x-kom hosting

Kolejna ofiara Search Setting

hajnel29
utworzono
utworzono

Witam,
Jestem kolejną ofiarą Search Settingu 1.2.3 i to ofiarą która liczy na Waszą pomoc.
Mam nadzieję że dobrze wkleiłem plik OTL

Pozdrawiam
hajnel29


[log]OTL logfile created on: 2010-09-19 16:13:05 - Run 1
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Documents and Settings\Piotrek\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1 022,00 Mb Total Physical Memory | 322,00 Mb Available Physical Memory | 32,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 92,91 Gb Total Space | 8,79 Gb Free Space | 9,46% Space Free | Partition Type: NTFS
Drive D: | 632,29 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PIOTRESZ
Current User Name: Piotrek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-09-19 16:10:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piotrek\Desktop\OTL.exe
PRC - [2010-09-02 01:04:40 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-08-17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\Eset\ESET Smart Security\ekrn.exe
PRC - [2010-04-07 21:07:04 | 002,145,000 | ---- | M] (ESET) -- C:\Program Files\Eset\ESET Smart Security\egui.exe
PRC - [2010-01-08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2009-03-08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009-02-06 13:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-09-25 17:59:14 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008-04-14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 02:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2008-04-14 02:12:28 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msiexec.exe
PRC - [2008-04-14 02:12:28 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe
PRC - [2008-04-14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 02:12:17 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dllhost.exe
PRC - [2008-04-14 02:12:16 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 02:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 02:12:12 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2008-04-01 20:49:42 | 000,036,352 | ---- | M] () -- C:\Winamp\winampa.exe
PRC - [2006-03-15 19:12:24 | 001,769,472 | ---- | M] (TOSHIBA Inc.) -- C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
PRC - [2006-03-03 01:02:08 | 000,761,948 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2006-03-03 00:50:52 | 000,151,552 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\Toshiba.exe
PRC - [2005-12-05 12:37:40 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2005-11-28 11:41:50 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2005-11-28 11:37:52 | 000,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2005-11-28 11:31:32 | 000,540,745 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2005-11-28 11:29:00 | 000,114,753 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2005-11-28 11:28:14 | 000,217,164 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2005-11-04 00:22:28 | 000,159,744 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
PRC - [2005-11-03 01:41:04 | 000,978,944 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
PRC - [2005-10-11 09:40:32 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehrecvr.exe
PRC - [2005-10-06 06:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005-08-05 14:56:34 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehtray.exe
PRC - [2005-08-05 14:56:32 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehSched.exe
PRC - [2005-08-05 14:56:28 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehmsas.exe
PRC - [2005-08-05 14:27:08 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe
PRC - [2005-05-13 12:03:16 | 000,118,784 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe
PRC - [2005-04-12 13:04:18 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2005-01-18 01:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2004-04-13 07:07:18 | 000,069,632 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2004-01-26 11:38:38 | 000,866,816 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe
PRC - [2003-10-16 19:07:12 | 000,626,688 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\NeostradaTP.exe
PRC - [2003-10-16 19:07:12 | 000,053,248 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\TaskBarIcon.exe
PRC - [2003-10-16 19:07:12 | 000,020,480 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\Watch.exe
PRC - [2003-10-16 19:07:10 | 000,200,704 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\ComComp.exe
PRC - [2001-11-12 14:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Program Files\Common Files\X10\Common\X10nets.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-09-19 16:10:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piotrek\Desktop\OTL.exe
MOD - [2010-07-27 08:30:35 | 008,462,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2010-07-22 17:49:15 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2010-04-16 17:36:56 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll
MOD - [2009-12-08 11:23:28 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 10:25:26 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-03-21 16:06:58 | 000,989,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 14:10:48 | 000,714,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2009-02-09 14:10:48 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-10-23 14:36:14 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 05:42:06 | 000,985,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 02:12:51 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2008-04-14 02:12:45 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 02:12:09 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 02:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 02:12:08 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 02:12:08 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 02:12:07 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 02:12:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 02:12:03 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 02:12:02 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 02:12:02 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 02:12:02 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 02:12:02 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 02:12:01 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 02:11:58 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 02:11:56 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lpk.dll
MOD - [2008-04-14 02:11:54 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 02:11:53 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 02:11:51 | 000,792,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 02:11:51 | 000,276,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 02:11:50 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 02:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 02:10:06 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-04-07 21:10:38 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2010-01-08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2009-12-15 23:28:31 | 000,304,528 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\WINDOWS\System32\appdrvrem01.exe -- (appdrvrem01) Application Driver Auto Removal Service (01)
SRV - [2006-03-30 10:51:44 | 000,091,648 | ---- | M] (Agnitum Ltd.) [Auto | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\outpost.exe -- (OutpostFirewall)
SRV - [2005-11-28 11:31:32 | 000,540,745 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2005-11-28 11:29:00 | 000,114,753 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2005-11-28 11:28:14 | 000,217,164 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2005-01-18 01:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2001-11-12 14:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\159.tmp -- (MEMSWEEP2)
DRV - [2010-04-07 21:08:08 | 000,055,232 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2010-04-07 21:08:06 | 000,032,584 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2010-04-07 21:08:04 | 000,134,488 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2010-04-07 21:07:08 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010-04-07 21:03:44 | 000,139,192 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009-12-15 23:28:33 | 002,915,944 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01)
DRV - [2008-04-13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008-03-05 19:25:30 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2008-03-05 19:25:29 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2006-03-30 10:53:16 | 000,017,440 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\arp.dll -- (ARP.DLL) Outpost Firewall PlugIn (ARP.DLL)
DRV - [2006-03-30 10:53:16 | 000,016,960 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\protect.dll -- (PROTECT.DLL) Outpost Firewall PlugIn (PROTECT.DLL)
DRV - [2006-03-30 10:53:16 | 000,009,696 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\secret.dll -- (SECRET.DLL) Outpost Firewall PlugIn (SECRET.DLL)
DRV - [2006-03-30 10:53:16 | 000,009,024 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\ftpfilt.dll -- (FTPFILT.DLL) Outpost Firewall PlugIn (FTPFILT.DLL)
DRV - [2006-03-30 10:53:16 | 000,007,200 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\imapfilt.dll -- (IMAPFILT.DLL) Outpost Firewall PlugIn (IMAPFILT.DLL)
DRV - [2006-03-30 10:53:16 | 000,006,752 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\nntpfilt.dll -- (NNTPFILT.DLL) Outpost Firewall PlugIn (NNTPFILT.DLL)
DRV - [2006-03-30 10:53:14 | 000,033,600 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\Adblock.dll -- (ADBLOCK.DLL) Outpost Firewall PlugIn (ADBLOCK.DLL)
DRV - [2006-03-30 10:53:14 | 000,014,912 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\mailfilt.dll -- (MAILFILT.DLL) Outpost Firewall PlugIn (MAILFILT.DLL)
DRV - [2006-03-30 10:53:14 | 000,011,552 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\htmlfilt.dll -- (HTMLFILT.DLL) Outpost Firewall PlugIn (HTMLFILT.DLL)
DRV - [2006-03-30 10:53:14 | 000,009,984 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\pop3filt.dll -- (POP3FILT.DLL) Outpost Firewall PlugIn (POP3FILT.DLL)
DRV - [2006-03-30 10:53:14 | 000,004,896 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\Content.dll -- (CONTENT.DLL) Outpost Firewall PlugIn (CONTENT.DLL)
DRV - [2006-03-30 10:53:12 | 000,014,304 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\Dnscache.dll -- (DNSCACHE.DLL) Outpost Firewall PlugIn (DNSCACHE.DLL)
DRV - [2006-03-30 10:53:12 | 000,013,248 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\Httpfilt.dll -- (HTTPFILT.DLL) Outpost Firewall PlugIn (HTTPFILT.DLL)
DRV - [2006-03-30 10:53:04 | 000,125,216 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\FILTNT.SYS -- (VFILT)
DRV - [2006-03-26 14:22:14 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006-03-13 11:38:23 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2006-03-03 00:46:54 | 000,191,968 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006-02-16 18:34:00 | 003,642,944 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006-01-12 17:21:18 | 000,031,872 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\qkbfiltr.sys -- (qkbfiltr)
DRV - [2005-12-29 23:20:38 | 000,561,664 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2005-12-05 10:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2005-11-30 19:12:00 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005-11-28 12:09:26 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005-11-28 11:45:16 | 000,007,040 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\x10hid.sys -- (X10Hid)
DRV - [2005-11-09 00:12:00 | 000,997,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005-11-09 00:11:00 | 000,723,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005-11-09 00:11:00 | 000,202,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005-10-06 06:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005-10-06 06:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005-10-06 06:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005-10-06 06:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005-10-06 06:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005-10-06 06:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005-10-06 06:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005-09-15 03:24:08 | 000,179,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel(R)
DRV - [2005-09-12 04:30:00 | 000,089,264 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2005-09-09 15:47:10 | 000,009,344 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2005-08-25 13:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005-08-25 13:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005-08-12 06:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2005-06-11 06:42:00 | 000,005,504 | ---- | M] (Quanta Computer Corp) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BoiHwSetup.sys -- (BoiHwsetup)
DRV - [2005-05-05 15:27:38 | 000,007,936 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\qmofiltr.sys -- (qmofiltr)
DRV - [2004-07-19 18:41:48 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2003-12-08 11:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2003-12-08 11:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
DRV - [2003-09-19 02:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003-09-11 00:36:54 | 000,021,060 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi)
DRV - [2003-01-29 23:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl
IE - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Neostrada TP\SearchPageURL.dll ()
IE - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Value error. File not found
IE - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-04-28 18:25:19 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2004-08-10 15:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll File not found
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll File not found
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SpeedTouch USB Diagnostics] C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe (THOMSON Telecom Belgium)
O4 - HKLM..\Run: [Toshiba Hotkey Utility] C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe (TOSHIBA Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Winamp\winampa.exe ()
O4 - HKLM..\Run: [WooCnxMon] C:\Program Files\Neostrada TP\CnxMon.exe ()
O4 - HKLM..\Run: [WOOTASKBARICON] C:\Program Files\Neostrada TP\TaskBarIcon.exe (France Télécom R&D)
O4 - HKLM..\Run: [WOOWATCH] C:\Program Files\Neostrada TP\Watch.exe (France Télécom R&D)
O4 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Szybkie dostosowywanie programu Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll (Agnitum Ltd.)
