k4mil93 utworzono 23 listopada 2010 utworzono 23 listopada 2010 (edytowane) A to są logi: Log z OTL [log]OTL logfile created on: 2010-11-24 15:26:00 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = H:\Downloads Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 767,00 Mb Total Physical Memory | 139,00 Mb Available Physical Memory | 18,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 57,00% Paging File free Paging file location(s): C:\pagefile.sys 1152 2304 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 19,53 Gb Total Space | 2,77 Gb Free Space | 14,20% Space Free | Partition Type: NTFS Drive D: | 35,45 Gb Total Space | 0,16 Gb Free Space | 0,46% Space Free | Partition Type: NTFS Drive E: | 64,76 Gb Total Space | 3,76 Gb Free Space | 5,80% Space Free | Partition Type: NTFS Drive G: | 2,79 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive H: | 29,30 Gb Total Space | 5,49 Gb Free Space | 18,75% Space Free | Partition Type: NTFS Drive I: | 3,69 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: MOSO-0EBFA49C35 | User Name: Kamil | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-11-24 15:23:01 | 000,575,488 | ---- | M] (OldTimer Tools) -- H:\Downloads\OTL.exe PRC - [2010-10-29 19:24:44 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-10-14 20:34:53 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.39\GoogleCrashHandler.exe PRC - [2010-10-07 09:04:26 | 012,661,344 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2010-07-17 04:00:15 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-05-14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-09-16 10:21:19 | 001,447,168 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 21:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [AKAMAI] PRC - [2008-04-14 21:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 21:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-14 21:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 21:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2007-12-21 06:21:16 | 000,468,224 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2006-11-02 20:40:12 | 000,174,656 | ---- | M] () -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe PRC - [2006-10-26 12:45:04 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WISPTIS.EXE PRC - [2006-02-28 12:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2005-06-29 03:55:38 | 000,376,832 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2005-06-29 00:09:28 | 000,032,768 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe PRC - [2005-02-16 16:15:20 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe PRC - [2004-09-29 11:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe PRC - [2003-05-05 07:57:30 | 000,143,360 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMTray.exe PRC - [2002-09-20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-11-24 15:23:01 | 000,575,488 | ---- | M] (OldTimer Tools) -- H:\Downloads\OTL.exe MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2010-08-16 09:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2010-07-16 13:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 11:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2009-02-03 20:58:45 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-06-17 20:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-04-14 21:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 21:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2008-04-14 21:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 21:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 21:50:58 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll MOD - [2008-04-14 21:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2008-04-14 21:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 21:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 21:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 21:50:48 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll MOD - [2008-04-14 21:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 21:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 21:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2008-04-14 21:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 21:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2008-04-14 21:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 21:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll MOD - [2008-04-14 21:50:38 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll MOD - [2008-04-14 21:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2008-04-14 21:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 21:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-14 21:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 21:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 21:50:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll MOD - [2008-04-14 21:49:56 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll MOD - [2008-04-14 21:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-14 21:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME MOD - [2002-11-06 19:00:38 | 000,040,820 | ---- | M] (SoundMAX) -- C:\WINDOWS\system32\Syncor11.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService) SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Usługa Google Update (gupdate) SRV - [2010-11-22 18:01:03 | 000,361,216 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2010-11-11 10:11:58 | 003,019,352 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_4176eef.dll -- (Akamai) SRV - [2009-12-05 06:28:24 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009-04-05 01:17:39 | 001,079,176 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService) SRV - [2008-08-18 12:30:58 | 000,019,200 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2008-06-13 14:29:14 | 000,356,920 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService) SRV - [2007-12-21 06:21:16 | 000,468,224 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2006-11-02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Start_Pending] -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe -- (ProtexisLicensing) SRV - [2004-09-29 11:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) SRV - [2002-09-20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default)) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\motmodem.sys -- (motmodem) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Kamil\cpuxp.sys -- (cpuxp) DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32) DRV - [2010-06-13 20:54:52 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri) DRV - [2010-06-13 20:54:12 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc) DRV - [2010-06-13 20:54:12 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt) DRV - [2010-05-04 15:35:35 | 000,094,208 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ezplay.sys -- (ezplay) DRV - [2009-12-27 15:08:43 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2008-08-25 10:36:30 | 000,081,288 | ---- | M] (PCTools Research Pty Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iksyssec.sys -- (IKSysSec) DRV - [2008-08-25 10:36:28 | 000,066,952 | ---- | M] (PCTools Research Pty Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iksysflt.sys -- (IKSysFlt) DRV - [2008-08-25 10:36:28 | 000,040,840 | ---- | M] (PCTools Research Pty Ltd.) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ikfilesec.sys -- (IKFileSec) DRV - [2008-08-18 12:27:42 | 000,034,312 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir) DRV - [2008-08-18 12:19:26 | 000,053,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv) DRV - [2008-08-18 12:18:26 | 000,039,944 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2007-04-24 15:28:52 | 010,252,672 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3) DRV - [2005-09-07 15:42:50 | 000,087,792 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mgmt.sys -- (w800mgmt) DRV - [2005-09-07 15:42:50 | 000,085,664 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800obex.sys -- (w800obex) DRV - [2005-09-07 15:42:48 | 000,096,224 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mdm.sys -- (w800mdm) DRV - [2005-09-07 15:42:46 | 000,009,264 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mdfl.sys -- (w800mdfl) DRV - [2005-09-07 15:42:44 | 000,060,768 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800bus.sys -- (w800bus) Sony Ericsson W800 driver (WDM) DRV - [2005-06-29 04:01:56 | 001,241,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2005-06-03 12:47:06 | 000,079,488 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex) DRV - [2005-06-03 12:47:04 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt) DRV - [2005-02-11 09:21:10 | 000,089,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm) DRV - [2005-02-11 09:21:02 | 000,006,576 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl) DRV - [2005-02-11 09:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1060284298-1123561945-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKU\S-1-5-21-1060284298-1123561945-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ekrosno.pl/szablony/ekrosno/rozklad_jazdy/mapaKROSNO.htm IE - HKU\S-1-5-21-1060284298-1123561945-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1060284298-1123561945-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://nasza-klasa.pl/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1 FF - prefs.js..extensions.enabledItems: quickstores@quickstores.de:1.2.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-10-30 23:02:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-11-20 08:39:54 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-06-05 09:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Extensions [2010-06-05 09:44:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2009-11-19 19:58:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b} [2010-11-23 15:21:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\7baokhzu.default\extensions [2010-04-28 11:05:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\7baokhzu.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-11-03 19:52:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\7baokhzu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-11-03 19:52:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\7baokhzu.default\extensions\quickstores@quickstores.de [2009-12-27 15:09:13 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\7baokhzu.default\searchplugins\daemon-search.xml [2010-03-05 21:11:15 | 000,001,979 | ---- | M] () -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\7baokhzu.default\searchplugins\wrzuta.xml [2010-11-23 15:21:42 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-05-05 13:04:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-09-16 13:45:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-06-17 11:53:22 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de [2008-11-11 08:38:54 | 000,663,552 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll [2010-07-17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2009-06-15 10:14:40 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll [2010-10-29 19:24:49 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-10-29 19:24:49 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-10-29 19:24:49 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-10-29 19:24:49 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-10-29 19:24:49 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-10-29 19:24:49 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation) O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found. O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation) O3 - HKU\S-1-5-21-1060284298-1123561945-1644491937-1003\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found. O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [ISUSPM Startup] c:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.) O4 - HKU\S-1-5-21-1060284298-1123561945-1644491937-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-1060284298-1123561945-1644491937-1003..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1060284298-1123561945-1644491937-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1060284298-1123561945-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 43 01 00 00 [binary data] O7 - HKU\S-1-5-21-1060284298-1123561945-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O16 - DPF: {00000161-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/C/A/7/CA7D2024-EA89-4F15-908C-DA65C1666614/msaud.CAB (Reg Error: Key error.) O16 - DPF: {32564D57-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/wmv8dmo.cab (Reg Error: Key error.) O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.) O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab (Reg Error: Key error.) O16 - DPF: {41564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab (Reg Error: Key error.) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.12.225 10.20.30.1 8.8.8.8 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-04-04 23:40:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2006-09-06 23:35:28 | 000,000,000 | R--D | M] - G:\AutoRun -- [ UDF ] O32 - AutoRun File - [2006-09-06 23:15:27 | 000,741,376 | R--- | M] (Electronic Arts Inc.) - G:\AutoRun.exe -- [ UDF ] O32 - AutoRun File - [2006-08-23 18:58:17 | 000,593,920 | R--- | M] (Electronic Arts Inc.) - G:\AutoRunGUI.dll -- [ UDF ] O32 - AutoRun File - [2006-09-06 23:28:53 | 000,000,136 | R--- | M] () - G:\autorun.inf -- [ UDF ] O32 - AutoRun File - [2007-08-14 01:30:58 | 000,402,696 | R--- | M] (Electronic Arts) - I:\AutoRun.exe -- [ UDF ] O32 - AutoRun File - [2007-09-02 09:30:29 | 000,000,000 | R--D | M] - I:\Autorun -- [ UDF ] O32 - AutoRun File - [2007-09-02 09:31:16 | 005,085,696 | R--- | M] () - I:\autorun.dat -- [ UDF ] O32 - AutoRun File - [2007-09-02 09:23:25 | 000,000,136 | R--- | M] () - I:\autorun.inf -- [ UDF ] O33 - MountPoints2\{04d0acf7-899b-11df-89bc-0013d4bef1c2}\Shell - "" = AutoRun O33 - MountPoints2\{04d0acf7-899b-11df-89bc-0013d4bef1c2}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- [2007-08-14 01:30:58 | 000,402,696 | R--- | M] (Electronic Arts) O33 - MountPoints2\{3712a906-f2fc-11de-8604-0013d4bef1c2}\Shell - "" = AutoRun O33 - MountPoints2\{3712a906-f2fc-11de-8604-0013d4bef1c2}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2006-09-06 23:15:27 | 000,741,376 | R--- | M] (Electronic Arts Inc.) O33 - MountPoints2\{58733052-0c1a-11df-8696-0013d4bef1c2}\Shell - "" = AutoRun O33 - MountPoints2\{58733052-0c1a-11df-8696-0013d4bef1c2}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- [2007-08-14 01:30:58 | 000,402,696 | R--- | M] (Electronic Arts) O33 - MountPoints2\{58733053-0c1a-11df-8696-0013d4bef1c2}\Shell - "" = AutoRun O33 - MountPoints2\{58733053-0c1a-11df-8696-0013d4bef1c2}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- [2007-08-14 01:30:58 | 000,402,696 | R--- | M] (Electronic Arts) O33 - MountPoints2\{58733056-0c1a-11df-8696-0013d4bef1c2}\Shell - "" = AutoRun O33 - MountPoints2\{58733056-0c1a-11df-8696-0013d4bef1c2}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- [2007-08-14 01:30:58 | 000,402,696 | R--- | M] (Electronic Arts) O33 - MountPoints2\{5ba6202c-5dbe-11df-8840-0013d4bef1c2}\Shell - "" = AutoRun O33 - MountPoints2\{5ba6202c-5dbe-11df-8840-0013d4bef1c2}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- [2007-08-14 