:18 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportIrCOMM.dll [color=#E56717]========== LOP Check ==========[/color] [2006-03-17 23:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\toshiba [2006-07-29 20:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems [2006-12-27 23:34:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Age of Empires 3 [2009-06-27 19:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarWrapper [2010-04-28 18:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET [2008-09-18 19:00:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN [2008-04-26 02:57:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Keronsoft [2008-11-11 12:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9 [2006-07-27 19:54:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OLYMPUS [2008-04-23 19:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2008-07-05 12:42:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk [2006-03-17 23:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\toshiba [2006-03-17 23:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\X10 Commander [2010-09-02 01:20:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\.freeciv [2010-09-13 23:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\2K Games [2006-07-29 20:15:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\ACD Systems [2010-08-03 18:48:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Ascaron Entertainment [2009-12-27 14:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Atari [2007-08-28 05:33:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Black Sea Studios [2010-04-28 18:27:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\ESET [2010-09-18 02:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\FreeFLVConverter [2007-05-15 18:25:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Gadu-Gadu [2008-11-11 12:55:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\GameHouse [2009-10-16 18:15:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\GARMIN [2006-06-23 22:01:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\InterVideo [2009-03-04 21:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\MagicMatch [2006-06-23 19:59:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\My Games [2010-01-05 22:46:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Outlook AutoConfig [2008-04-20 15:54:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\PPMate [2008-04-20 16:30:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\ppstream [2009-05-10 14:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\RayV [2008-12-15 20:04:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Red Alert 3 [2009-03-04 21:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Saqqarah [2007-12-15 13:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Sierra Entertainment [2008-04-27 22:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\SogouPY [2008-05-03 17:23:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Spamihilator [2009-03-04 21:47:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\StoneLoops [2009-03-04 21:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\StoneLoops! [2008-08-10 13:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Summer Athletics 2008 [2006-03-17 23:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\toshiba [2010-05-30 00:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\uTorrent [2010-09-18 02:16:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Vso [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2006-03-10 16:30:56 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2006-06-23 16:18:19 | 000,000,209 | RHS- | M] () -- C:\boot.ini [2006-03-10 16:30:56 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-09-19 17:42:30 | 1071,828,992 | -HS- | M] () -- C:\hiberfil.sys [2008-05-04 07:57:36 | 000,000,204 | ---- | M] () -- C:\INSTALL.LOG [2006-03-10 16:30:56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2006-03-10 16:30:56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-10 15:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008-07-16 03:32:48 | 000,250,048 | RHS- | M] () -- C:\ntldr [2010-09-19 17:42:28 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys [2010-08-14 20:27:29 | 000,020,480 | ---- | M] () -- C:\player0.rep [2010-08-14 20:22:03 | 000,000,008 | ---- | M] () -- C:\player1.rep [2006-04-08 01:44:56 | 000,000,395 | -H-- | M] () -- C:\SWSTAMP.TXT [2009-12-15 22:30:57 | 000,000,011 | ---- | M] () -- C:\trace.ini [2002-07-01 16:13:30 | 000,000,218 | -HS- | M] () -- C:\vvs_v107.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-10 15:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\I386\sp2.cab:agp440.sys [2004-08-10 15:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2008-07-16 03:26:42 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-07-16 03:26:42 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys [2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-10 15:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys [2004-08-10 15:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008-07-16 03:26:42 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-07-16 03:26:42 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004-08-10 15:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2004-08-10 15:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-10 15:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\I386\sp2.cab:cdrom.sys [2004-08-10 15:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008-07-16 03:26:42 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-07-16 03:26:42 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2004-08-10 15:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008-04-14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll [2004-08-10 15:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2004-08-10 15:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-10 15:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008-04-14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008-04-14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe < End of report > [/log]
Tomek01 komentarz 19 września 2010 komentarz 19 września 2010 Tak więc podczas edycji wątku, w pełnym edytorze, masz opcję wstaw log i sprawa załatwiona. Albo wystarczy pomiędzy dwoma symbolami [b][log][/b] wstawić treść log'u.Logi są czyste. Search Setting usunięte. W OTL zastosuj opcję Clean Up w celu usunięcia pozostałości po sprzątaniu. Powodzenia.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.