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O20 - AppInit_DLLs: (C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll) - C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Agnitum Ltd.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Piotrek\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Piotrek\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-03-10 16:30:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002-06-06 14:03:46 | 000,040,960 | R--- | M] () - D:\autoplay.exe -- [ CDFS ]
O32 - AutoRun File - [2001-07-23 20:25:04 | 000,000,047 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{43532e0a-608c-11de-b0a8-0013022d6e72}\Shell - "" = AutoRun
O33 - MountPoints2\{43532e0a-608c-11de-b0a8-0013022d6e72}\Shell\AutoRun\command - "" = D:\autoplay.exe -- [2002-06-06 14:03:46 | 000,040,960 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-09-19 16:10:05 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Piotrek\Desktop\OTL.exe
[2010-09-18 13:49:31 | 000,126,976 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2010-09-18 13:45:01 | 000,000,000 | ---D | C] -- C:\Program Files\Warcraft III
[2010-09-18 02:27:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\My Documents\Nowy folder
[2010-09-18 02:18:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Application Data\FreeFLVConverter
[2010-09-13 23:25:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Application Data\InstallShield Installation Information
[2010-09-13 23:25:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Application Data\2K Games
[2010-09-13 23:23:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Application Data\InstallShield
[2010-09-13 23:05:30 | 000,140,800 | ---- | C] (The Duck Corporation) -- C:\WINDOWS\System32\tm20dec.ax
[2010-09-02 01:18:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Application Data\.freeciv
[2010-09-02 01:05:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010-09-02 01:04:32 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010-08-03 18:48:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\My Documents\Ascaron Entertainment
[2010-08-03 18:48:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Application Data\Ascaron Entertainment
[2010-07-22 00:47:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Desktop\Filmy
[2008-07-05 11:55:53 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Piotrek\Application Data\pcouffin.sys
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-09-19 16:15:23 | 008,912,896 | -H-- | M] () -- C:\Documents and Settings\Piotrek\NTUSER.DAT
[2010-09-19 16:10:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piotrek\Desktop\OTL.exe
[2010-09-18 13:49:38 | 000,016,696 | ---- | M] () -- C:\WINDOWS\War3Unin.dat
[2010-09-18 13:49:38 | 000,001,612 | ---- | M] () -- C:\Documents and Settings\Piotrek\Desktop\Warcraft III.lnk
[2010-09-18 13:49:32 | 000,002,829 | ---- | M] () -- C:\WINDOWS\War3Unin.pif
[2010-09-18 13:49:31 | 000,126,976 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2010-09-18 02:20:52 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Piotrek\Desktop\Free FLV Converter.lnk
[2010-09-16 17:52:08 | 000,000,534 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010-09-16 17:50:59 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-09-16 17:50:26 | 000,000,049 | ---- | M] () -- C:\WINDOWS\transp.gif
[2010-09-16 17:50:22 | 000,045,378 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-09-16 17:50:17 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-09-16 17:50:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-09-16 17:50:10 | 1071,828,992 | -HS- | M] () -- C:\hiberfil.sys
[2010-09-16 17:50:10 | 000,222,432 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-09-16 17:48:34 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Piotrek\ntuser.ini
[2010-09-16 17:27:36 | 000,000,573 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-09-16 17:27:05 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-09-15 04:58:26 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-09-13 23:36:24 | 000,001,817 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Railroad Tycoon 3.lnk
[2010-09-13 23:25:09 | 000,002,089 | ---- | M] () -- C:\Documents and Settings\Piotrek\Desktop\Railroads!.lnk
[2010-09-13 23:05:27 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\Piotrek\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010-09-13 23:05:27 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\Piotrek\Desktop\Windows Media Player.lnk
[2010-09-13 23:05:23 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010-09-13 23:05:23 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010-09-10 20:17:21 | 000,444,362 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-09-10 20:17:21 | 000,072,238 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-09-10 20:17:20 | 000,523,092 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-09-10 17:12:22 | 000,107,520 | ---- | M] () -- C:\Documents and Settings\Piotrek\Desktop\Samoloty.xls
[2010-09-04 18:22:03 | 000,006,910 | ---- | M] () -- C:\Documents and Settings\Piotrek\Application Data\.freeciv-client-rc-2.2
[2010-08-29 13:15:46 | 002,640,666 | -H-- | M] () -- C:\Documents and Settings\Piotrek\Local Settings\Application Data\IconCache.db
[2010-08-23 20:49:19 | 000,002,455 | ---- | M] () -- C:\Documents and Settings\Piotrek\Application Data\Microsoft\Internet Explorer\Quick Launch\Word 2003 (2).lnk
[2010-08-15 07:31:02 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Piotrek\Application Data\Microsoft\Internet Explorer\Quick Launch\Excel 2003.lnk
[2010-08-14 20:27:29 | 000,020,480 | ---- | M] () -- C:\player0.rep
[2010-08-14 20:22:03 | 000,000,008 | ---- | M] () -- C:\player1.rep
[2010-08-11 23:50:28 | 000,307,200 | ---- | M] (Koyote Soft - http://www.koyotesoft.com) -- C:\WINDOWS\System32\TubeFinder.exe
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-09-18 13:49:38 | 000,001,612 | ---- | C] () -- C:\Documents and Settings\Piotrek\Desktop\Warcraft III.lnk
[2010-09-18 13:49:32 | 000,016,696 | ---- | C] () -- C:\WINDOWS\War3Unin.dat
[2010-09-18 13:49:32 | 000,002,829 | ---- | C] () -- C:\WINDOWS\War3Unin.pif
[2010-09-18 02:19:15 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Piotrek\Desktop\Free FLV Converter.lnk
[2010-09-13 23:36:24 | 000,001,817 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Railroad Tycoon 3.lnk
[2010-09-13 23:25:09 | 000,002,089 | ---- | C] () -- C:\Documents and Settings\Piotrek\Desktop\Railroads!.lnk
[2010-09-13 23:05:27 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\Piotrek\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010-09-13 23:05:16 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2010-09-13 23:05:16 | 000,005,672 | ---- | C] () -- C:\WINDOWS\System32\quartz.vxd
[2010-09-04 18:31:03 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
[2010-09-04 18:31:03 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax
[2010-09-04 18:31:03 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll
[2010-09-04 18:31:02 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll
[2010-09-04 18:31:02 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
[2010-09-02 01:21:27 | 000,006,910 | ---- | C] () -- C:\Documents and Settings\Piotrek\Application Data\.freeciv-client-rc-2.2
[2010-02-14 23:23:08 | 000,000,032 | ---- | C] () -- C:\WINDOWS\Kit.ini
[2010-02-05 19:41:48 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2010-02-05 19:41:48 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2010-02-05 19:41:48 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2010-02-05 19:36:54 | 000,000,025 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009-04-06 09:05:55 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009-04-06 09:05:55 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009-04-06 09:05:54 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009-04-06 09:05:52 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009-04-06 09:05:52 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2009-04-06 09:05:52 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2008-09-25 20:14:45 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2008-09-25 20:14:45 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2008-09-25 20:14:45 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2008-09-25 20:14:45 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2008-09-25 20:14:45 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2008-07-05 11:56:19 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Piotrek\Application Data\pcouffin.log
[2008-07-05 11:55:54 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Piotrek\Application Data\inst.exe
[2008-07-05 11:55:54 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Piotrek\Application Data\pcouffin.cat
[2008-07-05 11:55:53 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Piotrek\Application Data\pcouffin.inf
[2008-04-23 18:34:29 | 000,000,066 | ---- | C] () -- C:\WINDOWS\Kingdia DVD to MP3 Ripper.INI
[2008-04-20 15:53:29 | 000,000,101 | ---- | C] () -- C:\WINDOWS\powerplayer.ini
[2008-04-20 15:53:29 | 000,000,020 | ---- | C] () -- C:\WINDOWS\powerlist.ini
[2008-04-20 15:53:09 | 000,000,796 | ---- | C] () -- C:\WINDOWS\psnetwork.ini
[2008-03-05 21:49:15 | 000,000,067 | ---- | C] () -- C:\WINDOWS\#1 DVD Audio Ripper.INI
[2008-03-05 19:25:30 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2008-03-05 19:25:29 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2008-01-13 18:41:54 | 000,404,992 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008-01-13 18:41:50 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2008-01-13 18:41:49 | 003,097,088 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008-01-13 18:41:24 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2008-01-13 18:41:24 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008-01-13 18:41:23 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2008-01-13 18:41:22 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008-01-13 18:41:20 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\ff_realaac.dll
[2008-01-13 18:41:19 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2008-01-13 18:41:17 | 000,397,312 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2008-01-13 18:41:14 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2008-01-13 18:41:12 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2008-01-13 18:41:12 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2008-01-13 18:41:09 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2008-01-13 18:41:02 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2008-01-13 18:41:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2008-01-13 18:40:54 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2008-01-13 18:40:29 | 001,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008-01-13 18:40:11 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2008-01-13 18:40:10 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2008-01-13 18:40:09 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2008-01-13 18:40:07 | 000,142,848 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2008-01-13 18:40:06 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2008-01-13 18:40:05 | 000,151,040 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2008-01-13 18:40:04 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2007-03-26 11:45:18 | 000,071,208 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007-02-20 15:59:08 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007-02-20 15:59:04 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2006-08-05 08:28:43 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2006-08-01 23:02:31 | 000,093,184 | ---- | C] () -- C:\Documents and Settings\Piotrek\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006-07-29 20:19:48 | 000,000,155 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2006-07-02 19:20:19 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll
[2006-06-23 16:19:37 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Piotrek\Local Settings\Application Data\fusioncache.dat
[2006-04-06 16:24:20 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006-04-06 16:12:11 | 000,000,466 | ---- | C] () -- C:\WINDOWS\TBTdetect.ini
[2006-04-06 16:02:13 | 000,000,534 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006-04-06 15:41:19 | 000,000,222 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006-04-06 15:14:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2006-04-06 15:13:41 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006-04-06 15:13:41 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006-04-06 15:13:41 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006-04-06 15:13:41 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006-04-06 15:13:40 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006-04-06 15:13:40 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006-04-06 15:04:09 | 000,012,430 | ---- | C] () -- C:\WINDOWS\HWSetupStr.ini
[2006-04-06 15:04:09 | 000,002,070 | R--- | C] () -- C:\WINDOWS\SVPW32Str.ini
[2006-04-06 14:50:10 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2006-04-06 14:50:10 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2006-04-06 14:50:10 | 000,009,348 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2006-04-06 14:50:10 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2006-03-10 15:13:44 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll
[2006-03-10 15:13:43 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006-01-26 19:03:32 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\TPeculiarity.dll
[2005-12-08 20:56:50 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\tsbwls.dll
[2005-11-29 05:33:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005-09-02 15:44:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005-08-05 15:01:54 | 000,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005-07-22 22:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004-07-20 18:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004-01-15 15:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002-07-01 16:13:30 | 000,000,243 | -HS- | C] () -- C:\Documents and Settings\Piotrek\Application Data\system16driver.dat
[2002-03-21 14:39:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[2002-03-20 21:01:06 | 000,006,688 | ---- | C] () -- C:\WINDOWS\System32\Digita.sys
[2002-03-20 21:00:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportUSB.dll
[2002-03-20 21:00:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportSerial.dll
[2002-03-20 21:00:18 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportIrDA.dll
[2002-03-20 21:00:18 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportIrCOMM.dll