01:30:58 | 000,402,696 | R--- | M] (Electronic Arts) O33 - MountPoints2\{60b78095-7526-11df-8905-0013d4bef1c2}\Shell - "" = AutoRun O33 - MountPoints2\{60b78095-7526-11df-8905-0013d4bef1c2}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- [2007-08-14 01:30:58 | 000,402,696 | R--- | M] (Electronic Arts) O33 - MountPoints2\{6fd2f9ae-70ac-11df-88d0-0013d4bef1c2}\Shell - "" = AutoRun O33 - MountPoints2\{6fd2f9ae-70ac-11df-88d0-0013d4bef1c2}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- [2007-08-14 01:30:58 | 000,402,696 | R--- | M] (Electronic Arts) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 0 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sdauxservice - C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools) SafeBootMin: sdcoreservice - C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools) SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sdauxservice - C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools) SafeBootNet: sdcoreservice - C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools) SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-11-23 14:48:54 | 000,000,000 | ---D | C] -- C:\Program Files\HijackThis [2010-11-22 23:43:52 | 000,000,000 | ---D | C] -- C:\Program Files\TP [2010-11-22 18:01:03 | 000,361,216 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TuneUpDefragService.exe [2010-11-21 20:02:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\microsoft [2010-11-07 16:01:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamil\Dane aplikacji\XnView [2010-11-04 19:39:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka [2010-10-25 14:04:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC [2010-10-17 16:20:55 | 000,000,000 | ---D | C] -- C:\Program Files\OniGames [2010-10-16 10:28:17 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll [2010-10-16 10:28:16 | 000,000,000 | ---D | C] -- C:\Program Files\Real Alternative [2010-10-16 10:28:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Real [2010-10-16 10:28:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamil\Dane aplikacji\Real [2010-10-16 10:28:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Real [2010-10-09 15:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamil\Moje dokumenty\The KMPlayer [2010-10-08 11:47:26 | 009,591,104 | ---- | C] (DT Soft Ltd.) -- C:\Documents and Settings\Kamil\Moje dokumenty\DTLite4356-0091.exe [2010-10-01 23:03:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamil\Moje dokumenty\Nowy folder [2010-10-01 16:40:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamil\Moje dokumenty\ĆPUN [2010-09-30 15:29:11 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm [2010-09-30 15:29:11 | 000,151,552 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm [2010-09-30 15:29:11 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll [2010-09-30 15:14:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kamil\Moje dokumenty\Moja muzyka [2010-09-28 20:58:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kamil\Moje dokumenty\Moje obrazy [2010-09-28 05:35:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamil\Moje dokumenty\OJOsoft Corporation [2010-09-27 15:06:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamil\Moje dokumenty\Downloads [2010-09-26 21:07:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamil\Moje dokumenty\Pobieranie [2010-05-04 15:35:35 | 000,094,208 | ---- | C] (VSO Software) -- C:\Documents and Settings\Kamil\Dane aplikacji\ezplay.sys [2009-06-15 11:17:48 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll [2009-06-15 11:17:48 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll [2009-06-15 11:17:48 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll [2009-06-15 11:17:48 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll [2009-04-07 15:26:34 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Kamil\Dane aplikacji\pcouffin.sys [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-11-24 15:00:27 | 000,000,466 | ---- | M] () -- C:\WINDOWS\tasks\Konserwacja 1 kliknięciem.job [2010-11-24 15:00:12 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job [2010-11-24 15:00:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-11-24 11:39:00 | 000,001,132 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1123561945-1644491937-1003UA.job [2010-11-24 07:28:15 | 001,594,984 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-11-23 21:39:12 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1123561945-1644491937-1003Core.job [2010-11-23 21:01:12 | 000,000,599 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2010-11-23 14:49:07 | 000,002,563 | ---- | M] () -- C:\Documents and Settings\Kamil\Pulpit\HiJackThis.lnk [2010-11-22 23:53:56 | 000,000,000 | ---- | M] () -- C:\TP17E6DA.$$$ [2010-11-22 23:53:21 | 000,000,000 | ---- | M] () -- C:\TP17E455.$$$ [2010-11-22 23:51:04 | 000,000,000 | ---- | M] () -- C:\TP17DA92.$$$ [2010-11-22 23:49:26 | 000,000,000 | ---- | M] () -- C:\TP17D3A3.$$$ [2010-11-22 23:47:55 | 000,000,000 | ---- | M] () -- C:\TP17CD21.$$$ [2010-11-22 23:45:00 | 000,000,000 | ---- | M] () -- C:\TP17C0BC.$$$ [2010-11-22 23:43:55 | 000,002,857 | ---- | M] () -- C:\Documents and Settings\Kamil\Pulpit\Turbo Pascal 7.0.PIF [2010-11-22 23:28:57 | 000,088,373 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\9.pdf [2010-11-22 23:05:09 | 000,030,601 | ---- | M] () -- C:\Documents and Settings\Kamil\x.exe [2010-11-22 23:01:26 | 000,000,107 | ---- | M] () -- C:\WINDOWS\cdplayer.ini [2010-11-22 22:37:17 | 000,757,277 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\P090710_21.09.JPG [2010-11-22 22:37:09 | 000,741,665 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\P090710_21.09[01].JPG [2010-11-22 18:06:06 | 000,503,306 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-11-22 18:06:06 | 000,444,028 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-11-22 18:06:06 | 000,089,874 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-11-22 18:06:06 | 000,071,904 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-11-22 18:01:03 | 000,361,216 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TuneUpDefragService.exe [2010-11-21 22:09:09 | 001,124,553 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 121.jpg [2010-11-21 22:07:36 | 001,027,982 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 128.jpg [2010-11-21 22:07:14 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 121.jpg [2010-11-21 22:06:46 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 128.jpg [2010-11-21 22:01:03 | 001,552,197 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 062.jpg [2010-11-21 21:59:52 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 062.jpg [2010-11-21 21:59:03 | 001,202,581 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 037.jpg [2010-11-21 21:58:08 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 037.jpg [2010-11-21 21:57:55 | 001,149,661 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 035.jpg [2010-11-21 21:56:39 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 035.jpg [2010-11-21 21:54:27 | 001,332,758 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 063.jpg [2010-11-21 21:53:26 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 063.jpg [2010-11-21 21:50:26 | 000,997,421 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\P290510_13.44.JPG [2010-11-21 21:49:32 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\P290510_13.44.JPG [2010-11-21 20:06:50 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-11-20 23:43:13 | 000,067,072 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-11-20 12:57:02 | 000,031,558 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\http.docx [2010-11-20 08:39:54 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-11-19 19:00:59 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-11-19 15:18:07 | 001,419,098 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\h.fpl [2010-11-18 16:22:01 | 007,228,692 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\V171110_20.59.AVI [2010-11-18 16:17:22 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\V171110_20.59.AVI [2010-11-17 23:36:43 | 000,034,535 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Gandalf.pdf [2010-11-15 20:29:38 | 001,036,914 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\101_0814.jpg [2010-11-15 20:29:11 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\101_0814.jpg [2010-11-11 23:41:54 | 000,397,508 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\04102010103.jpg [2010-11-11 23:41:23 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\04102010103.jpg [2010-11-02 19:44:47 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\pismo.doc [2010-10-21 19:59:35 | 000,045,568 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\PODZIAŁ EPOK 1.doc [2010-10-21 19:43:38 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\PODZIAŁ EPOK 1.doc [2010-10-19 16:10:42 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Default.rdp [2010-10-17 16:24:55 | 000,001,776 | ---- | M] () -- C:\Documents and Settings\Kamil\Pulpit\Uruchom Daemon Vector.lnk [2010-10-17 12:16:42 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-10-15 08:13:13 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-10-11 14:59:21 | 000,002,163 | ---- | M] () -- C:\Documents and Settings\Kamil\Pulpit\Ventrilo.lnk [2010-10-08 11:46:51 | 009,591,104 | ---- | M] (DT Soft Ltd.) -- C:\Documents and Settings\Kamil\Moje dokumenty\DTLite4356-0091.exe [2010-10-01 16:47:47 | 000,309,742 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 112.jpg [2010-10-01 16:40:59 | 001,050,451 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\ĆPUN.rar [2010-10-01 16:38:23 | 000,458,297 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 084.jpg [2010-10-01 16:27:21 | 000,800,010 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 104.jpg [2010-10-01 16:22:24 | 000,438,022 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 015.jpg [2010-10-01 16:09:49 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 015.jpg [2010-10-01 16:06:25 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 112.jpg [2010-10-01 16:06:22 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 104.jpg [2010-10-01 16:06:11 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 099.jpg [2010-10-01 16:05:51 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 084.jpg [2010-10-01 16:05:09 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 038.jpg [2010-10-01 16:01:18 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 132.jpg [2010-10-01 15:54:09 | 001,163,796 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 074.jpg [2010-10-01 15:53:11 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 074.jpg [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-11-23 14:48:57 | 000,002,563 | ---- | C] () -- C:\Documents and Settings\Kamil\Pulpit\HiJackThis.lnk [2010-11-22 23:53:56 | 000,000,000 | ---- | C] () -- C:\TP17E6DA.$$$ [2010-11-22 23:53:21 | 000,000,000 | ---- | C] () -- C:\TP17E455.$$$ [2010-11-22 23:51:04 | 000,000,000 | ---- | C] () -- C:\TP17DA92.$$$ [2010-11-22 23:49:26 | 000,000,000 | ---- | C] () -- C:\TP17D3A3.$$$ [2010-11-22 23:47:55 | 000,000,000 | ---- | C] () -- C:\TP17CD21.$$$ [2010-11-22 23:45:00 | 000,000,000 | ---- | C] () -- C:\TP17C0BC.$$$ [2010-11-22 23:43:55 | 000,002,857 | ---- | C] () -- C:\Documents and Settings\Kamil\Pulpit\Turbo Pascal 7.0.PIF [2010-11-22 23:28:55 | 000,088,373 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\9.pdf [2010-11-22 23:05:09 | 000,030,601 | ---- | C] () -- C:\Documents and Settings\Kamil\x.exe [2010-11-22 22:36:15 | 000,741,665 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\P090710_21.09[01].JPG [2010-11-22 22:36:14 | 000,757,277 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\P090710_21.09.JPG [2010-11-21 22:07:25 | 001,124,553 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 121.jpg [2010-11-21 22:07:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 121.jpg [2010-11-21 22:06:48 | 001,027,982 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 128.jpg [2010-11-21 22:06:46 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 128.jpg [2010-11-21 21:59:59 | 001,552,197 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 062.jpg [2010-11-21 21:59:52 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 062.jpg [2010-11-21 21:58:10 | 001,202,581 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 037.jpg [2010-11-21 21:58:08 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 037.jpg [2010-11-21 21:56:42 | 001,149,661 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 035.jpg [2010-11-21 21:56:39 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 035.jpg [2010-11-21 21:53:29 | 001,332,758 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 063.jpg [2010-11-21 21:53:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 063.jpg [2010-11-21 21:49:40 | 000,997,421 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\P290510_13.44.JPG [2010-11-21 21:49:32 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\P290510_13.44.JPG [2010-11-18 16:17:25 | 007,228,692 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\V171110_20.59.AVI [2010-11-18 16:17:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\V171110_20.59.AVI [2010-11-17 23:36:42 | 000,034,535 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Gandalf.pdf [2010-11-15 20:29:13 | 001,036,914 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\101_0814.jpg [2010-11-15 20:29:11 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\101_0814.jpg [2010-11-11 23:41:27 | 000,397,508 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\04102010103.jpg [2010-11-11 23:41:23 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\04102010103.jpg [2010-11-02 19:44:47 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\pismo.doc [2010-10-21 19:43:42 | 000,045,568 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\PODZIAŁ EPOK 1.doc [2010-10-21 19:43:38 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\PODZIAŁ EPOK 1.doc [2010-10-19 16:10:42 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Default.rdp [2010-10-17 16:24:55 | 000,001,776 | ---- | C] () -- C:\Documents and Settings\Kamil\Pulpit\Uruchom Daemon Vector.lnk [2010-10-06 19:10:54 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-10-01 16:40:58 | 001,050,451 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\ĆPUN.rar [2010-10-01 16:10:02 | 000,438,022 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 015.jpg [2010-10-01 16:09:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 015.jpg [2010-10-01 16:06:29 | 000,309,742 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 112.jpg [2010-10-01 16:06:28 | 000,800,010 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 104.jpg [2010-10-01 16:06:25 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 112.jpg [2010-10-01 16:06:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 104.jpg [2010-10-01 16:06:11 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 099.jpg [2010-10-01 16:06:10 | 000,458,297 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 084.jpg [2010-10-01 16:05:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 084.jpg [2010-10-01 16:05:09 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 038.jpg [2010-10-01 16:01:18 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 