hot123 utworzono 18 grudnia 2010 utworzono 18 grudnia 2010 (edytowane) Witam, mam podobny problem z i00dvoym. Zalągł się już na każdą partycje obu dysków :/ Przydało by się też usunąć inny badziew z którym antyvirus sobie nie radzi. Czy ten scrypt jest uniwersalny dla każdego? Jeśli nie to proszę o pomoc. [b]OTL Log[/b] [log]OTL logfile created on: 2010-12-18 00:57:01 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = D:\Documents and Settings\Żuczek\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 71,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free Paging file location(s): D:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files Drive C: | 29,29 Gb Total Space | 4,17 Gb Free Space | 14,22% Space Free | Partition Type: NTFS Drive D: | 97,25 Gb Total Space | 86,59 Gb Free Space | 89,03% Space Free | Partition Type: NTFS Drive E: | 400,01 Gb Total Space | 391,63 Gb Free Space | 97,91% Space Free | Partition Type: NTFS Drive F: | 119,75 Gb Total Space | 0,96 Gb Free Space | 0,80% Space Free | Partition Type: NTFS Drive G: | 500,00 Gb Total Space | 499,64 Gb Free Space | 99,93% Space Free | Partition Type: NTFS Drive H: | 400,00 Gb Total Space | 17,37 Gb Free Space | 4,34% Space Free | Partition Type: NTFS Drive I: | 571,45 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive J: | 7,45 Gb Total Space | 7,45 Gb Free Space | 100,00% Space Free | Partition Type: FAT32 Computer Name: ZCK | User Name: Żuczek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color="#e56717"]========== Processes (All) ==========[/color] PRC - [2010-12-18 00:55:05 | 000,575,488 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Żuczek\Moje dokumenty\Pobieranie\OTL.exe PRC - [2010-12-17 21:04:04 | 000,783,016 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\Anti-Virus\fssm32.exe PRC - [2010-12-17 21:04:04 | 000,492,200 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\Anti-Virus\fsgk32.exe PRC - [2010-12-11 02:50:46 | 000,016,856 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010-12-11 02:50:45 | 000,912,344 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-12-02 12:09:34 | 000,032,849 | ---- | M] (MyWebSearch.com) -- D:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE PRC - [2010-11-09 17:39:09 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\spoolsv.exe PRC - [2010-06-14 16:10:32 | 000,153,672 | ---- | M] (Logitech Inc.) -- D:\Program Files\Logitech\Gaming Software\LWEMon.exe PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-01-15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- D:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wuauclt.exe PRC - [2009-08-05 16:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\Common\FSMA32.EXE PRC - [2009-08-05 16:58:50 | 000,076,384 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\Common\FSLAUNCH.EXE PRC - [2009-08-05 16:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\Anti-Virus\fsgk32st.exe PRC - [2009-07-14 13:34:58 | 000,168,004 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\nvsvc32.exe PRC - [2009-06-30 18:11:10 | 001,678,848 | ---- | M] () -- D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe PRC - [2009-05-21 07:01:02 | 017,881,600 | ---- | M] (Realtek Semiconductor Corp.) -- D:\WINDOWS\RTHDCPL.EXE PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\services.exe PRC - [2008-10-06 11:51:46 | 000,151,552 | ---- | M] (ROCCAT) -- D:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE PRC - [2008-10-06 11:40:32 | 000,458,752 | ---- | M] (ROCCAT) -- D:\Program Files\ROCCAT\Kone Mouse\OSD.exe PRC - [2008-04-14 18:21:49 | 000,126,464 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 18:21:44 | 000,139,776 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\taskmgr.exe PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 18:21:42 | 000,050,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\smss.exe PRC - [2008-04-14 18:21:38 | 000,033,280 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rundll32.exe PRC - [2008-04-14 18:21:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe PRC - [2008-04-14 18:21:10 | 000,006,144 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 18:21:02 | 000,044,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\alg.exe [color="#e56717"]========== Modules (All) ==========[/color] MOD - [2010-12-18 00:55:05 | 000,575,488 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Żuczek\Moje dokumenty\Pobieranie\OTL.exe MOD - [2010-12-02 12:09:34 | 000,045,134 | ---- | M] (MyWebSearch.com) -- D:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2010-08-16 09:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rpcrt4.dll MOD - [2010-07-27 07:30:33 | 008,491,008 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shell32.dll MOD - [2010-07-16 13:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ole32.dll MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\secur32.dll MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 11:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntdll.dll MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\gdi32.dll MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 18:21:56 | 000,146,432 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 18:20:57 | 000,172,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wldap32.dll MOD - [2008-04-14 18:20:57 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\version.dll MOD - [2008-04-14 18:20:56 | 000,580,096 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\user32.dll MOD - [2008-04-14 18:20:56 | 000,219,648 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 18:20:56 | 000,067,584 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 18:20:45 | 000,064,000 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\samlib.dll MOD - [2008-04-14 18:20:44 | 000,551,936 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 18:20:44 | 000,084,992 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 18:20:44 | 000,023,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 18:20:41 | 000,119,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntmarta.dll MOD - [2008-04-14 18:20:39 | 000,343,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 18:20:35 | 000,586,240 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mlang.dll MOD - [2008-04-14 18:20:32 | 000,110,080 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\imm32.dll MOD - [2008-04-14 18:20:31 | 000,185,344 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 18:20:14 | 000,822,272 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comres.dll MOD - [2008-04-14 18:20:13 | 000,280,064 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 18:20:11 | 000,498,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 18:16:32 | 000,110,592 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msscript.ocx MOD - [2008-04-14 18:12:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msctfime.ime [color="#e56717"]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-12-17 21:17:27 | 000,064,016 | ---- | M] (F-Secure Corporation) [On_Demand | Stopped] -- D:\Program Files\mmp\multisaver\ORSP Client\fsorsp.exe -- (FSORSPClient) SRV - [2010-12-02 12:09:34 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Stopped] -- D:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService) SRV - [2010-11-17 14:22:27 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- D:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-01-15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- D:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009-08-05 16:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) [Auto | Running] -- D:\Program Files\mmp\multisaver\Common\FSMA32.EXE -- (FSMA) SRV - [2009-08-05 16:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) [On_Demand | Stopped] -- D:\Program Files\mmp\multisaver\FWES\Program\fsdfwd.exe -- (FSDFWD) SRV - [2009-08-05 16:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- D:\Program Files\mmp\multisaver\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter) [color="#e56717"]========== Driver Services (SafeList) ==========[/color] DRV - [2010-12-17 21:06:05 | 000,042,664 | ---- | M] () [Kernel | Boot | Running] -- D:\WINDOWS\system32\Drivers\fsbts.sys -- (fsbts) DRV - [2010-12-17 21:04:59 | 000,130,728 | ---- | M] () [Kernel | On_Demand | Running] -- D:\Program Files\mmp\multisaver\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper) DRV - [2010-04-27 16:57:28 | 000,066,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2010-04-27 16:57:28 | 000,015,048 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid) DRV - [2010-04-27 16:57:22 | 000,022,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2010-04-27 14:01:26 | 000,037,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter) DRV - [2009-08-05 16:58:30 | 000,068,064 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- D:\Program Files\mmp\multisaver\HIPS\drivers\fshs.sys -- (F-Secure HIPS) DRV - [2009-08-05 16:57:20 | 000,080,000 | ---- | M] (F-Secure Corporation) [Kernel | Boot | Running] -- D:\WINDOWS\System32\drivers\fsdfw.sys -- (FSFW) DRV - [2009-08-05 16:56:14 | 000,039,776 | ---- | M] () [Kernel | Disabled | Stopped] -- D:\Program Files\mmp\multisaver\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter) DRV - [2009-08-05 16:56:14 | 000,025,184 | ---- | M] () [Kernel | Disabled | Stopped] -- D:\Program Files\mmp\multisaver\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer) DRV - [2009-07-14 19:54:00 | 007,741,664 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2009-05-22 16:37:50 | 005,082,624 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008-09-22 09:09:12 | 000,012,672 | ---- | M] (ROCCAT Ltd) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\Kone.sys -- (KoneFltr) DRV - [2008-08-05 13:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2008-04-13 17:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2006-01-04 08:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2004-08-13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) [color="#e56717"]========== Standard