[color=#E56717]========== LOP Check ==========[/color]

[2006-03-17 23:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\toshiba
[2006-07-29 20:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2006-12-27 23:34:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Age of Empires 3
[2009-06-27 19:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarWrapper
[2010-04-28 18:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2008-09-18 19:00:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2008-04-26 02:57:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Keronsoft
[2008-11-11 12:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2006-07-27 19:54:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OLYMPUS
[2008-04-23 19:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008-07-05 12:42:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2006-03-17 23:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\toshiba
[2006-03-17 23:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\X10 Commander
[2010-09-02 01:20:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\.freeciv
[2010-09-13 23:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\2K Games
[2006-07-29 20:15:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\ACD Systems
[2010-08-03 18:48:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Ascaron Entertainment
[2009-12-27 14:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Atari
[2007-08-28 05:33:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Black Sea Studios
[2010-01-10 22:45:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Dealio
[2010-04-28 18:27:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\ESET
[2010-09-18 02:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\FreeFLVConverter
[2007-05-15 18:25:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Gadu-Gadu
[2008-11-11 12:55:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\GameHouse
[2009-10-16 18:15:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\GARMIN
[2006-06-23 22:01:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\InterVideo
[2009-03-04 21:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\MagicMatch
[2006-06-23 19:59:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\My Games
[2010-01-05 22:46:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Outlook AutoConfig
[2008-04-20 15:54:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\PPMate
[2008-04-20 16:30:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\ppstream
[2009-05-10 14:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\RayV
[2008-12-15 20:04:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Red Alert 3
[2009-03-04 21:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Saqqarah
[2010-09-19 16:09:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Search Settings
[2007-12-15 13:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Sierra Entertainment
[2008-04-27 22:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\SogouPY
[2008-05-03 17:23:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Spamihilator
[2009-03-04 21:47:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\StoneLoops
[2009-03-04 21:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\StoneLoops!
[2008-08-10 13:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Summer Athletics 2008
[2006-03-17 23:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\toshiba
[2010-05-30 00:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\uTorrent
[2010-09-18 02:16:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Vso

[color=#E56717]========== Purity Check ==========[/color]


< End of report >
[/log]

[color="#FF0000"]//Logi wklejamy w tagi [log]
//Zmieniam
//Tom01[/color]

Tomek01
komentarz
komentarz

Odinstaluj:Winamp Toolbar, Dealio Toolbar, Search Settings (jeśli jest w panelu dodaj/usuń)

W OTL, w oknie Custom scan/fixes wklej:
[code]:Processes
Explorer.exe

:OTL

PRC - [2010-01-08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
SRV - [2010-01-08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll File not found
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll File not found
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

:Files
C:\Documents and Settings\Piotrek\Application Data\Search Settings

:Commands
[emptytemp]
[start explorer]
[Reboot]
[/code]
Klikasz run fix, komputer uruchamia się ponownie.