132.jpg [2010-10-01 15:53:18 | 001,163,796 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 074.jpg [2010-10-01 15:53:11 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 074.jpg [2010-09-30 15:29:15 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010-09-30 15:29:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml [2010-09-30 15:29:10 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-09-30 15:29:10 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-09-30 15:29:09 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-09-17 15:50:56 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll [2010-05-07 18:16:15 | 000,004,940 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\mtbjfghn.xbe [2010-05-04 16:22:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\DVDConverter.INI [2010-05-04 15:35:41 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\ezplay.log [2010-05-04 15:35:35 | 000,007,861 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\ezplay.cat [2010-05-04 15:35:35 | 000,001,104 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\ezplay.inf [2010-05-04 15:35:35 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\ezplay.ini [2010-05-04 15:35:27 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\inst.exe [2010-01-26 21:32:30 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2009-12-04 13:35:59 | 000,005,038 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\vjgbkfiu.iik [2009-12-03 19:19:01 | 000,000,168 | RHS- | C] () -- C:\WINDOWS\System32\AC6E27FC78.sys [2009-11-20 20:04:07 | 000,000,444 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\Hewlett-PackardHP PSC 1400 series1239488459_PROTOCOL.log [2009-11-20 20:04:07 | 000,000,358 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\Hewlett-PackardHP PSC 1400 series1239488459_UI.log [2009-11-20 20:04:07 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini [2009-11-20 20:04:07 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\Hewlett-PackardHP PSC 1400 series1239488459_API.log [2009-11-16 22:22:52 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-11-15 07:27:29 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\avutil.dll [2009-11-15 07:27:28 | 001,945,088 | ---- | C] () -- C:\WINDOWS\System32\avcodec.dll [2009-11-15 07:27:28 | 000,219,136 | ---- | C] () -- C:\WINDOWS\System32\avformat.dll [2009-10-22 02:31:52 | 000,002,519 | ---- | C] () -- C:\WINDOWS\System32\ASPRTMM9.DLL [2009-08-03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll [2009-06-15 11:17:51 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini [2009-05-13 15:58:18 | 004,762,112 | ---- | C] () -- C:\WINDOWS\System32\NCMedia.dll [2009-05-13 15:58:18 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll [2009-04-11 22:58:34 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2009-04-11 10:33:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CorelDrw.INI [2009-04-11 10:28:56 | 000,005,018 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2009-04-10 15:25:23 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-04-08 18:48:33 | 000,000,189 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\default.rss [2009-04-07 21:50:09 | 000,000,039 | ---- | C] () -- C:\WINDOWS\Irremote.ini [2009-04-07 15:27:23 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\vso_ts_preview.xml [2009-04-07 15:26:48 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\pcouffin.log [2009-04-07 15:26:34 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\pcouffin.cat [2009-04-07 15:26:34 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\pcouffin.inf [2009-04-07 12:39:55 | 000,000,107 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2009-04-06 23:17:59 | 000,000,011 | ---- | C] () -- C:\WINDOWS\3DShadow.INI [2009-04-06 16:44:36 | 000,002,516 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\KGyGaAvL.sys [2009-04-06 16:44:36 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\AC6E27FC78.sys [2009-04-05 09:59:53 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll [2009-04-05 09:59:22 | 000,004,035 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2009-04-05 09:59:18 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2009-04-05 08:50:21 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2009-04-05 08:44:30 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2009-04-05 08:27:44 | 000,067,072 | ---- | C] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-04-05 01:28:46 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009-04-05 00:47:06 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2008-08-18 12:27:42 | 000,034,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\epfwtdir.sys [2005-10-31 20:28:22 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\MobOlExt.dll [2001-07-06 14:30:02 | 000,003,234 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI [color=#E56717]========== LOP Check ==========[/color] [2009-12-02 18:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Avery [2010-06-20 12:33:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software [2009-12-27 15:08:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-09-06 09:06:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2009-04-05 22:45:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeRIP [2010-02-27 12:22:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-05-06 09:50:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2009-06-12 12:37:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MumboJumbo [2010-10-29 18:46:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-08-30 13:48:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\stamina [2010-01-03 17:08:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TechSmith [2010-11-23 19:41:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-03-30 15:10:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software [2009-04-15 16:23:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WinZip [2010-03-30 15:09:51 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{55A29068-F2CE-456C-9148-C869879E2357} [2009-04-06 23:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\AGD plugin [2009-12-13 22:41:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\ChomikBox [2009-11-28 20:41:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Cream Software [2009-04-05 00:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\DAEMON Tools [2009-12-27 21:59:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\DAEMON Tools Lite [2009-04-05 00:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\DAEMON Tools Pro [2010-11-16 16:26:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\DC++ [2010-09-28 11:40:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\DMCache [2010-05-05 07:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\DVD2AVI Ripper [2010-06-03 13:50:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Facebook [2009-04-06 23:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Filter Forge Freepack 2 - Photo Effects [2009-11-19 19:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Flock [2010-11-23 16:00:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\foobar2000 [2009-10-27 13:53:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Gadu-Gadu [2010-06-21 19:13:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Gadu-Gadu 10 [2009-08-18 08:38:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\GanymedeNet [2009-04-08 22:05:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\GetRightToGo [2009-10-17 19:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\GHISLER [2010-03-07 19:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\gtk-2.0 [2010-10-17 20:03:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Image Zone Express [2010-11-21 21:52:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\ipla [2009-11-29 20:48:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\KDE [2009-12-08 14:17:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Mikrotik [2010-06-22 07:01:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\MyPhoneExplorer [2010-02-21 13:08:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Nowe Gadu-Gadu [2009-08-29 20:31:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\OpenFM [2009-04-06 10:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\OpenOffice.org [2010-04-27 19:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Opera [2009-11-29 23:12:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Pmcc [2010-06-18 13:26:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\QuickStoresToolbar [2010-05-05 06:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\RipIt4Me [2010-06-13 20:40:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Teleca [2009-12-03 09:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Thinstall [2010-06-05 09:44:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Thunderbird [2010-01-11 19:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Toolbar4 [2010-03-30 15:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\TuneUp Software [2010-05-05 06:31:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Vso [2009-11-23 12:41:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\WordToPDF [2010-11-07 16:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\XnView [2010-04-10 13:00:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\TuneUp Software [2010-03-30 19:09:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\TuneUp Software [2010-11-24 15:00:27 | 000,000,466 | ---- | M] () -- C:\WINDOWS\Tasks\Konserwacja 1 kliknięciem.job [2010-11-24 15:00:12 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-04-04 23:40:28 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-05-23 11:26:21 | 000,000,506 | -HS- | M] () -- C:\boot.ini [2001-07-21 23:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2009-11-13 22:00:41 | 000,000,000 | RHS- | M] () -- C:\config.sys [2009-04-04 23:40:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009-04-04 23:40:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008-04-13 21:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008-04-13 23:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr [2010-11-24 15:00:01 | 1207,959,552 | -HS- | M] () -- C:\pagefile.sys [2010-11-22 23:45:00 | 000,000,000 | ---- | M] () -- C:\TP17C0BC.$$$ [2010-11-22 23:47:55 | 000,000,000 | ---- | M] () -- C:\TP17CD21.$$$ [2010-11-22 23:49:26 | 000,000,000 | ---- | M] () -- C:\TP17D3A3.$$$ [2010-11-22 23:51:04 | 000,000,000 | ---- | M] () -- C:\TP17DA92.$$$ [2010-11-22 23:53:21 | 000,000,000 | ---- | M] () -- C:\TP17E455.$$$ [2010-11-22 23:53:56 | 000,000,000 | ---- | M] () -- C:\TP17E6DA.$$$ [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys [2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ERDNT\cache\eventlog.dll [2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys [2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys [2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ERDNT\cache\winlogon.exe [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 520 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF @Alternate Data Stream - 158 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:4BF2F6B5 @Alternate Data Stream - 156 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2 @Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:671329E4 @Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:1EE00E38 @Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:8E3D07DE < End of report > [/log] Log z RSIT [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Kamil at 2010-11-24 15:36:45 Microsoft Windows XP Professional Dodatek Service Pack 3 System drive C: has 3 GB (14%) free of 20 GB Total RAM: 767 MB (19% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:37:07, on 2010-11-24 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17091) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Gadu-Gadu 10\gg.exe C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.39\GoogleCrashHandler.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Common Files\Protexis\License Service\PSIService.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\WISPTIS.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Mozilla Firefox\firefox.exe H:\Downloads\OTL.exe C:\WINDOWS\notepad.exe H:\Downloads\RSIT.exe C:\Program Files\trend micro\Kamil.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ekrosno.pl/szablony/ekrosno/rozklad_jazdy/mapaKROSNO.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - (no file) O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing) O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [ISUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Gadu-Gadu 10] "C:\Program Files\Gadu-Gadu 10\gg.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O4 - Global Startup: ATI CATALYST – pasek zadań.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing) O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files\Common Files\Protexis\License Service\PSIService.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 8782 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1123561945-1644491937-1003Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1123561945-1644491937-1003UA.job C:\WINDOWS\tasks\Konserwacja 1 kliknięciem.job C:\WINDOWS\tasks\OGALogon.