Registry (SafeList) ==========[/color] [color="#e56717"]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2052111302-515967899-839522115-1003\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - D:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com) IE - HKU\S-1-5-21-2052111302-515967899-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2052111302-515967899-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=; [color="#e56717"]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.5 FF - prefs.js..extensions.enabledItems: m3ffxtbr@mywebsearch.com:1.1 FF - prefs.js..extensions.enabledItems: support@real-hide-ip.com:1.0 FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: D:\Program Files\MyWebSearch\bar\1.bin [2010-12-18 00:38:36 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010-12-11 02:50:51 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010-12-11 02:50:51 | 000,000,000 | ---D | M] [2010-11-09 10:46:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla\Extensions [2010-12-17 20:35:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla\Firefox\Profiles\dolhcyuq.default\extensions [2010-11-19 15:14:25 | 000,000,000 | ---D | M] (FlashGot) -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla\Firefox\Profiles\dolhcyuq.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010-11-16 19:06:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla\Firefox\Profiles\dolhcyuq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-11-09 15:19:05 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla\Firefox\Profiles\dolhcyuq.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010-12-17 20:35:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla\Firefox\Profiles\dolhcyuq.default\extensions\support@real-hide-ip.com [2010-12-17 13:32:34 | 000,000,000 | ---D | M] -- D:\Program Files\Mozilla Firefox\extensions [2010-11-09 17:39:25 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-11-09 17:39:09 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-10-27 06:37:26 | 000,002,767 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-10-27 06:37:26 | 000,001,406 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-10-27 06:37:26 | 000,000,917 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-10-27 06:37:26 | 000,000,858 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-10-27 06:37:26 | 000,001,183 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-10-27 06:37:26 | 000,001,683 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-12-18 00:33:07 | 000,000,355 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - D:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com) O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - D:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com) O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - D:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com) O4 - HKLM..\Run: [F-Secure Manager] D:\Program Files\mmp\multisaver\Common\FSM32.EXE (F-Secure Corporation) O4 - HKLM..\Run: [F-Secure TNB] D:\Program Files\mmp\multisaver\FSGUI\TNBUtil.exe (F-Secure Corporation) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [Kone] D:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE (ROCCAT) O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] D:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (MyWebSearch.com) O4 - HKLM..\Run: [MyWebSearch Email Plugin] D:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (MyWebSearch.com) O4 - HKLM..\Run: [NvCplDaemon] D:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] D:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] D:\Program Files\NVIDIA Corporation\nView\nwiz.exe () O4 - HKLM..\Run: [Start WingMan Profiler] D:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.) O4 - Startup: D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk = D:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.) O4 - Startup: D:\Documents and Settings\Żuczek\Menu Start\Programy\Autostart\GIGABYTE Gamer HUD Lite.lnk = D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2052111302-515967899-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2052111302-515967899-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O7 - HKU\S-1-5-21-2052111302-515967899-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\Program Files\mmp\multisaver\FSPS\program\FSLSP.DLL (F-Secure Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\Program Files\mmp\multisaver\FSPS\program\FSLSP.DLL (F-Secure Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\Program Files\mmp\multisaver\FSPS\program\FSLSP.DLL (F-Secure Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - D:\Program Files\mmp\multisaver\FSPS\program\FSLSP.DLL (F-Secure Corporation) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-02-02 19:01:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () - E:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () - F:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () - G:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () - H:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2009-08-13 