Wrzucasz log z usuwania oraz nowe logi OTL i RSIT.

hajnel29
komentarz
komentarz

Odinstalowałem, wkleiłem, zrestartowałem i chyba się udało
Chłopie, wiem że dla Ciebie to pewno rutyna, zwyczajna rzecz taka porada ale jestem starej daty (49 lat)i choć komputer używam do czasów Spectrum to moja wiedza to w miarę dobrze windows i office więc proszę bez obrazy że tacy jak ja działamy dla Was fachowców nieco denerwująco
Szacunek mój dla Twojej wiedzy jest gigantyczny
co to znaczy logi wklejamy w tagi - wkleiłem tam gdzie pisze załącz ten plik


[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by Piotrek at 2010-09-19 17:56:19
Microsoft Windows XP Professional Service Pack 3
System drive C: has 13 GB (14%) free of 95 GB
Total RAM: 1022 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:56:30, on 2010-09-19
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\PROGRA~1\NEOSTR~1\CnxMon.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Winamp\winampa.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Neostrada TP\NeostradaTP.exe
C:\Program Files\Neostrada TP\ComComp.exe
C:\Program Files\Neostrada TP\Watch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Piotrek\Desktop\OTL.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\notepad.exe
C:\Documents and Settings\Piotrek\Desktop\RSIT.exe
C:\Program Files\trend micro\Piotrek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://szukaj.wp.pl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=488
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Toshiba Hotkey Utility] "C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe" /lang PL
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
O4 - HKLM\..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dump:os_startup
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [WinampAgent] C:\Winamp\winampa.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Szybkie dostosowywanie programu Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{C0F58EFD-36FA-4E22-BDD2-962E6E330B2A}: NameServer = 194.204.152.34 194.204.159.1
O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\WINDOWS\System32\appdrvrem01.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 10306 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2005-10-06 110652]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-09-25 193136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-03 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-02 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-02 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-09-25 193136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\CHDAudPropShortcut.exe [2005-12-29 61952]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-03 761948]
"Toshiba Hotkey Utility"=C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe [2006-03-15 1769472]
"NDSTray.exe"=NDSTray.exe []
"SmoothView"=C:\Program Files\TOSHIBA\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe [2005-05-13 118784]
"DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2005-10-06 122940]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2005-12-05 667718]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2005-11-28 602182]
"WooCnxMon"=C:\PROGRA~1\NEOSTR~1\CnxMon.exe [2003-10-16 24576]
"SpeedTouch USB Diagnostics"=C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [2004-01-26 866816]
"WOOWATCH"=C:\PROGRA~1\NEOSTR~1\Watch.exe [2003-10-16 20480]
"WOOTASKBARICON"=C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe [2003-10-16 53248]
"OutpostFeedBack"=C:\Program Files\Agnitum\Outpost Firewall\feedback.exe [2006-05-11 356420]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-04-17 196608]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-04-13 69632]
"WinampAgent"=C:\Winamp\winampa.exe [2008-04-01 36352]
"nwiz"=nwiz.exe /installquiet []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-02-16 7557120]
"Outpost Firewall"=C:\Program Files\Agnitum\Outpost Firewall\outpost.exe [2006-03-30 91648]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-04-07 2145000]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2005-04-12 65536]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-09-25 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-11-04 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x95000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Telewizje internetowe\PPStream\PPStream.exe"="C:\Telewizje internetowe\PPStream\PPStream.exe:*:Enabled:PPStream"
"C:\Telewizje internetowe\PPLive\PPLive.exe"="C:\Telewizje internetowe\PPLive\PPLive.exe:*:Enabled:PPLive"
"C:\TELEWI~1\PCast\PODCAS~1\PODCAS~2.EXE"="C:\TELEWI~1\PCast\PODCAS~1\PODCAS~2.EXE:*:Enabled:Share Streaming"
"C:\Telewizje internetowe\PCast\PodcastbarMini\PodcastBarMini.exe"="C:\Telewizje internetowe\PCast\PodcastbarMini\PodcastBarMini.exe:*:Enabled:Share Streaming"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\Program Files\PPMate\ppmate.exe"="C:\Program Files\PPMate\ppmate.exe:*:Enabled:PPMate"
"C:\Program Files\PPMate\ppamnet.exe"="C:\Program Files\PPMate\ppamnet.exe:*:Enabled:PPMate"
"C:\Program Files\PPLive\PPLive.exe"="C:\Program Files\PPLive\PPLive.exe:*:Enabled:PPLive"
"C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe"="C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe:*:Enabled:Sid Meier's Civilization IV Colonization"
"C:\Program Files\RayV\RayV\RayV.dll"="C:\Program Files\RayV\RayV\RayV.dll:*:Enabled:RayV"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 2 months======

2010-09-19 17:56:19 ----D---- C:\rsit
2010-09-19 17:56:19 ----D---- C:\Program Files\trend micro
2010-09-19 17:28:46 ----D---- C:\_OTL
2010-09-18 13:49:32 ----A---- C:\WINDOWS\War3Unin.pif
2010-09-18 13:49:31 ----A---- C:\WINDOWS\War3Unin.exe
2010-09-18 13:45:01 ----D---- C:\Program Files\Warcraft III
2010-09-18 02:18:19 ----D---- C:\Documents and Settings\Piotrek\Application Data\FreeFLVConverter
2010-09-16 17:27:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2010-09-16 17:26:58 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2010-09-16 17:26:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2010-09-16 17:26:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2010-09-16 17:26:27 ----HDC---- C:\WINDOWS\$NtUninstallKB982802$
2010-09-16 17:25:32 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2010-09-16 17:19:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$
2010-09-13 23:25:06 ----D---- C:\Documents and Settings\Piotrek\Application Data\InstallShield Installation Information
2010-09-13 23:25:01 ----D---- C:\Documents and Settings\Piotrek\Application Data\2K Games
2010-09-13 23:23:53 ----D---- C:\Documents and Settings\Piotrek\Application Data\InstallShield
2010-09-13 23:05:30 ----A---- C:\WINDOWS\system32\LMRTREND.dll
2010-09-13 23:05:28 ----A---- C:\WINDOWS\system32\dxtmsft3.dll
2010-09-13 23:05:20 ----A---- C:\WINDOWS\system32\unam4ie.exe
2010-09-13 23:05:16 ----A---- C:\WINDOWS\system32\vidx16.dll
2010-09-13 23:05:15 ----A---- C:\WINDOWS\system32\qcut.dll
2010-09-13 23:05:14 ----A---- C:\WINDOWS\system32\w95inf32.dll
2010-09-13 23:05:14 ----A---- C:\WINDOWS\system32\w95inf16.dll
2010-09-04 18:31:05 ----A---- C:\WINDOWS\system32\drivers\wstcodec.sys
2010-09-04 18:31:05 ----A---- C:\WINDOWS\system32\drivers\streamip.sys
2010-09-04 18:31:05 ----A---- C:\WINDOWS\system32\drivers\slip.sys
2010-09-04 18:31:05 ----A---- C:\WINDOWS\system32\drivers\ndisip.sys
2010-09-04 18:31:05 ----A---- C:\WINDOWS\system32\drivers\nabtsfec.sys
2010-09-04 18:31:04 ----A---- C:\WINDOWS\system32\drivers\mstee.sys
2010-09-04 18:31:04 ----A---- C:\WINDOWS\system32\drivers\msdv.sys
2010-09-04 18:31:04 ----A---- C:\WINDOWS\system32\drivers\mpe.sys
2010-09-04 18:31:04 ----A---- C:\WINDOWS\system32\drivers\ccdecode.sys
2010-09-04 18:31:04 ----A---- C:\WINDOWS\system32\drivers\bdasup.sys
2010-09-04 18:31:00 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2010-09-02 01:18:45 ----D---- C:\Documents and Settings\Piotrek\Application Data\.freeciv
2010-09-02 01:05:12 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2010-09-02 01:04:56 ----A---- C:\WINDOWS\system32\javaws.exe
2010-09-02 01:04:56 ----A---- C:\WINDOWS\system32\javaw.exe
2010-09-02 01:04:56 ----A---- C:\WINDOWS\system32\java.exe
2010-09-02 01:04:56 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-09-02 01:04:32 ----D---- C:\Program Files\Java
2010-08-11 22:01:34 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-08-11 22:01:20 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-08-11 22:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-08-11 22:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-08-11 22:00:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-08-11 21:59:52 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-08-11 21:51:04 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-08-03 19:36:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-08-03 18:48:44 ----D---- C:\Documents and Settings\Piotrek\Application Data\Ascaron Entertainment