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}] SnagIt Toolbar Loader - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll [2009-10-15 68936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}] QuickStores-Toolbar - C:\WINDOWS\system32\mscoree.dll [2009-11-07 297808] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Pomocnik rejestracji usługi Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-04 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}] IEPluginBHO Class [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - Snagit - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll [2009-10-15 211272] {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - QuickStores-Toolbar - C:\WINDOWS\system32\mscoree.dll [2009-11-07 297808] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-06-28 344064] "ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2005-06-29 32768] "ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-02-16 81920] "egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-09-16 1447168] "smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-05-05 143360] "ISUSPM Startup"=c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2005-02-16 221184] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "Gadu-Gadu 10"=C:\Program Files\Gadu-Gadu 10\gg.exe [2010-10-07 12661344] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200] "Google Update"=C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2010-05-06 136176] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart ATI CATALYST – pasek zadań.lnk - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2005-06-29 46080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-05-08 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=0x43010000 "NoDriveAutoRun"=67108863 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=323 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe" "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe" "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe" "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe" "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe" "C:\Program Files\DC++\DCPlusPlus.exe"="C:\Program Files\DC++\DCPlusPlus.exe:*:Enabled:DC++" "C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server" "E:\Gry\Metin2_PL\metin2.bin"="E:\Gry\Metin2_PL\metin2.bin:*:Enabled:metin2" "E:\Gry\Metin2_PL\metin2client.bin"="E:\Gry\Metin2_PL\metin2client.bin:*:Enabled:metin2client" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Uruchamia plik DLL jako aplikację" "C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit" "C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser" "C:\Program Files\Adobe\Adobe Flash CS3\Flash.exe"="C:\Program Files\Adobe\Adobe Flash CS3\Flash.exe:*:Enabled:Adobe Flash CS3" "J:\program files\MirandaPortable\App\miranda\miranda32.exe"="J:\program files\MirandaPortable\App\miranda\miranda32.exe:*:Enabled:Miranda IM" "E:\Gry\ColinMcRaeRally2005\CMR5.EXE"="E:\Gry\ColinMcRaeRally2005\CMR5.EXE:*:Enabled:Colin McRae Rally 2005 Application" "E:\Gry\Need for Speed Most Wanted\speed.exe"="E:\Gry\Need for Speed Most Wanted\speed.exe:*:Enabled:speed" "C:\Program Files\Gadu-Gadu 10\gg.exe"="C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10" "C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "H:\Gry\FIFA\FIFA08.exe"="H:\Gry\FIFA\FIFA08.exe:*:Enabled:FIFA08" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======List of files/folders created in the last 1 months====== 2010-11-24 15:36:52 ----D---- C:\Program Files\trend micro 2010-11-24 15:36:45 ----D---- C:\rsit 2010-11-23 14:48:54 ----D---- C:\Program Files\HijackThis 2010-11-22 23:43:52 ----D---- C:\Program Files\TP 2010-11-22 18:01:03 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe 2010-11-07 16:01:55 ----D---- C:\Documents and Settings\Kamil\Dane aplikacji\XnView 2010-10-25 14:04:56 ----D---- C:\WINDOWS\CSC 2010-10-25 14:04:48 ----A---- C:\WINDOWS\ntbtlog.txt ======List of files/folders modified in the last 1 months====== 2010-11-24 15:37:06 ----D---- C:\WINDOWS\temp 2010-11-24 15:36:52 ----D---- C:\Program Files 2010-11-24 15:36:50 ----D---- C:\WINDOWS\Prefetch 2010-11-24 15:02:35 ----D---- C:\WINDOWS\system32\CatRoot2 2010-11-24 15:00:31 ----D---- C:\WINDOWS 2010-11-24 15:00:22 ----D---- C:\Program Files\Common Files\Akamai 2010-11-24 11:48:15 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-11-23 21:01:20 ----SHD---- C:\WINDOWS\Installer 2010-11-23 21:01:08 ----D---- C:\Program Files\Opera 2010-11-23 19:41:44 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2010-11-23 19:38:57 ----D---- C:\WINDOWS\system32\drivers 2010-11-23 16:00:18 ----D---- C:\Documents and Settings\Kamil\Dane aplikacji\foobar2000 2010-11-22 23:19:31 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy 2010-11-22 23:12:25 ----HD---- C:\WINDOWS\inf 2010-11-22 23:12:25 ----HD---- C:\Program Files\InstallShield Installation Information 2010-11-22 23:11:06 ----D---- C:\Program Files\Common Files 2010-11-22 23:10:16 ----D---- C:\WINDOWS\system32 2010-11-22 23:01:26 ----A---- C:\WINDOWS\cdplayer.ini 2010-11-22 18:06:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-11-22 18:00:02 ----SD---- C:\WINDOWS\Tasks 2010-11-22 17:58:36 ----D---- C:\Program Files\TuneUp Utilities 2009 2010-11-21 21:52:40 ----D---- C:\Documents and Settings\Kamil\Dane aplikacji\ipla 2010-11-21 20:08:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-11-19 19:00:59 ----A---- C:\WINDOWS\NeroDigital.ini 2010-11-16 16:26:02 ----D---- C:\Documents and Settings\Kamil\Dane aplikacji\DC++ 2010-11-10 23:11:33 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help 2010-11-10 23:08:56 ----A---- C:\WINDOWS\system32\MRT.exe 2010-11-07 16:43:43 ----A---- C:\WINDOWS\win.ini 2010-10-29 19:25:02 ----D---- C:\Program Files\Mozilla Firefox 2010-10-29 18:46:25 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 gagp30kx;Filtr rodzajowy AGPv3.0 firmy Microsoft dla platform procesora K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-14 46464] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-08-20 44944] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-12-27 691696] R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-08 77568] R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-08-18 53256] R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-08-18 34312] R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-08-18 39944] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-06-29 1241088] R3 FETNDIS;Sterownik NT karty VIA PCI 10/100Mb Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-17 5888] R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2010-06-13 27632] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-07-15 578368] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [] S3 ad69ecvp;ad69ecvp; C:\WINDOWS\system32\drivers\ad69ecvp.sys [] S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384] S3 cpuxp;cpuxp; \??\C:\Documents and Settings\Kamil\cpuxp.sys [] S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys [] S3 ezplay;VSO Software ezplay; C:\WINDOWS\System32\Drivers\ezplay.sys [2010-05-04 94208] S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2010-06-13 13224] S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2010-06-13 25512] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744] S3 IKFileSec;File Security Driver; C:\WINDOWS\system32\drivers\ikfilesec.sys [2008-08-25 40840] S3 IKSysFlt;System Filter Driver; C:\WINDOWS\system32\drivers\iksysflt.sys [2008-08-25 66952] S3 IKSysSec;System Security Driver; C:\WINDOWS\system32\drivers\iksyssec.sys [2008-08-25 81288] S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-02-11 55216] S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-02-11 6576] S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-02-11 89872] S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-06-03 81728] S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-06-03 79488] S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-11 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968] S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112] S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-05-04 47360] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880] S3 SNPSTD3;USB PC Camera (SNPSTD3); C:\WINDOWS\system32\DRIVERS\snpstd3.sys [2007-04-24 10252672] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976] S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 usbser;Motorola A1000 USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112] S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 w800bus;Sony Ericsson W800 driver (WDM); C:\WINDOWS\system32\DRIVERS\w800bus.sys [2005-09-07 60768] S3 w800mdfl;Sony Ericsson W800 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w800mdfl.sys [2005-09-07 9264] S3 w800mdm;Sony Ericsson W800 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\w800mdm.sys [2005-09-07 96224] S3 w800mgmt;Sony Ericsson W800 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\w800mgmt.sys [2005-09-07 87792] S3 w800obex;Sony Ericsson W800 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\w800obex.sys [2005-09-07 85664] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-05-08 38528] S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-08 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Akamai;Akamai NetSession Interface; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-06-29 376832] R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376] R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2007-12-21 468224] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632] R2 ProtexisLicensing;ProtexisLicensing; C:\Program Files\Common Files\Protexis\License Service\PSIService.exe [2006-11-02 174656] R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2005-06-28 516096] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe /svc [] S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-04-11 69632] S3 aspnet_state;Usuga stanu ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-08-18 19200] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-12-05 654848] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-13 356920] S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2009-04-05 1079176] S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-11-22 361216] S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- [/log] Info z RSIT [log]info.txt logfile of random's system information tool 1.08 2010-11-24 15:37:11 ======Uninstall list====== Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin Adobe Reader 9.4.1 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A94000000001} Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log Aktualizacja zabezpieczeń dla programu Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla programu Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB2360131)-->"C:\WINDOWS\ie7updates\KB2360131-IE7\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 7 (KB982381)-->"C:\WINDOWS\ie7updates\KB982381-IE7\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2279986)-->"C:\WINDOWS\$NtUninstallKB2279986$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB981957)-->"C:\WINDOWS\$NtUninstallKB981957$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe" Aktualizacja zabezpieczeń dla systemu Windows XP (KB982802)-->"C:\WINDOWS\$NtUninstallKB982802$\spuninst\spuninst.exe" Asystent rejestracji usługi Windows Live-->MsiExec.exe /I{51958BA7-21E4-4A8B-9098-CD8375BD17B2} Avanquest update-->"C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe" -runfromtemp -l0x0009 -removeonly CorelDRAW Graphics Suite X3-->MsiExec.exe /I{63218538-4A69-497F-8455-904261B0E9E4} Daemon Vector-->"C:\Program Files\OniGames\DaemonVector\unins000.exe" FIFA 08-->MsiExec.exe /X{0A2A5039-B37F-489D-B1DC-A5258DF9E697} FontNav-->MsiExec.exe /I{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE} foobar2000 v1.0.1-->"C:\Program Files\foobar2000\uninstall.exe" _?=C:\Program Files\foobar2000 Gadu-Gadu 10-->C:\Program Files\Gadu-Gadu 10\Uninstall.exe GIMP 2.6.7-->"C:\Program Files\GIMP-2.0\setup\unins000.exe" Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Gordon's Gate Flash Driver 2.2.0.5-->C:\Program Files\Sony Ericsson\Gordons Gate\uninst.exe HD Tune 2.55-->"C:\Program Files\HD Tune\unins000.exe" HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" ipla 2.1.3-->C:\Program Files\ipla\uninst.exe Java(TM) 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF} K-Lite Codec Pack 6.0.4 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins001.exe" Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 1.1 Security Update (KB2416447)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2416447\M2416447Uninstall.msp" Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe" Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe" Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{820B6609-4C97-3A2B-B644-573B06A0F0CC} MobTime Cell Phone Manager V6.6.5-->"C:\Program Files\Cell Phone Manager\unins000.exe" Motorola Phone Tools-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}\setup.exe" -l0x9 -removeonly Mozilla Firefox (3.6.12)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MyPhoneExplorer-->C:\Program Files\MyPhoneExplorer\uninstall.exe Need for Speed Underground 2-->H:\Gry\NFS U2\EAUninstall.exe OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18} OJOsoft Total Video Converter-->"C:\Program Files\OJOsoft\OJOsoft Total Video Converter\unins000.exe" Opera 10.63-->MsiExec.exe /X{87CC8013-56D1-43E1-A0A5-AD406B4EBA95} PL-->MsiExec.exe /I{108FAA6F-DEEE-48EA-B3A9-1C5EB2605A6B} Poprawka dla systemu Windows XP (KB2158563)-->"C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe" QuickStores-Toolbar 1.0.0-->"C:\Documents and Settings\Kamil\Dane aplikacji\QuickStoresToolbar\unins000.exe" Real Alternative 1.9.0 Lite-->"C:\Program Files\Real Alternative\unins000.exe" Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT="" TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357} Turbo Pascal 7.0-->C:\WINDOWS\uninst.exe -f"C:\Program Files\TP\DeIsL1.isu" -c"C:\Program Files\TP\_ISREG32.DLL" Update Manager-->MsiExec.exe /I{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA} VBA-->MsiExec.exe /I{C94E45B0-6AA6-4FB9-9AAE-22085F631880} ======System event log====== Computer Name: MOSO-0EBFA49C35 Event Code: 7036 Message: Usługa Usługa Google Update (gupdate) weszła w stan zatrzymania. Record Number: 82633 Source Name: Service Control Manager Time Written: 20101105144509.000000+060 Event Type: informacje User: Computer Name: MOSO-0EBFA49C35 Event Code: 7036 Message: Usługa Karta wydajności WMI weszła w stan zatrzymania. Record Number: 82632 Source Name: Service Control Manager Time Written: 20101105144450.000000+060 Event Type: informacje User: Computer Name: MOSO-0EBFA49C35 Event Code: 7036 Message: Usługa Karta wydajności WMI weszła w stan uruchomienia. Record Number: 82631 Source Name: Service Control Manager Time Written: 20101105144449.000000+060 Event Type: informacje User: Computer Name: MOSO-0EBFA49C35 Event Code: 7035 Message: Do usługi Karta wydajności WMI został pomyślnie wysłany kod sterowania uruchom. Record Number: 82630 Source Name: Service Control Manager Time Written: 20101105144446.000000+060 Event Type: informacje User: MOSO-0EBFA49C35\Kamil Computer Name: MOSO-0EBFA49C35 Event Code: 7036 Message: Usługa Usługa COM nagrywania dysków CD IMAPI weszła w stan zatrzymania. Record Number: 82629 Source Name: Service Control Manager Time Written: 20101105144444.000000+060 Event Type: informacje User: =====Application event log===== Computer Name: MOSO-0EBFA49C35 Event Code: 105 Message: The service was started. Record Number: 4295 Source Name: ATI Smart Time Written: 20101118141506.000000+060 Event Type: informacje User: Computer Name: MOSO-0EBFA49C35 Event Code: 1800 Message: Usługa Centrum zabezpieczeń systemu Windows została uruchomiona. Record Number: 4294 Source Name: SecurityCenter Time Written: 20101118074855.000000+060 Event Type: informacje User: Computer Name: MOSO-0EBFA49C35 Event Code: 1 Message: Record Number: 4293 Source Name: Bonjour Service Time Written: 20101118074854.000000+060 Event Type: informacje User: Computer Name: MOSO-0EBFA49C35 Event Code: 105 Message: The service was started. Record Number: 4292 Source Name: ATI Smart Time Written: 20101118074848.000000+060 Event Type: informacje User: Computer Name: MOSO-0EBFA49C35 Event Code: 4354 Message: System zdarzeń modelu COM+ nie mógł zwolnić metody ConnectionMadeNoQOCInfo dla subskrypcji {A82F0E80-1305-400C-BA56-375AE04264A1}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. Subskrybent zwrócił HRESULT 80010105. Record Number: 4291 Source Name: EventSystem Time Written: 20101117154749.000000+060 Event Type: ostrzeżenie User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Microsoft USB Flash Drive Manager\;C:\Program Files\Common Files\GTK\2.0\bin;C:\Program Files\Common Files\Teleca Shared "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 44 Stepping 2, AuthenticAMD "PROCESSOR_REVISION"=2c02 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF----------------- [/log]