07:26:19 | 000,000,000 | R--D | M] - I:\AUTORUN -- [ CDFS ] O32 - AutoRun File - [2004-09-27 04:24:38 | 000,000,041 | R--- | M] () - I:\AUTORUN.INF -- [ CDFS ] O32 - AutoRun File - [2010-12-18 00:41:08 | 000,000,000 | RHSD | M] - J:\autorun.inf -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color="#e56717"]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-12-17 21:34:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\F-Secure [2010-12-17 21:00:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\F-Secure [2010-12-17 21:00:21 | 000,080,000 | ---- | C] (F-Secure Corporation) -- D:\WINDOWS\System32\drivers\fsdfw.sys [2010-12-17 20:59:20 | 000,000,000 | ---D | C] -- D:\Program Files\mmp [2010-12-17 20:58:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\fssg [2010-12-17 20:56:41 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\f-secure [2010-12-17 03:08:29 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\RealHideIP [2010-12-17 03:08:29 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\RealHideIP [2010-12-17 03:08:04 | 000,000,000 | ---D | C] -- D:\Program Files\RealHideIP [2010-12-15 22:06:35 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- D:\WINDOWS\System32\npptNT2.sys [2010-12-02 15:46:02 | 000,000,000 | ---D | C] -- D:\WINDOWS\B83FC356B7C0441F8A4DD71E088E7974.TMP [2010-12-02 15:19:14 | 000,000,000 | ---D | C] -- D:\WINDOWS\Minidump [2010-12-02 12:09:35 | 000,032,768 | ---- | C] (FunWebProducts.com) -- D:\WINDOWS\System32\f3PSSavr.scr [2010-12-02 12:09:33 | 000,000,000 | ---D | C] -- D:\Program Files\MyWebSearch [2010-12-02 12:09:11 | 000,000,000 | ---D | C] -- D:\Program Files\FunWebProducts [2010-12-01 09:24:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\YoudaGames [2010-12-01 09:23:56 | 000,000,000 | ---D | C] -- D:\Program Files\Governor of Poker 2 Premium Edition [2010-11-29 20:31:30 | 000,000,000 | ---D | C] -- D:\WINDOWS\Sun [2010-11-23 01:22:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Focus Home Interactive [2010-11-22 17:40:50 | 000,000,000 | ---D | C] -- D:\Program Files\PlayReady [2010-11-21 17:25:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Dane aplikacji\McAfee [2010-11-18 16:29:01 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Adobe [2010-11-18 16:28:08 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Adobe [2010-11-18 16:28:04 | 000,000,000 | ---D | C] -- D:\Program Files\Adobe [2010-11-18 16:28:03 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Adobe AIR [2010-11-18 16:26:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\McAfee Security Scan [2010-11-18 16:26:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\McAfee [2010-11-18 16:26:39 | 000,000,000 | ---D | C] -- D:\Program Files\McAfee Security Scan [2010-11-18 16:26:35 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Adobe [2010-11-18 12:40:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Moje dokumenty\My Downloads [2010-11-18 12:40:03 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\IGN_DLM [2010-11-18 12:38:39 | 000,000,000 | ---D | C] -- D:\Program Files\Download Manager [2010-11-16 19:22:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Treyarch [2010-11-16 13:52:13 | 000,000,000 | ---D | C] -- D:\Program Files\NAPI-PROJEKT [2010-11-10 20:56:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Activision [2010-11-10 20:20:03 | 000,000,000 | ---D | C] -- D:\WINDOWS\Logs [2010-11-10 20:06:19 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Steam [2010-11-09 17:39:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Sun [2010-11-09 17:39:38 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Java [2010-11-09 17:39:06 | 000,000,000 | ---D | C] -- D:\Program Files\Java [2010-11-09 17:38:17 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Sun [2010-11-09 15:11:36 | 000,000,000 | ---D | C] -- D:\WINDOWS\Prefetch [2010-11-09 15:03:18 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\pl [2010-11-09 15:03:18 | 000,000,000 | ---D | C] -- D:\WINDOWS\l2schemas [2010-11-09 15:03:18 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\bits [2010-11-09 14:58:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\network diagnostic [2010-11-09 14:55:02 | 000,000,000 | -H-D | C] -- D:\WINDOWS\$NtServicePackUninstall$ [2010-11-09 14:47:03 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\XPSViewer [2010-11-09 14:47:01 | 000,000,000 | ---D | C] -- D:\Program Files\MSBuild [2010-11-09 14:45:18 | 000,000,000 | ---D | C] -- D:\Program Files\MSXML 6.0 [2010-11-09 14:38:15 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Żuczek\IETldCache [2010-11-09 14:35:02 | 000,000,000 | ---D | C] -- D:\WINDOWS\ie8updates [2010-11-09 14:34:49 | 000,000,000 | ---D | C] -- D:\WINDOWS\WBEM [2010-11-09 14:33:49 | 000,000,000 | -H-D | C] -- D:\WINDOWS\ie8 [2010-11-09 14:33:49 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\pl-PL [2010-11-09 14:17:39 | 000,000,000 | ---D | C] -- D:\WINDOWS\ServicePackFiles [2010-11-09 