======List of files/folders modified in the last 2 months======

2010-09-19 17:56:20 ----D---- C:\WINDOWS\Temp
2010-09-19 17:56:19 ----RD---- C:\Program Files
2010-09-19 17:46:30 ----D---- C:\Program Files\Neostrada TP
2010-09-19 17:43:17 ----D---- C:\WINDOWS
2010-09-19 17:42:44 ----D---- C:\WINDOWS\Registration
2010-09-19 17:42:42 ----A---- C:\WINDOWS\ODBC.INI
2010-09-19 17:41:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-19 17:40:30 ----D---- C:\WINDOWS\system32
2010-09-19 17:14:49 ----D---- C:\WINDOWS\WinSxS
2010-09-19 17:14:21 ----SHD---- C:\WINDOWS\Installer
2010-09-18 13:51:46 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-18 02:38:03 ----D---- C:\Program Files\Free FLV Converter
2010-09-18 02:16:46 ----D---- C:\Documents and Settings\Piotrek\Application Data\Vso
2010-09-18 01:19:54 ----D---- C:\WINDOWS\Prefetch
2010-09-17 23:05:17 ----D---- C:\Moje statystyki
2010-09-16 17:50:08 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-16 17:27:36 ----A---- C:\WINDOWS\win.ini
2010-09-16 17:27:13 ----HD---- C:\WINDOWS\inf
2010-09-16 17:27:08 ----HD---- C:\WINDOWS\$hf_mig$
2010-09-16 17:27:05 ----A---- C:\WINDOWS\imsins.BAK
2010-09-16 17:27:03 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-09-16 17:21:53 ----A---- C:\WINDOWS\system32\MRT.exe
2010-09-13 23:33:18 ----HD---- C:\Program Files\InstallShield Installation Information
2010-09-13 23:25:00 ----RSD---- C:\WINDOWS\assembly
2010-09-13 23:25:00 ----D---- C:\WINDOWS\system32\DirectX
2010-09-13 23:05:30 ----D---- C:\Program Files\Windows Media Player
2010-09-13 23:05:20 ----D---- C:\WINDOWS\Help
2010-09-13 22:42:30 ----RSD---- C:\WINDOWS\Fonts
2010-09-13 22:40:08 ----D---- C:\Gry
2010-09-10 20:17:21 ----D---- C:\WINDOWS\system32\wbem
2010-09-10 20:17:20 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-09-10 20:17:18 ----SD---- C:\Documents and Settings\Piotrek\Application Data\Microsoft
2010-09-04 18:31:43 ----D---- C:\WINDOWS\system32\drivers
2010-09-02 01:16:39 ----D---- C:\Pliki z internetu
2010-09-02 01:05:11 ----D---- C:\Program Files\Common Files\Java
2010-08-29 00:46:22 ----D---- C:\Płyty MP3
2010-08-25 19:19:31 ----D---- C:\DOSBox-0.65
2010-08-25 19:10:03 ----D---- C:\DN
2010-08-17 15:17:06 ----A---- C:\WINDOWS\system32\spoolsv.exe
2010-08-14 18:30:16 ----D---- C:\WINDOWS\Microsoft.NET
2010-08-13 05:45:49 ----D---- C:\Garmin
2010-08-11 23:50:28 ----A---- C:\WINDOWS\system32\TubeFinder.exe
2010-08-11 22:04:01 ----D---- C:\Program Files\Internet Explorer
2010-08-11 22:00:47 ----D---- C:\WINDOWS\ie8updates
2010-08-11 22:00:23 ----D---- C:\Program Files\Movie Maker
2010-08-03 19:38:13 ----D---- C:\Program Files\SogouInput
2010-08-03 19:31:21 ----D---- C:\Program Files\AviSynth 2.5
2010-08-03 19:30:40 ----D---- C:\Program Files\Atari
2010-08-03 19:30:03 ----D---- C:\Program Files\Ubisoft
2010-08-03 19:28:38 ----D---- C:\Program Files\Kalypso
2010-08-03 18:41:20 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-07-31 17:51:20 ----D---- C:\Program Files\Empire Interactive
2010-07-27 08:30:35 ----A---- C:\WINDOWS\system32\shell32.dll
2010-07-22 17:49:15 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2010-07-22 07:57:20 ----A---- C:\WINDOWS\system32\xpsp4res.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 DRVMCDB;DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [2005-09-12 89264]
R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2006-03-26 51200]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-03-13 6656]
R1 appdrv01;Application Driver (01); C:\WINDOWS\System32\Drivers\appdrv01.sys [2009-12-15 2915944]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-08-25 5628]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-08-25 22684]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-04-07 114984]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2010-04-07 55232]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-02-16 3642944]
R1 VFILT;Outpost Firewall Kernel Driver; \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-06-23 21275]
R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2004-07-19 16512]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-03-05 278984]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-10-06 25628]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-10-06 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-10-06 86524]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-10-06 14684]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-10-06 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-10-06 87036]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-10-06 94332]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-04-07 139192]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2010-04-07 134488]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-03-05 25416]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-06 12544]
R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\netdevio.sys [2003-01-29 12032]
R2 s24trans;Transport WLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]
R3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\system32\DRIVERS\alcan5wn.sys [2003-12-08 53600]
R3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2003-12-08 70688]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 BoiHwsetup;Access 32bits INT15 routine; C:\WINDOWS\system32\drivers\BoiHwSetup.sys [2005-06-11 5504]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2005-09-15 179200]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2010-04-07 32584]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2005-12-29 561664]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-11-09 997376]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-11-09 202240]
R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-11 21060]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-07-05 47360]
R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]
R3 qkbfiltr;Quanta HotKey Keyboard Filter Driver; C:\WINDOWS\system32\drivers\qkbfiltr.sys [2006-01-12 31872]
R3 qmofiltr;Quanta HotKey Mouse Filter Driver; C:\WINDOWS\system32\drivers\qmofiltr.sys [2005-05-05 7936]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 191968]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-11-30 162560]
R3 tosrfec;Bluetooth ACPI from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2005-09-09 9344]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-12-05 1428096]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-11-09 723712]
R3 X10Hid;X10 Hid Device; C:\WINDOWS\System32\Drivers\x10hid.sys [2005-11-28 7040]
S3 ADBLOCK.DLL;Outpost Firewall PlugIn (ADBLOCK.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\ADBLOCK.DLL []
S3 ARP.DLL;Outpost Firewall PlugIn (ARP.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\ARP.DLL []
S3 CONTENT.DLL;Outpost Firewall PlugIn (CONTENT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\CONTENT.DLL []
S3 DNSCACHE.DLL;Outpost Firewall PlugIn (DNSCACHE.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\DNSCACHE.DLL []
S3 FTPFILT.DLL;Outpost Firewall PlugIn (FTPFILT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FTPFILT.DLL []
S3 HTMLFILT.DLL;Outpost Firewall PlugIn (HTMLFILT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\HTMLFILT.DLL []
S3 HTTPFILT.DLL;Outpost Firewall PlugIn (HTTPFILT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\HTTPFILT.DLL []
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-04 1353820]
S3 IMAPFILT.DLL;Outpost Firewall PlugIn (IMAPFILT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\IMAPFILT.DLL []
S3 MAILFILT.DLL;Outpost Firewall PlugIn (MAILFILT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\MAILFILT.DLL []
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\WINDOWS\system32\159.tmp []
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 NNTPFILT.DLL;Outpost Firewall PlugIn (NNTPFILT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\NNTPFILT.DLL []
S3 POP3FILT.DLL;Outpost Firewall PlugIn (POP3FILT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\POP3FILT.DLL []
S3 PROTECT.DLL;Outpost Firewall PlugIn (PROTECT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\PROTECT.DLL []
S3 SECRET.DLL;Outpost Firewall PlugIn (SECRET.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\SECRET.DLL []
S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-10 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2005-01-18 40960]
R2 ehRecvr;Usługa Odbiornik Media Center; C:\WINDOWS\eHome\ehRecvr.exe [2005-10-11 237568]
R2 ehSched;Usługa Planowanie nagrywania; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-04-07 810120]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-02 153376]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-02-16 143426]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]
R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:\WINDOWS\System32\appdrvrem01.exe [2009-12-15 304528]
S2 OutpostFirewall;Outpost Firewall Service; C:\Program Files\Agnitum\Outpost Firewall\outpost.exe [2006-03-30 91648]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-04-07 33560]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-25 156656]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-08-04 38912]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
[/log]