Tomek01 komentarz 24 listopada 2010 komentarz 24 listopada 2010 Odinstaluj: QuickStoresToolbar, SnagIt Toolbar Loader. W OTL, w oknie Custom scan/fixes wklej: [code] :Processes Explorer.exe :OTL O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation) O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found. O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation) O3 - HKU\S-1-5-21-1060284298-1123561945-1644491937-1003\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found. @Alternate Data Stream - 520 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF @Alternate Data Stream - 158 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:4BF2F6B5 @Alternate Data Stream - 156 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2 @Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:671329E4 @Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:1EE00E38 @Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:8E3D07DE :Files C:\Documents and Settings\Kamil\cpuxp.sys C:\Documents and Settings\Kamil\Dane aplikacji\QuickStoresToolbar C:\Documents and Settings\All Users\Dane aplikacji\mtbjfghn.xbe C:\Documents and Settings\All Users\Dane aplikacji\vjgbkfiu.iik C:\WINDOWS\System32\AC6E27FC78.sys :Reg [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3}=- {10EDB994-47F8-43F7-AE96-F2EA63E9F90F}=- :Services cpuxp :Commands [emptytemp] [start explorer] [Reboot][/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT. Przeskanuj poniższy plik na virustotal, jeśli go nie znasz: C:\Documents and Settings\Kamil\x.exe
k4mil93 komentarz 24 listopada 2010 Autor komentarz 24 listopada 2010 Log z usuwania poprzez ten skrypt [log]All processes killed ========== PROCESSES ========== No active process named Explorer.exe was found! ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00C6482D-C502-44C8-8409-FCE54AD9C208}\ deleted successfully. File C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3}\ deleted successfully. File C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll not found. Registry value HKEY_USERS\S-1-5-21-1060284298-1123561945-1644491937-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3}\ not found. ADS C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF deleted successfully. ADS C:\Documents and Settings\All Users\Dane aplikacji\TEMP:4BF2F6B5 deleted successfully. ADS C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2 deleted successfully. ADS C:\Documents and Settings\All Users\Dane aplikacji\TEMP:671329E4 deleted successfully. ADS C:\Documents and Settings\All Users\Dane aplikacji\TEMP:1EE00E38 deleted successfully. ADS C:\Documents and Settings\All Users\Dane aplikacji\TEMP:8E3D07DE deleted successfully. ========== FILES ========== File\Folder C:\Documents and Settings\Kamil\cpuxp.sys not found. C:\Documents and Settings\Kamil\Dane aplikacji\QuickStoresToolbar folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\mtbjfghn.xbe moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\vjgbkfiu.iik moved successfully. C:\WINDOWS\System32\AC6E27FC78.sys moved successfully. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}\ deleted successfully. ========== SERVICES/DRIVERS ========== Service cpuxp stopped successfully! Service cpuxp deleted successfully! ========== COMMANDS ==========[/log] Log z RSIT [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Kamil at 2010-11-24 21:44:26 Microsoft Windows XP Professional Dodatek Service Pack 3 System drive C: has 3 GB (16%) free of 20 GB Total RAM: 767 MB (17% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:44:33, on 2010-11-24 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17091) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Common Files\Protexis\License Service\PSIService.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Gadu-Gadu 10\gg.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.39\GoogleCrashHandler.exe C:\WINDOWS\system32\WISPTIS.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Mozilla Firefox\firefox.exe H:\Downloads\OTL.exe H:\Downloads\RSIT.exe C:\Program Files\trend micro\Kamil.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ekrosno.pl/szablony/ekrosno/rozklad_jazdy/mapaKROSNO.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [ISUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Gadu-Gadu 10] "C:\Program Files\Gadu-Gadu 10\gg.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O4 - Global Startup: ATI CATALYST – pasek zadań.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Usługa Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing) O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files\Common Files\Protexis\License Service\PSIService.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 8305 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1123561945-1644491937-1003Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1123561945-1644491937-1003UA.job C:\WINDOWS\tasks\Konserwacja 1 kliknięciem.job C:\WINDOWS\tasks\OGALogon.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Pomocnik rejestracji usługi Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-04 79648] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-06-28 344064] "ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2005-06-29 32768] "ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-02-16 81920] "egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-09-16 1447168] "smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-05-05 143360] "ISUSPM Startup"=c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2005-02-16 221184] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "Gadu-Gadu 10"=C:\Program Files\Gadu-Gadu 10\gg.exe [2010-10-07 12661344] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200] "Google Update"=C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2010-05-06 136176] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart ATI CATALYST – pasek zadań.lnk - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2005-06-29 46080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-05-08 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=0x43010000 "NoDriveAutoRun"=67108863 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=323 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe" "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe" "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe" "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe" "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe" "C:\Program Files\DC++\DCPlusPlus.exe"="C:\Program Files\DC++\DCPlusPlus.exe:*:Enabled:DC++" "C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server" "E:\Gry\Metin2_PL\metin2.bin"="E:\Gry\Metin2_PL\metin2.bin:*:Enabled:metin2" "E:\Gry\Metin2_PL\metin2client.bin"="E:\Gry\Metin2_PL\metin2client.bin:*:Enabled:metin2client" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Uruchamia plik DLL jako aplikację" "C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit" "C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser" "C:\Program Files\Adobe\Adobe Flash CS3\Flash.exe"="C:\Program Files\Adobe\Adobe Flash CS3\Flash.exe:*:Enabled:Adobe Flash CS3" "J:\program files\MirandaPortable\App\miranda\miranda32.exe"="J:\program files\MirandaPortable\App\miranda\miranda32.exe:*:Enabled:Miranda IM" "E:\Gry\ColinMcRaeRally2005\CMR5.EXE"="E:\Gry\ColinMcRaeRally2005\CMR5.EXE:*:Enabled:Colin McRae Rally 2005 Application" "E:\Gry\Need for Speed Most Wanted\speed.exe"="E:\Gry\Need for Speed Most Wanted\speed.exe:*:Enabled:speed" "C:\Program Files\Gadu-Gadu 10\gg.exe"="C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10" "C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "H:\Gry\FIFA\FIFA08.exe"="H:\Gry\FIFA\FIFA08.exe:*:Enabled:FIFA08" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======List of files/folders created in the last 1 months====== 2010-11-24 15:36:52 ----D---- C:\Program Files\trend micro 2010-11-24 15:36:45 ----D---- C:\rsit 2010-11-23 14:48:54 ----D---- C:\Program Files\HijackThis 2010-11-22 23:43:52 ----D---- C:\Program Files\TP 2010-11-22 18:01:03 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe 2010-11-07 16:01:55 ----D---- C:\Documents and Settings\Kamil\Dane aplikacji\XnView 2010-10-25 14:04:56 ----D---- C:\WINDOWS\CSC 2010-10-25 14:04:48 ----A---- C:\WINDOWS\ntbtlog.txt ======List of files/folders modified in the last 1 months====== 2010-11-24 21:44:27 ----D---- C:\WINDOWS\temp 2010-11-24 21:16:07 ----D---- C:\WINDOWS\Prefetch 2010-11-24 21:15:32 ----D---- C:\WINDOWS\system32\CatRoot2 2010-11-24 21:15:27 ----D---- C:\WINDOWS 2010-11-24 21:14:56 ----D---- C:\Program Files\Common Files\Akamai 2010-11-24 21:13:46 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-11-24 21:13:27 ----D---- C:\WINDOWS\system32 2010-11-24 20:30:11 ----D---- C:\Documents and Settings\Kamil\Dane aplikacji\foobar2000 2010-11-24 15:36:52 ----D---- C:\Program Files 2010-11-23 21:01:20 ----SHD---- C:\WINDOWS\Installer 2010-11-23 21:01:08 ----D---- C:\Program Files\Opera 2010-11-23 19:41:44 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2010-11-23 19:38:57 ----D---- C:\WINDOWS\system32\drivers 2010-11-22 23:19:31 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy 2010-11-22 23:12:25 ----HD---- C:\WINDOWS\inf 2010-11-22 23:12:25 ----HD---- C:\Program Files\InstallShield Installation Information 2010-11-22 23:11:06 ----D---- C:\Program Files\Common Files 2010-11-22 23:01:26 ----A---- C:\WINDOWS\cdplayer.ini 2010-11-22 18:06:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-11-22 18:00:02 ----SD---- C:\WINDOWS\Tasks 2010-11-22 17:58:36 ----D---- C:\Program Files\TuneUp Utilities 2009 2010-11-21 21:52:40 ----D---- C:\Documents and Settings\Kamil\Dane aplikacji\ipla 2010-11-21 20:08:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-11-19 19:00:59 ----A---- C:\WINDOWS\NeroDigital.ini 2010-11-16 16:26:02 ----D---- C:\Documents and Settings\Kamil\Dane aplikacji\DC++ 2010-11-10 23:11:33 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help 2010-11-10 23:08:56 ----A---- C:\WINDOWS\system32\MRT.exe 2010-11-07 16:43:43 ----A---- C:\WINDOWS\win.ini 2010-10-29 19:25:02 ----D---- C:\Program Files\Mozilla Firefox 2010-10-29 18:46:25 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 gagp30kx;Filtr rodzajowy AGPv3.0 firmy Microsoft dla platform procesora K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-14 46464] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-08-20 44944] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-12-27 691696] R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-08 77568] R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-08-18 53256] R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-08-18 34312] R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-08-18 39944] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-06-29 1241088] R3 FETNDIS;Sterownik NT karty VIA PCI 10/100Mb Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-17 5888] R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2010-06-13 27632] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-07-15 578368] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [] S3 aq68u4cd;aq68u4cd; C:\WINDOWS\system32\drivers\aq68u4cd.sys [] S3 CCDECODE;Dekoder napisów; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384] S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys [] S3 ezplay;VSO Software ezplay; C:\WINDOWS\System32\Drivers\ezplay.sys [2010-05-04 94208] S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2010-06-13 13224] S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2010-06-13 25512] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744] S3 IKFileSec;File Security Driver; C:\WINDOWS\system32\drivers\ikfilesec.sys [2008-08-25 40840] S3 IKSysFlt;System Filter Driver; C:\WINDOWS\system32\drivers\iksysflt.sys [2008-08-25 66952] S3 IKSysSec;System Security Driver; C:\WINDOWS\system32\drivers\iksyssec.sys [2008-08-25 81288] S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-02-11 55216] S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-02-11 6576] S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-02-11 89872] S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-06-03 81728] S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-06-03 79488] S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-11 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968] S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112] S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-05-04 47360] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880] S3 SNPSTD3;USB PC Camera (SNPSTD3); C:\WINDOWS\system32\DRIVERS\snpstd3.sys [2007-04-24 10252672] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976] S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 usbser;Motorola A1000 USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112] S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 w800bus;Sony Ericsson W800 driver (WDM); C:\WINDOWS\system32\DRIVERS\w800bus.sys [2005-09-07 60768] S3 w800mdfl;Sony Ericsson W800 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w800mdfl.sys [2005-09-07 9264] S3 w800mdm;Sony Ericsson W800 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\w800mdm.sys [2005-09-07 96224] S3 w800mgmt;Sony Ericsson W800 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\w800mgmt.sys [2005-09-07 87792] S3 w800obex;Sony Ericsson W800 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\w800obex.sys [2005-09-07 85664] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-05-08 38528] S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-08 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Akamai;Akamai NetSession Interface; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-06-29 376832] R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376] R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2007-12-21 468224] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632] R2 ProtexisLicensing;ProtexisLicensing; C:\Program Files\Common Files\Protexis\License Service\PSIService.exe [2006-11-02 174656] R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2005-06-28 516096] S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe /svc [] S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-04-11 69632] S3 aspnet_state;Usuga stanu ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-08-18 19200] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-12-05 654848] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-13 356920] S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2009-04-05 1079176] S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-11-22 361216] S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------[/log] log z OTL [log]OTL logfile created on: 2010-11-24 21:36:19 - Run 3 OTL by OldTimer - Version 3.2.17.3 Folder = H:\Downloads Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 767,00 Mb Total Physical Memory | 160,00 Mb Available Physical Memory | 21,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 68,00% Paging File free Paging file location(s): C:\pagefile.sys 1152 2304 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 19,53 Gb Total Space | 3,15 Gb Free Space | 16,14% Space Free | Partition Type: NTFS Drive D: | 35,45 Gb Total Space | 0,16 Gb Free Space | 0,44% Space Free | Partition Type: NTFS Drive E: | 64,76 Gb Total Space | 3,76 Gb Free Space | 5,80% Space Free | Partition Type: NTFS Drive F: | 4,34 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive G: | 2,79 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive H: | 29,30 Gb Total Space | 5,50 Gb Free Space | 18,77% Space Free | Partition Type: NTFS Drive I: | 3,69 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: MOSO-0EBFA49C35 | User Name: Kamil | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-11-24 15:23:01 | 000,575,488 | ---- | M] (OldTimer Tools) -- H:\Downloads\OTL.exe PRC - [2010-10-29 19:24:44 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-10-14 20:34:53 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.39\GoogleCrashHandler.exe PRC - [2010-10-07 09:04:26 | 012,661,344 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2010-07-17 04:00:15 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-05-14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2009-02-06 11:10:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2008-09-16 10:21:19 | 001,447,168 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 21:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [AKAMAI] PRC - [2008-04-14 21:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 21:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-14 21:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 21:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2007-12-21 06:21:16 | 000,468,224 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2006-11-02 20:40:12 | 000,174,656 | ---- | M] () -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe PRC - [2006-10-26 12:45:04 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WISPTIS.EXE PRC - [2006-02-28 12:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2005-06-29 03:55:38 | 000,376,832 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2005-06-29 00:09:28 | 000,032,768 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe PRC - [2005-02-16 16:15:20 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe PRC - [2004-09-29 11:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe PRC - [2003-05-05 07:57:30 | 000,143,360 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMTray.exe PRC - [2002-09-20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-11-24 15:23:01 | 000,575,488 | ---- | M] (OldTimer Tools) -- H:\Downloads\OTL.exe MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2010-08-16 09:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2010-07-16 13:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 11:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2009-02-03 20:58:45 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-06-17 20:03:15 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-04-14 21:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 21:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2008-04-14 21:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 21:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 21:50:58 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll MOD - [2008-04-14 21:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 21:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 21:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 21:50:48 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll MOD - [2008-04-14 21:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 21:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 21:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 21:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 21:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll MOD - [2008-04-14 21:50:38 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll MOD - [2008-04-14 21:50:34 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2008-04-14 21:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 21:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-14 21:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 21:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 21:50:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll MOD - [2008-04-14 21:49:56 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll MOD - [2008-04-14 21:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-14 21:43:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME MOD - [2002-11-06 19:00:38 | 000,040,820 | ---- | M] (SoundMAX) -- C:\WINDOWS\system32\Syncor11.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService) SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Usługa Google Update (gupdate) SRV - [2010-11-22 18:01:03 | 000,361,216 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2010-11-11 10:11:58 | 003,019,352 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_4176eef.dll -- (Akamai) SRV - [2009-12-05 06:28:24 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009-04-05 01:17:39 | 001,079,176 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService) SRV - [2008-08-18 12:30:58 | 000,019,200 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2008-06-13 14:29:14 | 000,356,920 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService) SRV - [2007-12-21 06:21:16 | 000,468,224 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2006-11-02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Start_Pending] -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe -- (ProtexisLicensing) SRV - [2004-09-29 11:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) SRV - [2002-09-20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default)) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\motmodem.sys -- (motmodem) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT) DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32) DRV - [2010-06-13 20:54:52 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri) DRV - [2010-06-13 20:54:12 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc) DRV - [2010-06-13 20:54:12 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt) DRV - [2010-05-04 15:35:35 | 000,094,208 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ezplay.sys -- (ezplay) DRV - [2009-12-27 15:08:43 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2008-08-25 10:36:30 | 000,081,288 | ---- | M] (PCTools Research Pty Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iksyssec.sys -- (IKSysSec) DRV - [2008-08-25 10:36:28 | 000,066,952 | ---- | M] (PCTools Research Pty Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iksysflt.sys -- (IKSysFlt) DRV - [2008-08-25 10:36:28 | 000,040,840 | ---- | M] (PCTools Research Pty Ltd.) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ikfilesec.sys -- (IKFileSec) DRV - [2008-08-18 12:27:42 | 000,034,312 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir) DRV - [2008-08-18 12:19:26 | 000,053,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv) DRV - [2008-08-18 12:18:26 | 000,039,944 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2007-04-24 15:28:52 | 010,252,672 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3) DRV - [2005-09-07 15:42:50 | 000,087,792 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mgmt.sys -- (w800mgmt) DRV - [2005-09-07 15:42:50 | 000,085,664 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800obex.sys -- (w800obex) DRV - [2005-09-07 15:42:48 | 000,096,224 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mdm.sys -- (w800mdm) DRV - [2005-09-07 15:42:46 | 000,009,264 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mdfl.sys -- (w800mdfl) DRV - [2005-09-07 15:42:44 | 000,060,768 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800bus.sys -- (w800bus) Sony Ericsson W800 driver (WDM) DRV - [2005-06-29 04:01:56 | 001,241,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2005-06-03 12:47:06 | 000,079,488 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex) DRV - [2005-06-03 12:47:04 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt) DRV - [2005-02-11 09:21:10 | 000,089,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm) DRV - [2005-02-11 09:21:02 | 000,006,576 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl) DRV - [2005-02-11 09:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1060284298-1123561945-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKU\S-1-5-21-1060284298-1123561945-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ekrosno.pl/szablony/ekrosno/rozklad_jazdy/mapaKROSNO.htm IE - HKU\S-1-5-21-1060284298-1123561945-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1060284298-1123561945-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://nasza-klasa.pl/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1 FF - prefs.js..extensions.enabledItems: quickstores@quickstores.de:1.2.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-10-30 23:02:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-11-20 08:39:54 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-06-05 09:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Extensions [2010-06-05 09:44:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2009-11-19 19:58:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b} [2010-11-24 16:39:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\7baokhzu.default\extensions [2010-04-28 11:05:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\7baokhzu.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-11-03 19:52:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\7baokhzu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-11-03 19:52:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\7baokhzu.default\extensions\quickstores@quickstores.de [2009-12-27 15:09:13 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\7baokhzu.default\searchplugins\daemon-search.xml [2010-03-05 21:11:15 | 000,001,979 | ---- | M] () -- C:\Documents and Settings\Kamil\Dane aplikacji\Mozilla\Firefox\Profiles\7baokhzu.default\searchplugins\wrzuta.xml [2010-11-24 21:08:09 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-05-05 13:04:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-09-16 13:45:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2008-11-11 08:38:54 | 000,663,552 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll [2010-07-17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2009-06-15 10:14:40 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll [2010-10-29 19:24:49 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-10-29 19:24:49 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-10-29 19:24:49 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-10-29 19:24:49 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-10-29 19:24:49 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-10-29 19:24:49 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found. O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [ISUSPM Startup] c:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.) O4 - HKU\S-1-5-21-1060284298-1123561945-1644491937-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-1060284298-1123561945-1644491937-1003..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1060284298-1123561945-1644491937-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1060284298-1123561945-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 43 01 00 00 [binary data] O7 - HKU\S-1-5-21-1060284298-1123561945-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O16 - DPF: {00000161-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/C/A/7/CA7D2024-EA89-4F15-908C-DA65C1666614/msaud.CAB (Reg Error: Key error.) O16 - DPF: {32564D57-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/wmv8dmo.cab (Reg Error: Key error.) O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.) O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab (Reg Error: Key error.) O16 - DPF: {41564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab (Reg Error: Key error.) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.12.225 10.20.30.1 8.8.8.8 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-04-04 23:40:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2006-09-06 23:35:28 | 000,000,000 | R--D | M] - G:\AutoRun -- [ UDF ] O32 - AutoRun File - [2006-09-06 23:15:27 | 000,741,376 | R--- | M] (Electronic Arts Inc.) - G:\AutoRun.exe -- [ UDF ] O32 - AutoRun File - [2006-08-23 18:58:17 | 000,593,920 | R--- | M] (Electronic Arts Inc.) - G:\AutoRunGUI.dll -- [ UDF ] O32 - AutoRun File - [2006-09-06 23:28:53 | 000,000,136 | R--- | M] () - G:\autorun.inf -- [ UDF ] O32 - AutoRun File - [2007-08-14 01:30:58 | 000,402,696 | R--- | M] (Electronic Arts) - I:\AutoRun.exe -- [ UDF ] O32 - AutoRun File - [2007-09-02 09:30:29 | 000,000,000 | R--D | M] - I:\Autorun -- [ UDF ] O32 - AutoRun File - [2007-09-02 09:31:16 | 005,085,696 | R--- | M] () - I:\autorun.dat -- [ UDF ] O32 - AutoRun File - [2007-09-02 09:23:25 | 000,000,136 | R--- | M] () - I:\autorun.inf -- [ UDF ] O33 - MountPoints2\{04d0acf7-899b-11df-89bc-0013d4bef1c2}\Shell - "" = AutoRun O33 - MountPoints2\{04d0acf7-899b-11df-89bc-0013d4bef1c2}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- [2007-08-14 01:30:58 | 000,402,696 | R--- | M] (Electronic Arts) O33 - MountPoints2\{3712a906-f2fc-11de-8604-0013d4bef1c2}\Shell - "" = AutoRun O33 - MountPoints2\{3712a906-f2fc-11de-8604-0013d4bef1c2}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2006-09-06 23:15:27 | 000,741,376 | R--- | M] (Electronic Arts Inc.) O33 - MountPoints2\{58733052-0c1a-11df-8696-0013d4bef1c2}\Shell - "" = AutoRun O33 - MountPoints2\{58733052-0c1a-11df-8696-0013d4bef1c2}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- [2007-08-14 01:30:58 | 000,402,696 | R--- | M] (Electronic Arts) O33 - MountPoints2\{58733053-0c1a-11df-8696-0013d4bef1c2}\Shell - "" = AutoRun O33 - MountPoints2\{58733053-0c1a-11df-8696-0013d4bef1c2}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- [2007-08-14 01:30:58 | 000,402,696 | R--- | M] (Electronic Arts) O33 - MountPoints2\{58733056-0c1a-11df-8696-0013d4bef1c2}\Shell - "" = AutoRun O33 - MountPoints2\{58733056-0c1a-11df-8696-0013d4bef1c2}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- [2007-08-14 01:30:58 | 000,402,696 | R--- | M] (Electronic Arts) O33 - MountPoints2\{5ba6202c-5dbe-11df-8840-0013d4bef1c2}\Shell - "" = AutoRun O33 - MountPoints2\{5ba6202c-5dbe-11df-8840-0013d4bef1c2}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- [2007-08-14 01:30:58 | 000,402,696 | R--- | M] (Electronic Arts) O33 - MountPoints2\{60b78095-7526-11df-8905-0013d4bef1c2}\Shell - "" = AutoRun O33 - MountPoints2\{60b78095-7526-11df-8905-0013d4bef1c2}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- [2007-08-14 01:30:58 | 000,402,696 | R--- | M] (Electronic Arts) O33 - MountPoints2\{6fd2f9ae-70ac-11df-88d0-0013d4bef1c2}\Shell - "" = AutoRun O33 - MountPoints2\{6fd2f9ae-70ac-11df-88d0-0013d4bef1c2}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- [2007-08-14 01:30:58 | 000,402,696 | R--- | M] (Electronic Arts) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 0 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sdauxservice - C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools) SafeBootMin: sdcoreservice - C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools) SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sdauxservice - C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools) SafeBootNet: sdcoreservice - C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools) SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-11-24 15:36:52 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2010-11-24 15:36:45 | 000,000,000 | ---D | C] -- C:\rsit [2010-11-23 14:48:54 | 000,000,000 | ---D | C] -- C:\Program Files\HijackThis [2010-11-22 23:43:52 | 000,000,000 | ---D | C] -- C:\Program Files\TP [2010-11-22 18:01:03 | 000,361,216 