13:32:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Media Player Classic [2010-11-09 13:29:56 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\PreInstall [2010-11-09 13:29:54 | 000,000,000 | -H-D | C] -- D:\WINDOWS\$hf_mig$ [2010-11-09 13:08:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\WinRAR [2010-11-09 12:41:09 | 000,000,000 | -HSD | C] -- D:\RECYCLER [2010-11-09 12:35:17 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\ipla [2010-11-09 12:35:17 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-11-09 12:35:10 | 000,000,000 | ---D | C] -- D:\Program Files\ipla [2010-11-09 12:34:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Gadu-Gadu 10 [2010-11-09 12:34:53 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-11-09 12:34:38 | 000,000,000 | ---D | C] -- D:\Program Files\Gadu-Gadu 10 [2010-11-09 12:33:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Moje dokumenty\Pobieranie [2010-11-09 12:33:33 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Macromedia [2010-11-09 12:33:33 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Adobe [2010-11-09 12:27:09 | 000,000,000 | ---D | C] -- D:\Program Files\Mozilla Firefox [2010-11-09 12:05:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Ventrilo [2010-11-09 12:05:37 | 000,000,000 | ---D | C] -- D:\Program Files\Ventrilo [2010-11-09 11:33:29 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Deployment [2010-11-09 11:32:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\en-US [2010-11-09 11:32:21 | 000,000,000 | ---D | C] -- D:\Program Files\Reference Assemblies [2010-11-09 11:31:41 | 000,000,000 | R-SD | C] -- D:\WINDOWS\assembly [2010-11-09 11:31:27 | 000,000,000 | ---D | C] -- D:\WINDOWS\Microsoft.NET [2010-11-09 11:30:49 | 000,000,000 | RH-D | C] -- D:\AHCache [2010-11-09 11:28:19 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\ROCCAT [2010-11-09 11:27:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\ROCCAT [2010-11-09 11:27:06 | 000,000,000 | ---D | C] -- D:\Program Files\DIFX [2010-11-09 11:26:56 | 000,012,672 | ---- | C] (ROCCAT Ltd) -- D:\WINDOWS\System32\drivers\Kone.sys [2010-11-09 11:26:56 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\DRVSTORE [2010-11-09 11:26:49 | 000,000,000 | ---D | C] -- D:\Program Files\ROCCAT [2010-11-09 11:22:30 | 000,000,000 | ---D | C] -- D:\Program Files\Logitech [2010-11-09 11:22:30 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Logitech [2010-11-09 11:21:17 | 000,839,680 | ---- | C] ([url="http://www.mp3dev.org/"]http://www.mp3dev.org/[/url]) -- D:\WINDOWS\System32\lameACM.acm [2010-11-09 11:21:16 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- D:\WINDOWS\System32\yv12vfw.dll [2010-11-09 11:21:16 | 000,151,552 | ---- | C] (fccHandler) -- D:\WINDOWS\System32\ac3acm.acm [2010-11-09 11:21:14 | 000,000,000 | ---D | C] -- D:\Program Files\K-Lite Codec Pack [2010-11-09 11:19:39 | 000,000,000 | ---D | C] -- D:\Program Files\WinRAR [2010-11-09 11:15:54 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Moje dokumenty\temp [2010-11-09 11:13:15 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ReinstallBackups [2010-11-09 11:13:12 | 000,061,440 | ---- | C] (Khronos Group) -- D:\WINDOWS\System32\OpenCL.dll [2010-11-09 11:12:09 | 000,000,000 | ---D | C] -- D:\NVIDIA [2010-11-09 11:11:11 | 000,000,000 | ---D | C] -- D:\Program Files\GIGABYTE [2010-11-09 11:05:00 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Lang [2010-11-09 11:02:17 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Wise Installation Wizard [2010-11-09 11:02:01 | 000,000,000 | -H-D | C] -- D:\WINDOWS\$MSI31Uninstall_KB893803v2$ [2010-11-09 11:01:44 | 000,000,000 | ---D | C] -- D:\Program Files\NVIDIA Corporation [2010-11-09 11:01:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation [2010-11-09 10:54:46 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\RTCOM [2010-11-09 10:54:14 | 000,290,816 | ---- | C] (Realtek Semiconductor Crop.) -- D:\WINDOWS\vncutil.exe [2010-11-09 10:54:14 | 000,122,880 | ---- | C] (Realtek Semiconductor) -- D:\WINDOWS\RtkAudioService.exe [2010-11-09 10:54:05 | 002,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- D:\WINDOWS\ALCWZRD.EXE [2010-11-09 10:54:05 | 001,684,736 | ---- | C] (Creative) -- D:\WINDOWS\System32\drivers\Ambfilt.sys [2010-11-09 10:54:04 | 000,000,000 | -H-D | C] -- D:\Program Files\InstallShield Installation Information [2010-11-09 10:54:04 | 000,000,000 | ---D | C] -- D:\Program Files\Realtek [2010-11-09 10:53:55 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\InstallShield [2010-11-09 10:46:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Mozilla [2010-11-09 10:46:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla [2010-11-09 10:20:36 | 000,000,000 | -HSD | C] -- D:\WINDOWS\Installer [2010-11-09 10:20:35 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\ODBC [2010-11-09 10:20:32 | 000,000,000 | R--D | C] -- D:\Program Files [2010-11-09 10:20:32 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\SpeechEngines [2010-11-09 10:20:32 