[log]OTL logfile created on: 2010-09-19 17:48:07 - Run 2
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Documents and Settings\Piotrek\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1 022,00 Mb Total Physical Memory | 449,00 Mb Available Physical Memory | 44,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 92,91 Gb Total Space | 12,89 Gb Free Space | 13,87% Space Free | Partition Type: NTFS
Drive D: | 632,29 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PIOTRESZ
Current User Name: Piotrek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-09-19 16:10:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piotrek\Desktop\OTL.exe
PRC - [2010-09-02 01:04:40 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-08-17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\Eset\ESET Smart Security\ekrn.exe
PRC - [2010-04-07 21:07:04 | 002,145,000 | ---- | M] (ESET) -- C:\Program Files\Eset\ESET Smart Security\egui.exe
PRC - [2009-08-06 20:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
PRC - [2009-03-08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009-02-06 13:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2009-02-06 12:10:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2008-09-25 17:59:14 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008-04-14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 02:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2008-04-14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 02:12:17 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dllhost.exe
PRC - [2008-04-14 02:12:16 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 02:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 02:12:12 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2008-04-01 20:49:42 | 000,036,352 | ---- | M] () -- C:\Winamp\winampa.exe
PRC - [2006-03-15 19:12:24 | 001,769,472 | ---- | M] (TOSHIBA Inc.) -- C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
PRC - [2006-03-03 01:02:08 | 000,761,948 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2006-03-03 00:50:52 | 000,151,552 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\Toshiba.exe
PRC - [2006-02-16 18:34:00 | 000,143,426 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2005-12-05 12:37:40 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2005-11-28 11:41:50 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2005-11-28 11:37:52 | 000,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2005-11-28 11:31:32 | 000,540,745 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2005-11-28 11:29:00 | 000,114,753 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2005-11-28 11:28:14 | 000,217,164 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2005-11-03 01:41:04 | 000,978,944 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
PRC - [2005-10-11 09:40:32 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehrecvr.exe
PRC - [2005-10-06 06:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005-08-05 14:56:34 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehtray.exe
PRC - [2005-08-05 14:56:32 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehSched.exe
PRC - [2005-08-05 14:56:28 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehmsas.exe
PRC - [2005-08-05 14:27:08 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe
PRC - [2005-05-13 12:03:16 | 000,118,784 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe
PRC - [2005-04-12 13:04:18 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2005-01-18 01:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2004-04-13 07:07:18 | 000,069,632 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2004-01-26 11:38:38 | 000,866,816 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe
PRC - [2003-10-16 19:07:12 | 000,626,688 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\NeostradaTP.exe
PRC - [2003-10-16 19:07:12 | 000,053,248 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\TaskBarIcon.exe
PRC - [2003-10-16 19:07:12 | 000,020,480 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\Watch.exe
PRC - [2003-10-16 19:07:10 | 000,200,704 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\ComComp.exe
PRC - [2003-10-16 19:07:10 | 000,024,576 | ---- | M] () -- C:\Program Files\Neostrada TP\CnxMon.exe
PRC - [2001-11-12 14:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Program Files\Common Files\X10\Common\X10nets.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-09-19 16:10:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piotrek\Desktop\OTL.exe
MOD - [2010-07-27 08:30:35 | 008,462,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2010-07-22 17:49:15 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2010-04-16 17:36:56 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll
MOD - [2009-12-08 11:23:28 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 10:25:26 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-03-21 16:06:58 | 000,989,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 14:10:48 | 000,714,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2009-02-09 14:10:48 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-10-23 14:36:14 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 05:42:06 | 000,985,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 02:12:51 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2008-04-14 02:12:45 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 02:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 02:12:08 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 02:12:08 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 02:12:07 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 02:12:03 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 02:12:02 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 02:12:02 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 02:12:02 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 02:12:01 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 02:11:58 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 02:11:56 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lpk.dll
MOD - [2008-04-14 02:11:54 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 02:11:53 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 02:11:51 | 000,792,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 02:11:51 | 000,276,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 02:11:50 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 02:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 02:10:06 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-04-07 21:10:38 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2009-12-15 23:28:31 | 000,304,528 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\WINDOWS\System32\appdrvrem01.exe -- (appdrvrem01) Application Driver Auto Removal Service (01)
SRV - [2006-03-30 10:51:44 | 000,091,648 | ---- | M] (Agnitum Ltd.) [Auto | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\outpost.exe -- (OutpostFirewall)
SRV - [2005-11-28 11:31:32 | 000,540,745 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2005-11-28 11:29:00 | 000,114,753 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2005-11-28 11:28:14 | 000,217,164 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2005-01-18 01:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2001-11-12 14:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\159.tmp -- (MEMSWEEP2)
DRV - [2010-04-07 21:08:08 | 000,055,232 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2010-04-07 21:08:06 | 000,032,584 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2010-04-07 21:08:04 | 000,134,488 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2010-04-07 21:07:08 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010-04-07 21:03:44 | 000,139,192 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009-12-15 23:28:33 | 002,915,944 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01)
DRV - [2008-04-13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008-03-05 19:25:30 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2008-03-05 19:25:29 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2006-03-30 10:53:16 | 000,017,440 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\arp.dll -- (ARP.DLL) Outpost Firewall PlugIn (ARP.DLL)
DRV - [2006-03-30 10:53:16 | 000,016,960 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\protect.dll -- (PROTECT.DLL) Outpost Firewall PlugIn (PROTECT.DLL)
DRV - [2006-03-30 10:53:16 | 000,009,696 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\secret.dll -- (SECRET.DLL) Outpost Firewall PlugIn (SECRET.DLL)
DRV - [2006-03-30 10:53:16 | 000,009,024 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\ftpfilt.dll -- (FTPFILT.DLL) Outpost Firewall PlugIn (FTPFILT.DLL)
DRV - [2006-03-30 10:53:16 | 000,007,200 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\imapfilt.dll -- (IMAPFILT.DLL) Outpost Firewall PlugIn (IMAPFILT.DLL)
DRV - [2006-03-30 10:53:16 | 000,006,752 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\nntpfilt.dll -- (NNTPFILT.DLL) Outpost Firewall PlugIn (NNTPFILT.DLL)
DRV - [2006-03-30 10:53:14 | 000,033,600 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\Adblock.dll -- (ADBLOCK.DLL) Outpost Firewall PlugIn (ADBLOCK.DLL)
DRV - [2006-03-30 10:53:14 | 000,014,912 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\mailfilt.dll -- (MAILFILT.DLL) Outpost Firewall PlugIn (MAILFILT.DLL)
DRV - [2006-03-30 10:53:14 | 000,011,552 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\htmlfilt.dll -- (HTMLFILT.DLL) Outpost Firewall PlugIn (HTMLFILT.DLL)
DRV - [2006-03-30 10:53:14 | 000,009,984 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\pop3filt.dll -- (POP3FILT.DLL) Outpost Firewall PlugIn (POP3FILT.DLL)
DRV - [2006-03-30 10:53:14 | 000,004,896 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\Content.dll -- (CONTENT.DLL) Outpost Firewall PlugIn (CONTENT.DLL)
DRV - [2006-03-30 10:53:12 | 000,014,304 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\Dnscache.dll -- (DNSCACHE.DLL) Outpost Firewall PlugIn (DNSCACHE.DLL)
DRV - [2006-03-30 10:53:12 | 000,013,248 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\Httpfilt.dll -- (HTTPFILT.DLL) Outpost Firewall PlugIn (HTTPFILT.DLL)
DRV - [2006-03-30 10:53:04 | 000,125,216 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Program Files\Agnitum\Outpost Firewall\Kernel\FILTNT.SYS -- (VFILT)
DRV - [2006-03-26 14:22:14 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006-03-13 11:38:23 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2006-03-03 00:46:54 | 000,191,968 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006-02-16 18:34:00 | 003,642,944 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006-01-12 17:21:18 | 000,031,872 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\qkbfiltr.sys -- (qkbfiltr)
DRV - [2005-12-29 23:20:38 | 000,561,664 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2005-12-05 10:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2005-11-30 19:12:00 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005-11-28 12:09:26 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005-11-28 11:45:16 | 000,007,040 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\x10hid.sys -- (X10Hid)
DRV - [2005-11-09 00:12:00 | 000,997,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005-11-09 00:11:00 | 000,723,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005-11-09 00:11:00 | 000,202,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005-10-06 06:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005-10-06 06:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005-10-06 06:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005-10-06 06:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005-10-06 06:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005-10-06 06:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005-10-06 06:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005-09-15 03:24:08 | 000,179,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel(R)
DRV - [2005-09-12 04:30:00 | 000,089,264 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2005-09-09 15:47:10 | 000,009,344 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2005-08-25 13:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005-08-25 13:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005-08-12 06:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2005-06-11 06:42:00 | 000,005,504 | ---- | M] (Quanta Computer Corp) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BoiHwSetup.sys -- (BoiHwsetup)
DRV - [2005-05-05 15:27:38 | 000,007,936 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\qmofiltr.sys -- (qmofiltr)
DRV - [2004-07-19 18:41:48 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2003-12-08 11:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2003-12-08 11:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
DRV - [2003-09-19 02:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003-09-11 00:36:54 | 000,021,060 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi)
DRV - [2003-01-29 23:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl
IE - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Neostrada TP\SearchPageURL.dll ()
IE - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-04-28 18:25:19 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2004-08-10 15:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SpeedTouch USB Diagnostics] C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe (THOMSON Telecom Belgium)
O4 - HKLM..\Run: [Toshiba Hotkey Utility] C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe (TOSHIBA Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Winamp\winampa.exe ()
O4 - HKLM..\Run: [WooCnxMon] C:\Program Files\Neostrada TP\CnxMon.exe ()
O4 - HKLM..\Run: [WOOTASKBARICON] C:\Program Files\Neostrada TP\TaskBarIcon.exe (France Télécom R&D)
O4 - HKLM..\Run: [WOOWATCH] C:\Program Files\Neostrada TP\Watch.exe (France Télécom R&D)
O4 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1215245922-841117272-1315235893-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Szybkie dostosowywanie programu Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll (Agnitum Ltd.)
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O20 - AppInit_DLLs: (C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll) - C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Agnitum Ltd.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Piotrek\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Piotrek\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-03-10 16:30:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002-06-06 14:03:46 | 000,040,960 | R--- | M] () - D:\autoplay.exe -- [ CDFS ]
O32 - AutoRun File - [2001-07-23 20:25:04 | 000,000,047 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-09-19 17:28:46 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-09-19 16:10:05 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Piotrek\Desktop\OTL.exe
[2010-09-18 13:49:31 | 000,126,976 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2010-09-18 13:45:01 | 000,000,000 | ---D | C] -- C:\Program Files\Warcraft III
[2010-09-18 02:27:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\My Documents\Nowy folder
[2010-09-18 02:18:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Application Data\FreeFLVConverter
[2010-09-13 23:25:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Application Data\InstallShield Installation Information
[2010-09-13 23:25:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Application Data\2K Games
[2010-09-13 23:23:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Application Data\InstallShield
[2010-09-13 23:05:30 | 000,140,800 | ---- | C] (The Duck Corporation) -- C:\WINDOWS\System32\tm20dec.ax
[2010-09-02 01:18:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Application Data\.freeciv
[2010-09-02 01:05:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010-09-02 01:04:32 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010-08-03 18:48:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\My Documents\Ascaron Entertainment
[2010-08-03 18:48:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Application Data\Ascaron Entertainment
[2010-07-22 00:47:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Piotrek\Desktop\Filmy
[2008-07-05 11:55:53 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Piotrek\Application Data\pcouffin.sys