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TuneUpDefragService.exe [2010-11-21 20:02:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\microsoft [2010-11-07 16:01:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamil\Dane aplikacji\XnView [2010-11-04 19:39:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka [2010-10-25 14:04:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC [2010-10-17 16:20:55 | 000,000,000 | ---D | C] -- C:\Program Files\OniGames [2010-10-16 10:28:17 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll [2010-10-16 10:28:16 | 000,000,000 | ---D | C] -- C:\Program Files\Real Alternative [2010-10-16 10:28:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\Real [2010-10-16 10:28:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamil\Dane aplikacji\Real [2010-10-16 10:28:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Real [2010-10-09 15:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamil\Moje dokumenty\The KMPlayer [2010-10-08 11:47:26 | 009,591,104 | ---- | C] (DT Soft Ltd.) -- C:\Documents and Settings\Kamil\Moje dokumenty\DTLite4356-0091.exe [2010-10-01 23:03:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamil\Moje dokumenty\Nowy folder [2010-10-01 16:40:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamil\Moje dokumenty\ĆPUN [2010-09-30 15:29:11 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm [2010-09-30 15:29:11 | 000,151,552 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm [2010-09-30 15:29:11 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll [2010-09-30 15:14:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kamil\Moje dokumenty\Moja muzyka [2010-09-28 20:58:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kamil\Moje dokumenty\Moje obrazy [2010-09-28 05:35:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamil\Moje dokumenty\OJOsoft Corporation [2010-09-27 15:06:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamil\Moje dokumenty\Downloads [2010-09-26 21:07:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kamil\Moje dokumenty\Pobieranie [2010-05-04 15:35:35 | 000,094,208 | ---- | C] (VSO Software) -- C:\Documents and Settings\Kamil\Dane aplikacji\ezplay.sys [2009-06-15 11:17:48 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll [2009-06-15 11:17:48 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll [2009-06-15 11:17:48 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll [2009-06-15 11:17:48 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll [2009-04-07 15:26:34 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Kamil\Dane aplikacji\pcouffin.sys [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-11-24 21:39:03 | 000,001,132 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1123561945-1644491937-1003UA.job [2010-11-24 21:39:03 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1123561945-1644491937-1003Core.job [2010-11-24 21:15:00 | 000,000,466 | ---- | M] () -- C:\WINDOWS\tasks\Konserwacja 1 kliknięciem.job [2010-11-24 21:14:46 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job [2010-11-24 21:14:42 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-11-24 21:14:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-11-24 21:13:35 | 015,728,640 | ---- | M] () -- C:\Documents and Settings\Kamil\NTUSER.DAT [2010-11-24 21:13:35 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Kamil\ntuser.ini [2010-11-24 20:33:12 | 001,419,509 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\h.fpl [2010-11-24 07:28:15 | 001,594,984 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-11-23 23:39:15 | 000,083,056 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-11-23 21:01:12 | 000,000,599 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk [2010-11-23 14:49:07 | 000,002,563 | ---- | M] () -- C:\Documents and Settings\Kamil\Pulpit\HiJackThis.lnk [2010-11-22 23:53:56 | 000,000,000 | ---- | M] () -- C:\TP17E6DA.$$$ [2010-11-22 23:53:21 | 000,000,000 | ---- | M] () -- C:\TP17E455.$$$ [2010-11-22 23:51:04 | 000,000,000 | ---- | M] () -- C:\TP17DA92.$$$ [2010-11-22 23:49:26 | 000,000,000 | ---- | M] () -- C:\TP17D3A3.$$$ [2010-11-22 23:47:55 | 000,000,000 | ---- | M] () -- C:\TP17CD21.$$$ [2010-11-22 23:45:00 | 000,000,000 | ---- | M] () -- C:\TP17C0BC.$$$ [2010-11-22 23:43:55 | 000,002,857 | ---- | M] () -- C:\Documents and Settings\Kamil\Pulpit\Turbo Pascal 7.0.PIF [2010-11-22 23:28:57 | 000,088,373 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\9.pdf [2010-11-22 23:05:09 | 000,030,601 | ---- | M] () -- C:\Documents and Settings\Kamil\x.exe [2010-11-22 23:01:26 | 000,000,107 | ---- | M] () -- C:\WINDOWS\cdplayer.ini [2010-11-22 22:37:17 | 000,757,277 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\P090710_21.09.JPG [2010-11-22 22:37:09 | 000,741,665 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\P090710_21.09[01].JPG [2010-11-22 18:06:06 | 000,503,306 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-11-22 18:06:06 | 000,444,028 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-11-22 18:06:06 | 000,089,874 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-11-22 18:06:06 | 000,071,904 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-11-22 18:06:00 | 001,124,274 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-11-22 18:01:03 | 000,361,216 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TuneUpDefragService.exe [2010-11-21 22:09:09 | 001,124,553 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 121.jpg [2010-11-21 22:07:36 | 001,027,982 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 128.jpg [2010-11-21 22:07:14 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 121.jpg [2010-11-21 22:06:46 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 128.jpg [2010-11-21 22:01:03 | 001,552,197 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 062.jpg [2010-11-21 21:59:52 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 062.jpg [2010-11-21 21:59:03 | 001,202,581 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 037.jpg [2010-11-21 21:58:08 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 037.jpg [2010-11-21 21:57:55 | 001,149,661 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 035.jpg [2010-11-21 21:56:39 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 035.jpg [2010-11-21 21:54:27 | 001,332,758 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 063.jpg [2010-11-21 21:53:26 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 063.jpg [2010-11-21 21:50:26 | 000,997,421 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\P290510_13.44.JPG [2010-11-21 21:49:32 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\P290510_13.44.JPG [2010-11-21 20:06:50 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-11-20 23:43:13 | 000,067,072 | ---- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-11-20 12:57:02 | 000,031,558 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\http.docx [2010-11-20 08:39:54 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-11-19 23:53:55 | 003,177,752 | -H-- | M] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-11-19 19:00:59 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-11-18 16:22:01 | 007,228,692 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\V171110_20.59.AVI [2010-11-18 16:17:22 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\V171110_20.59.AVI [2010-11-17 23:36:43 | 000,034,535 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Gandalf.pdf [2010-11-15 20:29:38 | 001,036,914 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\101_0814.jpg [2010-11-15 20:29:11 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\101_0814.jpg [2010-11-11 23:41:54 | 000,397,508 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\04102010103.jpg [2010-11-11 23:41:23 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\04102010103.jpg [2010-11-07 16:43:43 | 000,000,902 | ---- | M] () -- C:\WINDOWS\win.ini [2010-11-02 19:44:47 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\pismo.doc [2010-10-21 19:59:35 | 000,045,568 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\PODZIAŁ EPOK 1.doc [2010-10-21 19:43:38 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\PODZIAŁ EPOK 1.doc [2010-10-19 16:10:42 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Default.rdp [2010-10-17 16:24:55 | 000,001,776 | ---- | M] () -- C:\Documents and Settings\Kamil\Pulpit\Uruchom Daemon Vector.lnk [2010-10-17 12:16:42 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-10-15 08:13:13 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-10-11 14:59:21 | 000,002,163 | ---- | M] () -- C:\Documents and Settings\Kamil\Pulpit\Ventrilo.lnk [2010-10-08 11:46:51 | 009,591,104 | ---- | M] (DT Soft Ltd.) -- C:\Documents and Settings\Kamil\Moje dokumenty\DTLite4356-0091.exe [2010-10-01 16:47:47 | 000,309,742 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 112.jpg [2010-10-01 16:40:59 | 001,050,451 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\ĆPUN.rar [2010-10-01 16:38:23 | 000,458,297 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 084.jpg [2010-10-01 16:27:21 | 000,800,010 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 104.jpg [2010-10-01 16:22:24 | 000,438,022 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 015.jpg [2010-10-01 16:09:49 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 015.jpg [2010-10-01 16:06:25 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 112.jpg [2010-10-01 16:06:22 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 104.jpg [2010-10-01 16:06:11 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 099.jpg [2010-10-01 16:05:51 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 084.jpg [2010-10-01 16:05:09 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 038.jpg [2010-10-01 16:01:18 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 132.jpg [2010-10-01 15:54:09 | 001,163,796 | ---- | M] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 074.jpg [2010-10-01 15:53:11 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Kamil\Obraz 074.jpg [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-11-23 14:48:57 | 000,002,563 | ---- | C] () -- C:\Documents and Settings\Kamil\Pulpit\HiJackThis.lnk [2010-11-22 23:53:56 | 000,000,000 | ---- | C] () -- C:\TP17E6DA.$$$ [2010-11-22 23:53:21 | 000,000,000 | ---- | C] () -- C:\TP17E455.$$$ [2010-11-22 23:51:04 | 000,000,000 | ---- | C] () -- C:\TP17DA92.$$$ [2010-11-22 23:49:26 | 000,000,000 | ---- | C] () -- C:\TP17D3A3.$$$ [2010-11-22 23:47:55 | 000,000,000 | ---- | C] () -- C:\TP17CD21.$$$ [2010-11-22 23:45:00 | 000,000,000 | ---- | C] () -- C:\TP17C0BC.$$$ [2010-11-22 23:43:55 | 000,002,857 | ---- | C] () -- C:\Documents and Settings\Kamil\Pulpit\Turbo Pascal 7.0.PIF [2010-11-22 23:28:55 | 000,088,373 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\9.pdf [2010-11-22 23:05:09 | 000,030,601 | ---- | C] () -- C:\Documents and Settings\Kamil\x.exe [2010-11-22 22:36:15 | 000,741,665 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\P090710_21.09[01].JPG [2010-11-22 22:36:14 | 000,757,277 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\P090710_21.09.JPG [2010-11-21 22:07:25 | 001,124,553 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 121.jpg [2010-11-21 22:07:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 121.jpg [2010-11-21 22:06:48 | 001,027,982 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 128.jpg [2010-11-21 22:06:46 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 128.jpg [2010-11-21 21:59:59 | 001,552,197 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 062.jpg [2010-11-21 21:59:52 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 062.jpg [2010-11-21 21:58:10 | 001,202,581 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 037.jpg [2010-11-21 21:58:08 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 037.jpg [2010-11-21 21:56:42 | 001,149,661 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 035.jpg [2010-11-21 21:56:39 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 035.jpg [2010-11-21 21:53:29 | 001,332,758 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 063.jpg [2010-11-21 21:53:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 063.jpg [2010-11-21 21:49:40 | 000,997,421 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\P290510_13.44.JPG [2010-11-21 21:49:32 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\P290510_13.44.JPG [2010-11-18 16:17:25 | 007,228,692 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\V171110_20.59.AVI [2010-11-18 16:17:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\V171110_20.59.AVI [2010-11-17 23:36:42 | 000,034,535 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Gandalf.pdf [2010-11-15 20:29:13 | 001,036,914 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\101_0814.jpg [2010-11-15 20:29:11 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\101_0814.jpg [2010-11-11 23:41:27 | 000,397,508 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\04102010103.jpg [2010-11-11 23:41:23 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\04102010103.jpg [2010-11-02 19:44:47 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\pismo.doc [2010-10-21 19:43:42 | 000,045,568 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\PODZIAŁ EPOK 1.doc [2010-10-21 19:43:38 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\PODZIAŁ EPOK 1.doc [2010-10-19 16:10:42 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Default.rdp [2010-10-17 16:24:55 | 000,001,776 | ---- | C] () -- C:\Documents and Settings\Kamil\Pulpit\Uruchom Daemon Vector.lnk [2010-10-06 19:10:54 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-10-01 16:40:58 | 001,050,451 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\ĆPUN.rar [2010-10-01 16:10:02 | 000,438,022 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 015.jpg [2010-10-01 16:09:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 015.jpg [2010-10-01 16:06:29 | 000,309,742 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 112.jpg [2010-10-01 16:06:28 | 000,800,010 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 104.jpg [2010-10-01 16:06:25 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 112.jpg [2010-10-01 16:06:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 104.jpg [2010-10-01 16:06:11 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 099.jpg [2010-10-01 16:06:10 | 000,458,297 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 084.jpg [2010-10-01 16:05:51 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 084.jpg [2010-10-01 16:05:09 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 038.jpg [2010-10-01 16:01:18 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 132.jpg [2010-10-01 15:53:18 | 001,163,796 | ---- | C] () -- C:\Documents and Settings\Kamil\Moje dokumenty\Obraz 074.jpg [2010-10-01 15:53:11 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Obraz 074.jpg [2010-09-30 15:29:15 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010-09-30 15:29:11 | 000,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml [2010-09-30 15:29:10 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-09-30 15:29:10 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-09-30 15:29:10 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2010-09-30 15:29:09 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-09-17 15:50:56 