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-09-19 17:43:17 | 000,045,378 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-09-19 17:42:53 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-09-19 17:42:42 | 000,000,534 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010-09-19 17:42:40 | 000,000,049 | ---- | M] () -- C:\WINDOWS\transp.gif
[2010-09-19 17:42:36 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-09-19 17:42:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-09-19 17:42:30 | 1071,828,992 | -HS- | M] () -- C:\hiberfil.sys
[2010-09-19 17:41:25 | 008,912,896 | -H-- | M] () -- C:\Documents and Settings\Piotrek\NTUSER.DAT
[2010-09-19 17:41:01 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Piotrek\ntuser.ini
[2010-09-19 17:23:11 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Piotrek\Desktop\RSIT.exe
[2010-09-19 16:10:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Piotrek\Desktop\OTL.exe
[2010-09-18 13:49:38 | 000,016,696 | ---- | M] () -- C:\WINDOWS\War3Unin.dat
[2010-09-18 13:49:38 | 000,001,612 | ---- | M] () -- C:\Documents and Settings\Piotrek\Desktop\Warcraft III.lnk
[2010-09-18 13:49:32 | 000,002,829 | ---- | M] () -- C:\WINDOWS\War3Unin.pif
[2010-09-18 13:49:31 | 000,126,976 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2010-09-18 02:20:52 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Piotrek\Desktop\Free FLV Converter.lnk
[2010-09-16 17:50:10 | 000,222,432 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-09-16 17:27:36 | 000,000,573 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-09-16 17:27:05 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-09-15 04:58:26 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-09-13 23:36:24 | 000,001,817 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Railroad Tycoon 3.lnk
[2010-09-13 23:25:09 | 000,002,089 | ---- | M] () -- C:\Documents and Settings\Piotrek\Desktop\Railroads!.lnk
[2010-09-13 23:05:27 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\Piotrek\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010-09-13 23:05:27 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\Piotrek\Desktop\Windows Media Player.lnk
[2010-09-13 23:05:23 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010-09-13 23:05:23 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010-09-10 20:17:21 | 000,444,362 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-09-10 20:17:21 | 000,072,238 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-09-10 20:17:20 | 000,523,092 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-09-10 17:12:22 | 000,107,520 | ---- | M] () -- C:\Documents and Settings\Piotrek\Desktop\Samoloty.xls
[2010-09-04 18:22:03 | 000,006,910 | ---- | M] () -- C:\Documents and Settings\Piotrek\Application Data\.freeciv-client-rc-2.2
[2010-08-29 13:15:46 | 002,640,666 | -H-- | M] () -- C:\Documents and Settings\Piotrek\Local Settings\Application Data\IconCache.db
[2010-08-23 20:49:19 | 000,002,455 | ---- | M] () -- C:\Documents and Settings\Piotrek\Application Data\Microsoft\Internet Explorer\Quick Launch\Word 2003 (2).lnk
[2010-08-15 07:31:02 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Piotrek\Application Data\Microsoft\Internet Explorer\Quick Launch\Excel 2003.lnk
[2010-08-14 20:27:29 | 000,020,480 | ---- | M] () -- C:\player0.rep
[2010-08-14 20:22:03 | 000,000,008 | ---- | M] () -- C:\player1.rep
[2010-08-11 23:50:28 | 000,307,200 | ---- | M] (Koyote Soft - http://www.koyotesoft.com) -- C:\WINDOWS\System32\TubeFinder.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-09-19 17:23:02 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Piotrek\Desktop\RSIT.exe
[2010-09-18 13:49:38 | 000,001,612 | ---- | C] () -- C:\Documents and Settings\Piotrek\Desktop\Warcraft III.lnk
[2010-09-18 13:49:32 | 000,016,696 | ---- | C] () -- C:\WINDOWS\War3Unin.dat
[2010-09-18 13:49:32 | 000,002,829 | ---- | C] () -- C:\WINDOWS\War3Unin.pif
[2010-09-18 02:19:15 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Piotrek\Desktop\Free FLV Converter.lnk
[2010-09-13 23:36:24 | 000,001,817 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Railroad Tycoon 3.lnk
[2010-09-13 23:25:09 | 000,002,089 | ---- | C] () -- C:\Documents and Settings\Piotrek\Desktop\Railroads!.lnk
[2010-09-13 23:05:27 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\Piotrek\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010-09-13 23:05:16 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2010-09-13 23:05:16 | 000,005,672 | ---- | C] () -- C:\WINDOWS\System32\quartz.vxd
[2010-09-04 18:31:03 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
[2010-09-04 18:31:03 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax
[2010-09-04 18:31:03 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll
[2010-09-04 18:31:02 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll
[2010-09-04 18:31:02 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
[2010-09-02 01:21:27 | 000,006,910 | ---- | C] () -- C:\Documents and Settings\Piotrek\Application Data\.freeciv-client-rc-2.2
[2010-02-14 23:23:08 | 000,000,032 | ---- | C] () -- C:\WINDOWS\Kit.ini
[2010-02-05 19:41:48 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2010-02-05 19:41:48 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2010-02-05 19:41:48 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2010-02-05 19:36:54 | 000,000,025 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009-04-06 09:05:55 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009-04-06 09:05:55 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009-04-06 09:05:54 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009-04-06 09:05:52 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009-04-06 09:05:52 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2009-04-06 09:05:52 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2008-09-25 20:14:45 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2008-09-25 20:14:45 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2008-09-25 20:14:45 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2008-09-25 20:14:45 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2008-09-25 20:14:45 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2008-07-05 11:56:19 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Piotrek\Application Data\pcouffin.log
[2008-07-05 11:55:54 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Piotrek\Application Data\inst.exe
[2008-07-05 11:55:54 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Piotrek\Application Data\pcouffin.cat
[2008-07-05 11:55:53 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Piotrek\Application Data\pcouffin.inf
[2008-04-23 18:34:29 | 000,000,066 | ---- | C] () -- C:\WINDOWS\Kingdia DVD to MP3 Ripper.INI
[2008-04-20 15:53:29 | 000,000,101 | ---- | C] () -- C:\WINDOWS\powerplayer.ini
[2008-04-20 15:53:29 | 000,000,020 | ---- | C] () -- C:\WINDOWS\powerlist.ini
[2008-04-20 15:53:09 | 000,000,796 | ---- | C] () -- C:\WINDOWS\psnetwork.ini
[2008-03-05 21:49:15 | 000,000,067 | ---- | C] () -- C:\WINDOWS\#1 DVD Audio Ripper.INI
[2008-03-05 19:25:30 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2008-03-05 19:25:29 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2008-01-13 18:41:54 | 000,404,992 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008-01-13 18:41:50 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2008-01-13 18:41:49 | 003,097,088 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008-01-13 18:41:24 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2008-01-13 18:41:24 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008-01-13 18:41:23 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2008-01-13 18:41:22 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008-01-13 18:41:20 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\ff_realaac.dll
[2008-01-13 18:41:19 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2008-01-13 18:41:17 | 000,397,312 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2008-01-13 18:41:14 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2008-01-13 18:41:12 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2008-01-13 18:41:12 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2008-01-13 18:41:09 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2008-01-13 18:41:02 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2008-01-13 18:41:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2008-01-13 18:40:54 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2008-01-13 18:40:29 | 001,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008-01-13 18:40:11 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2008-01-13 18:40:10 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2008-01-13 18:40:09 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2008-01-13 18:40:07 | 000,142,848 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2008-01-13 18:40:06 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2008-01-13 18:40:05 | 000,151,040 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2008-01-13 18:40:04 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2007-03-26 11:45:18 | 000,071,208 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007-02-20 15:59:08 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007-02-20 15:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007-02-20 15:59:04 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2006-08-05 08:28:43 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2006-08-01 23:02:31 | 000,093,184 | ---- | C] () -- C:\Documents and Settings\Piotrek\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006-07-29 20:19:48 | 000,000,155 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2006-07-02 19:20:19 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll
[2006-06-23 16:19:37 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Piotrek\Local Settings\Application Data\fusioncache.dat
[2006-04-06 16:24:20 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006-04-06 16:12:11 | 000,000,466 | ---- | C] () -- C:\WINDOWS\TBTdetect.ini
[2006-04-06 16:02:13 | 000,000,534 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006-04-06 15:41:19 | 000,000,222 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006-04-06 15:14:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2006-04-06 15:13:41 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006-04-06 15:13:41 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006-04-06 15:13:41 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006-04-06 15:13:41 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006-04-06 15:13:40 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006-04-06 15:13:40 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006-04-06 15:04:09 | 000,012,430 | ---- | C] () -- C:\WINDOWS\HWSetupStr.ini
[2006-04-06 15:04:09 | 000,002,070 | R--- | C] () -- C:\WINDOWS\SVPW32Str.ini
[2006-04-06 14:50:10 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2006-04-06 14:50:10 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2006-04-06 14:50:10 | 000,009,348 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2006-04-06 14:50:10 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2006-03-10 15:13:44 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll
[2006-03-10 15:13:43 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006-01-26 19:03:32 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\TPeculiarity.dll
[2005-12-08 20:56:50 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\tsbwls.dll
[2005-11-29 05:33:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005-09-02 15:44:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005-08-05 15:01:54 | 000,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005-07-22 22:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004-07-20 18:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004-01-15 15:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002-07-01 16:13:30 | 000,000,243 | -HS- | C] () -- C:\Documents and Settings\Piotrek\Application Data\system16driver.dat
[2002-03-21 14:39:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[2002-03-20 21:01:06 | 000,006,688 | ---- | C] () -- C:\WINDOWS\System32\Digita.sys
[2002-03-20 21:00:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportUSB.dll
[2002-03-20 21:00:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportSerial.dll
[2002-03-20 21:00:18 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportIrDA.dll
[2002-03-20 21:00:18 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportIrCOMM.dll

[color=#E56717]========== LOP Check ==========[/color]

[2006-03-17 23:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\toshiba
[2006-07-29 20:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2006-12-27 23:34:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Age of Empires 3
[2009-06-27 19:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarWrapper
[2010-04-28 18:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2008-09-18 19:00:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2008-04-26 02:57:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Keronsoft
[2008-11-11 12:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2006-07-27 19:54:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OLYMPUS
[2008-04-23 19:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008-07-05 12:42:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2006-03-17 23:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\toshiba
[2006-03-17 23:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\X10 Commander
[2010-09-02 01:20:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\.freeciv
[2010-09-13 23:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\2K Games
[2006-07-29 20:15:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\ACD Systems
[2010-08-03 18:48:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Ascaron Entertainment
[2009-12-27 14:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Atari
[2007-08-28 05:33:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Black Sea Studios
[2010-04-28 18:27:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\ESET
[2010-09-18 02:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\FreeFLVConverter
[2007-05-15 18:25:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Gadu-Gadu
[2008-11-11 12:55:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\GameHouse
[2009-10-16 18:15:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\GARMIN
[2006-06-23 22:01:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\InterVideo
[2009-03-04 21:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\MagicMatch
[2006-06-23 19:59:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\My Games
[2010-01-05 22:46:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Outlook AutoConfig
[2008-04-20 15:54:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\PPMate
[2008-04-20 16:30:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\ppstream
[2009-05-10 14:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\RayV
[2008-12-15 20:04:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Red Alert 3
[2009-03-04 21:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Saqqarah
[2007-12-15 13:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Sierra Entertainment
[2008-04-27 22:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\SogouPY
[2008-05-03 17:23:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Spamihilator
[2009-03-04 21:47:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\StoneLoops
[2009-03-04 21:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\StoneLoops!
[2008-08-10 13:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Summer Athletics 2008
[2006-03-17 23:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\toshiba
[2010-05-30 00:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\uTorrent
[2010-09-18 02:16:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Piotrek\Application Data\Vso

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2006-03-10 16:30:56 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2006-06-23 16:18:19 | 000,000,209 | RHS- | M] () -- C:\boot.ini
[2006-03-10 16:30:56 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-09-19 17:42:30 | 1071,828,992 | -HS- | M] () -- C:\hiberfil.sys
[2008-05-04 07:57:36 | 000,000,204 | ---- | M] () -- C:\INSTALL.LOG
[2006-03-10 16:30:56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2006-03-10 16:30:56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-10 15:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-07-16 03:32:48 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010-09-19 17:42:28 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys
[2010-08-14 20:27:29 | 000,020,480 | ---- | M] () -- C:\player0.rep
[2010-08-14 20:22:03 | 000,000,008 | ---- | M] () -- C:\player1.rep
[2006-04-08 01:44:56 | 000,000,395 | -H-- | M] () -- C:\SWSTAMP.TXT
[2009-12-15 22:30:57 | 000,000,011 | ---- | M] () -- C:\trace.ini
[2002-07-01 16:13:30 | 000,000,218 | -HS- | M] () -- C:\vvs_v107.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-10 15:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\I386\sp2.cab:agp440.sys
[2004-08-10 15:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2008-07-16 03:26:42 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2008-07-16 03:26:42 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-10 15:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys
[2004-08-10 15:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008-07-16 03:26:42 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-07-16 03:26:42 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004-08-10 15:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2004-08-10 15:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-10 15:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\I386\sp2.cab:cdrom.sys
[2004-08-10 15:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008-07-16 03:26:42 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-07-16 03:26:42 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004-08-10 15:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004-08-10 15:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004-08-10 15:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-10 15:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008-04-14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< End of report >
[/log]

Tomek01
komentarz
komentarz

Tak więc podczas edycji wątku, w pełnym edytorze, masz opcję wstaw log i sprawa załatwiona. Albo wystarczy pomiędzy dwoma symbolami [b][log][/b] wstawić treść log'u.

Logi są czyste. Search Setting usunięte.
W OTL zastosuj opcję Clean Up w celu usunięcia pozostałości po sprzątaniu.
Powodzenia.

hajnel29
komentarz
komentarz

Jeszcze raz dzięki

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.