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll [2010-05-04 16:22:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\DVDConverter.INI [2010-05-04 15:35:41 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\ezplay.log [2010-05-04 15:35:35 | 000,007,861 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\ezplay.cat [2010-05-04 15:35:35 | 000,001,104 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\ezplay.inf [2010-05-04 15:35:35 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\ezplay.ini [2010-05-04 15:35:27 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\inst.exe [2010-01-26 21:32:30 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2009-11-23 01:41:47 | 003,177,752 | -H-- | C] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-11-20 20:04:07 | 000,000,444 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\Hewlett-PackardHP PSC 1400 series1239488459_PROTOCOL.log [2009-11-20 20:04:07 | 000,000,358 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\Hewlett-PackardHP PSC 1400 series1239488459_UI.log [2009-11-20 20:04:07 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini [2009-11-20 20:04:07 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\Hewlett-PackardHP PSC 1400 series1239488459_API.log [2009-11-16 22:22:52 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-11-15 07:27:29 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\avutil.dll [2009-11-15 07:27:28 | 001,945,088 | ---- | C] () -- C:\WINDOWS\System32\avcodec.dll [2009-11-15 07:27:28 | 000,219,136 | ---- | C] () -- C:\WINDOWS\System32\avformat.dll [2009-10-22 02:31:52 | 000,002,519 | ---- | C] () -- C:\WINDOWS\System32\ASPRTMM9.DLL [2009-08-03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll [2009-06-15 11:17:51 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini [2009-05-13 15:58:18 | 004,762,112 | ---- | C] () -- C:\WINDOWS\System32\NCMedia.dll [2009-05-13 15:58:18 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll [2009-04-11 22:58:34 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2009-04-11 10:33:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CorelDrw.INI [2009-04-11 10:28:56 | 000,005,018 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2009-04-10 15:25:23 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-04-08 18:48:33 | 000,000,189 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\default.rss [2009-04-07 21:50:09 | 000,000,039 | ---- | C] () -- C:\WINDOWS\Irremote.ini [2009-04-07 15:27:23 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\vso_ts_preview.xml [2009-04-07 15:26:48 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\pcouffin.log [2009-04-07 15:26:34 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\pcouffin.cat [2009-04-07 15:26:34 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\pcouffin.inf [2009-04-07 12:39:55 | 000,000,107 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2009-04-06 23:17:59 | 000,000,011 | ---- | C] () -- C:\WINDOWS\3DShadow.INI [2009-04-06 16:44:36 | 000,002,516 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\KGyGaAvL.sys [2009-04-06 16:44:36 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\AC6E27FC78.sys [2009-04-05 09:59:53 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll [2009-04-05 09:59:22 | 000,004,035 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2009-04-05 09:59:18 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2009-04-05 08:50:21 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2009-04-05 08:44:30 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2009-04-05 08:27:44 | 000,067,072 | ---- | C] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-04-05 01:28:47 | 001,124,274 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009-04-05 01:28:46 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009-04-05 01:28:05 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini [2009-04-05 00:57:22 | 000,083,056 | ---- | C] () -- C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-04-05 00:47:06 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-04-04 23:46:50 | 000,000,062 | -HS- | C] () -- C:\Documents and Settings\Kamil\Dane aplikacji\desktop.ini [2009-04-04 23:40:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini [2009-04-04 23:36:33 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini [2009-04-04 23:36:33 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini [2009-04-04 23:35:39 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini [2009-04-04 23:35:37 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini [2008-08-18 12:27:42 | 000,034,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\epfwtdir.sys [2008-04-14 21:50:46 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll [2008-04-14 21:50:38 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll [2008-04-14 21:50:32 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll [2008-04-14 21:50:14 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll [2008-04-14 21:50:00 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll [2008-04-13 21:51:34 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll [2008-04-13 21:20:56 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys [2008-04-13 21:19:58 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys [2008-04-13 21:19:44 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys [2008-04-13 21:19:44 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys [2008-04-13 21:19:42 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys [2008-04-13 21:19:40 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys [2007-04-02 22:04:28 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini [2005-10-31 20:28:22 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\MobOlExt.dll [2001-10-26 18:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll [2001-10-26 18:29:40 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll [2001-10-26 18:29:32 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll [2001-10-26 18:28:34 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll [2001-10-26 18:27:02 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll [2001-10-26 17:15:04 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys [2001-10-26 17:14:52 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys [2001-10-26 17:14:32 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys [2001-10-26 17:12:52 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini [2001-10-26 16:45:26 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini [2001-10-26 16:45:26 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini [2001-10-26 16:45:24 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini [2001-10-26 16:42:08 | 000,020,629 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini [2001-10-26 16:42:08 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini [2001-10-26 16:42:08 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini [2001-10-26 16:42:08 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini [2001-08-17 22:31:56 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys [2001-08-17 22:31:56 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys [2001-08-17 22:31:50 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys [2001-08-17 22:31:46 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys [2001-08-17 22:31:46 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys [2001-08-17 22:31:44 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys [2001-08-17 22:13:24 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv [2001-08-17 20:55:06 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini [2001-07-22 03:25:18 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini [2001-07-21 23:36:06 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll [2001-07-21 23:16:20 | 000,000,902 | ---- | C] () -- C:\WINDOWS\win.ini [2001-07-21 23:15:52 | 000,001,205 | ---- | C] () -- C:\WINDOWS\system.ini [2001-07-21 23:15:50 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll [2001-07-06 14:30:02 | 000,003,234 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI [color=#E56717]========== LOP Check ==========[/color] [2009-12-02 18:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Avery [2010-06-20 12:33:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software [2009-12-27 15:08:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-09-06 09:06:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2009-04-05 22:45:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FreeRIP [2010-02-27 12:22:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-05-06 09:50:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2009-06-12 12:37:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MumboJumbo [2010-10-29 18:46:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-08-30 13:48:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\stamina [2010-01-03 17:08:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TechSmith [2010-11-23 19:41:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2010-03-30 15:10:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software [2009-04-15 16:23:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WinZip [2010-03-30 15:09:51 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{55A29068-F2CE-456C-9148-C869879E2357} [2009-04-06 23:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\AGD plugin [2009-12-13 22:41:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\ChomikBox [2009-11-28 20:41:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Cream Software [2009-04-05 00:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\DAEMON Tools [2009-12-27 21:59:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\DAEMON Tools Lite [2009-04-05 00:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\DAEMON Tools Pro [2010-11-16 16:26:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\DC++ [2010-09-28 11:40:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\DMCache [2010-05-05 07:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\DVD2AVI Ripper [2010-06-03 13:50:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Facebook [2009-04-06 23:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Filter Forge Freepack 2 - Photo Effects [2009-11-19 19:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Flock [2010-11-24 20:30:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\foobar2000 [2009-10-27 13:53:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Gadu-Gadu [2010-06-21 19:13:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Gadu-Gadu 10 [2009-08-18 08:38:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\GanymedeNet [2009-04-08 22:05:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\GetRightToGo [2009-10-17 19:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\GHISLER [2010-03-07 19:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\gtk-2.0 [2010-10-17 20:03:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Image Zone Express [2010-11-21 21:52:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\ipla [2009-11-29 20:48:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\KDE [2009-12-08 14:17:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Mikrotik [2010-06-22 07:01:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\MyPhoneExplorer [2010-02-21 13:08:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Nowe Gadu-Gadu [2009-08-29 20:31:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\OpenFM [2009-04-06 10:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\OpenOffice.org [2010-04-27 19:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Opera [2009-11-29 23:12:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Pmcc [2010-05-05 06:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\RipIt4Me [2010-06-13 20:40:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Teleca [2009-12-03 09:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Thinstall [2010-06-05 09:44:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Thunderbird [2010-01-11 19:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Toolbar4 [2010-03-30 15:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\TuneUp Software [2010-05-05 06:31:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\Vso [2009-11-23 12:41:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\WordToPDF [2010-11-07 16:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kamil\Dane aplikacji\XnView [2010-04-10 13:00:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\TuneUp Software [2010-03-30 19:09:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\TuneUp Software [2010-11-24 21:15:00 | 000,000,466 | ---- | M] () -- C:\WINDOWS\Tasks\Konserwacja 1 kliknięciem.job [2010-11-24 21:14:46 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-04-04 23:40:28 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-05-23 11:26:21 | 000,000,506 | -HS- | M] () -- C:\boot.ini [2001-07-21 23:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2009-11-13 22:00:41 | 000,000,000 | RHS- | M] () -- C:\config.sys [2009-04-04 23:40:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009-04-04 23:40:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008-04-13 21:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008-04-13 23:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr [2010-11-24 21:14:36 | 1207,959,552 | -HS- | M] () -- C:\pagefile.sys [2010-11-22 23:45:00 | 000,000,000 | ---- | M] () -- C:\TP17C0BC.$$$ [2010-11-22 23:47:55 | 000,000,000 | ---- | M] () -- C:\TP17CD21.$$$ [2010-11-22 23:49:26 | 000,000,000 | ---- | M] () -- C:\TP17D3A3.$$$ [2010-11-22 23:51:04 | 000,000,000 | ---- | M] () -- C:\TP17DA92.$$$ [2010-11-22 23:53:21 | 000,000,000 | ---- | M] () -- C:\TP17E455.$$$ [2010-11-22 23:53:56 | 000,000,000 | ---- | M] () -- C:\TP17E6DA.$$$ [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys [2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-04-14 22:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ERDNT\cache\eventlog.dll [2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2008-04-14 21:50:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys [2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys [2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ERDNT\cache\winlogon.exe [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe < End of report >[/log]
Tomek01 komentarz 24 listopada 2010 komentarz 24 listopada 2010 W logach nic już nie widzę. W OTL użyj opcji CleanUp. Wyłącz a następnie włącz przywracanie systemu na wszystkich partycjach. Użyj ATF Cleaner, zaznacz trzy pierwsze fajki i empty selected. Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i wyniki pokaż na forum.
k4mil93 komentarz 24 listopada 2010 Autor komentarz 24 listopada 2010 Skanowałem Malwarebytes Anti-Malware, Spyware Doctor i Antywirusem NOD 32 który mam. Malware nic nie znalazł, a w tamtych dwóch dodało coś do kwarantanny, więc chyba nie mam się czego bać? Teraz tak chce sprawdzam, ponieważ po dłuższej przerwie chce sie zalogować do gry Metin i nie chce zeby mnie okradli z wszystkiego
Tomek01 komentarz 25 listopada 2010 komentarz 25 listopada 2010 Została usunięta usługa rootkitowa. W takim razie temat uważam za rozwiązany
k4mil93 komentarz 25 listopada 2010 Autor komentarz 25 listopada 2010 Nie bardzo rozumiem co to usługa rootkitowa [color="#0000FF"]tzn. że był rootkit [/color]
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.