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Microsoft Shared [2010-11-09 10:20:32 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files [2010-11-09 10:20:04 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Menu Start [2010-11-09 10:20:04 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty [2010-11-09 10:20:04 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\All Users\Szablony [2010-11-09 10:20:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Ulubione [2010-11-09 10:20:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Pulpit [2010-11-09 10:18:14 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\CatRoot2 [2010-11-09 10:18:14 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\CatRoot [2010-11-09 10:18:08 | 000,000,000 | --SD | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Microsoft [2010-11-09 10:18:08 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\All Users\Dane aplikacji [2010-11-09 10:17:49 | 000,000,000 | -HSD | C] -- D:\System Volume Information [2010-11-09 10:17:49 | 000,000,000 | ---D | C] -- D:\Documents and Settings [2010-11-09 10:12:20 | 000,000,000 | R-SD | C] -- D:\WINDOWS\Fonts [2010-11-09 10:12:20 | 000,000,000 | RHSD | C] -- D:\WINDOWS\System32\dllcache [2010-11-09 10:12:20 | 000,000,000 | R--D | C] -- D:\WINDOWS\Web [2010-11-09 10:12:20 | 000,000,000 | -H-D | C] -- D:\WINDOWS\inf [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\WinSxS [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\wins [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\wbem [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\usmt [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\twain_32 [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Temp [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\system32 [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\system [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\spool [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ShellExt [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Setup [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\security [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Resources [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\repair [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ras [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Provisioning [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\PeerNet [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\pchealth [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\oobe [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\npp [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\mui [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\mui [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\msapps [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\msagent [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Media [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\java [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\inetsrv [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\IME [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\ime [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\icsxml [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ias [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Help [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\export [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\etc [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\ehome [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Driver Cache [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\disdn [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\dhcp [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Debug [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Cursors [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Connection Wizard [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\config [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Config [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\AppPatch [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\addins [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\3com_dmi [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\3076 [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\2052 [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1054 [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1045 [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1042 [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1041 [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1037 [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1033 [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1031 [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1028 [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1025 [2010-11-09 10:11:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Identities [2010-11-09 10:11:05 | 000,000,000 | -H-D | C] -- D:\Program Files\Uninstall Information [2010-11-09 10:11:04 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Żuczek\Moje dokumenty\Moje obrazy [2010-11-09 10:11:04 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Żuczek\Moje dokumenty\Moja muzyka [2010-11-09 10:10:56 | 000,000,000 | --SD | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Microsoft [2010-11-09 10:10:56 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Żuczek\SendTo [2010-11-09 10:10:56 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Żuczek\Recent [2010-11-09 10:10:56 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji [2010-11-09 10:10:56 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Żuczek\Ulubione [2010-11-09 10:10:56 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Żuczek\Moje dokumenty [2010-11-09 10:10:56 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Żuczek\Menu Start [2010-11-09 10:10:56 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Żuczek\Cookies [2010-11-09 10:10:56 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne [2010-11-09 10:10:56 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Żuczek\Szablony [2010-11-09 10:10:56 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Żuczek\PrintHood [2010-11-09 10:10:56 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Żuczek\NetHood [2010-11-09 10:10:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Pulpit [2010-11-09 10:10:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-11-09 10:09:28 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\SoftwareDistribution [2010-11-09 10:05:04 | 000,000,000 | ---D | C] -- D:\WINDOWS\SoftwareDistribution [2010-11-09 10:05:01 | 000,000,000 | --SD | C] -- D:\WINDOWS\System32\Microsoft [2010-11-09 10:05:01 | 000,000,000 | --SD | C] -- D:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2010-11-09 10:05:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-11-09 10:04:41 | 000,000,000 | --SD | C] -- D:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2010-11-09 10:04:41 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-11-09 10:03:20 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia330.dll [2010-11-09 10:03:20 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia001.dll [2010-11-09 10:02:38 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- D:\WINDOWS\System32\dllcache\cap7146.sys [2010-11-09 10:02:19 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\xircom [2010-11-09 10:02:19 | 000,000,000 | ---D | C] -- D:\Program Files\xerox [2010-11-09 10:02:19 | 000,000,000 | ---D | C] -- D:\Program Files\microsoft frontpage [2010-11-09 10:00:55 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\All Users\DRM [2010-11-09 10:00:47 | 000,000,000 | --SD | C] -- D:\WINDOWS\Downloaded Program Files [2010-11-09 10:00:47 | 000,000,000 | R--D | C] -- D:\WINDOWS\Offline Web Pages [2010-11-09 10:00:38 | 000,000,000 | -H-D | C] -- D:\Program Files\WindowsUpdate [2010-11-09 10:00:33 | 000,000,000 | ---D | C] -- D:\Program Files\Usługi online [2010-11-09 10:00:18 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\DirectX [2010-11-09 09:59:49 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Services [2010-11-09 09:59:46 | 000,000,000 | --SD | C] -- D:\WINDOWS\Tasks [2010-11-09 09:59:46 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\MSSoap [2010-11-09 09:59:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\srchasst [2010-11-09 09:59:41 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Macromed [2010-11-09 09:59:34 | 000,000,000 | ---D | C] -- D:\Program Files\Movie Maker [2010-11-09 09:59:27 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Restore [2010-11-09 09:59:23 | 000,000,000 | ---D | C] -- D:\Program Files\NetMeeting [2010-11-09 09:59:21 | 000,000,000 | ---D | C] -- D:\Program Files\Outlook Express [2010-11-09 09:59:15 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\System [2010-11-09 09:59:11 | 000,000,000 | ---D | C] -- D:\Program Files\Internet Explorer [2010-11-09 09:59:10 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty\Moje obrazy [2010-11-09 09:58:33 | 000,000,000 | ---D | C] -- D:\Program Files\ComPlus Applications [2010-11-09 09:58:24 | 000,000,000 | ---D | C] -- D:\WINDOWS\Registration [2010-11-09 09:58:14 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty\Moja muzyka [2010-11-09 09:58:14 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Media Player [2010-11-09 09:58:08 | 000,000,000 | ---D | C] -- D:\Program Files\Messenger [2010-11-09 09:58:04 | 000,000,000 | ---D | C] -- D:\Program Files\MSN Gaming Zone [2010-11-09 09:57:39 | 000,000,000 | ---D | C] -- D:\Program Files\Windows NT [2010-11-09 09:57:37 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\MsDtc [2010-11-09 09:57:35 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Com [2010-11-09 09:57:21 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty\Moje wideo [5 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ] [1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ] [color="#e56717"]========== Files - Modified Within 60 Days ==========[/color] [2010-12-18 00:40:17 | 000,186,368 | RHS- | M] () -- D:\WINDOWS\System32\arking.exe [2010-12-18 00:40:17 | 000,121,344 | RHS- | M] () -- D:\WINDOWS\System32\arking0.dll [2010-12-18 00:39:29 | 000,116,224 | RHS- | M] () -- D:\WINDOWS\System32\mgking0.dll [2010-12-18 00:33:07 | 000,000,355 | ---- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts.ussclean [2010-12-18 00:33:07 | 000,000,355 | ---- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts [2010-12-18 00:07:01 | 000,243,457 | ---- | M] () -- D:\WINDOWS\System32\NvApps.xml [2010-12-18 00:06:58 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat [2010-12-17 21:06:05 | 000,042,664 | ---- | M] () -- D:\WINDOWS\System32\drivers\fsbts.sys [2010-12-17 21:02:47 | 000,001,944 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\multiSAVER.lnk [2010-12-17 21:00:24 | 000,496,774 | ---- | M] () -- D:\WINDOWS\System32\perfh015.dat [2010-12-17 21:00:24 | 000,438,638 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat [2010-12-17 21:00:24 | 000,086,784 | ---- | M] () -- D:\WINDOWS\System32\perfc015.dat [2010-12-17 21:00:24 | 000,070,352 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat [2010-12-17 05:18:29 | 000,092,160 | ---- | M] () -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-12-17 03:08:26 | 000,000,706 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Real Hide IP.lnk [2010-12-17 01:01:01 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl [2010-12-12 18:44:21 | 000,000,000 | ---- | M] () -- D:\WINDOWS\System32\94332.lic [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () -- D:\autorun.inf [2010-12-02 15:44:15 | 000,000,664 | ---- | M] () -- D:\WINDOWS\System32\d3d9caps.dat [2010-12-02 15:19:44 | 000,117,248 | RHS- | M] () -- D:\WINDOWS\System32\arking1.dll [2010-12-02 12:09:33 | 000,032,768 | ---- | M] (FunWebProducts.com) -- D:\WINDOWS\System32\f3PSSavr.scr [2010-12-01 09:24:10 | 000,000,926 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Governor of Poker 2 Premium Edition.lnk [2010-11-28 02:17:51 | 000,000,584 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\Skrót do l2.lnk [2010-11-21 17:24:44 | 000,001,619 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\McAfee Security Scan Plus.lnk [2010-11-21 17:24:44 | 000,001,611 | ---- | M] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk [2010-11-19 15:13:39 | 000,001,729 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-11-19 15:13:14 | 000,177,152 | RHS- | M] () -- D:\WINDOWS\System32\mgking.exe [2010-11-19 15:13:14 | 000,177,152 | RHS- | M] () -- D:\i00dvoym.exe [2010-11-19 15:13:14 | 000,116,224 | RHS- | M] () -- D:\WINDOWS\System32\mgking1.dll [2010-11-18 12:38:39 | 000,000,707 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Download Manager.lnk [2010-11-18 05:37:21 | 000,176,640 | RHS- | M] () -- D:\et3ypes.exe [2010-11-16 13:02:20 | 000,177,664 | RHS- | M] () -- D:\bud3mkqr.exe [2010-11-15 13:52:38 | 000,000,650 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\Skrót do JDownloader.lnk [2010-11-14 15:16:31 | 000,098,256 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT [2010-11-14 15:09:11 | 000,001,393 | ---- | M] () -- D:\WINDOWS\imsins.BAK [2010-11-10 20:41:43 | 000,000,205 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\Call of Duty Black Ops.url [2010-11-10 20:41:43 | 000,000,205 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\Call of Duty Black Ops - Multiplayer.url [2010-11-10 20:06:20 | 000,000,521 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Steam.lnk [2010-11-10 17:54:15 | 000,177,664 | RHS- | M] () -- D:\cbbw88s.exe [2010-11-09 15:34:35 | 000,000,574 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\MuOnline.lnk [2010-11-09 15:12:10 | 000,316,640 | ---- | M] () -- D:\WINDOWS\WMSysPr9.prx [2010-11-09 14:39:01 | 000,178,176 | RHS- | M] () -- D:\dwh.exe [2010-11-09 12:47:33 | 000,000,825 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\MUAutoClicker.lnk [2010-11-09 12:35:15 | 000,000,626 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\ipla.lnk [2010-11-09 12:34:53 | 000,000,762 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk [2010-11-09 12:27:15 | 000,001,602 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-11-09 11:26:22 | 000,021,504 | ---- | M] () -- D:\WINDOWS\jestertb.dll [2010-11-09 11:13:50 | 000,240,592 | ---- | M] () -- D:\WINDOWS\System32\nvdrsdb0.bin [2010-11-09 11:13:50 | 000,000,001 | ---- | M] () -- D:\WINDOWS\System32\nvdrssel.bin [2010-11-09 11:13:48 | 000,240,592 | ---- | M] () -- D:\WINDOWS\System32\nvdrsdb1.bin [2010-11-09 11:13:48 | 000,000,000 | ---- | M] () -- D:\WINDOWS\System32\nvdrswr.lk [2010-11-09 11:11:13 | 000,001,834 | ---- | M] () -- D:\Documents and Settings\Żuczek\Menu Start\Programy\Autostart\GIGABYTE Gamer HUD Lite.lnk [2010-11-09 11:05:02 | 000,940,794 | ---- | M] () -- D:\WINDOWS\System32\LoopyMusic.wav [2010-11-09 11:05:02 | 000,146,650 | ---- | M] () -- D:\WINDOWS\System32\BuzzingBee.wav [2010-11-09 10:53:29 | 000,021,891 | ---- | M] () -- D:\WINDOWS\Ascd_tmp.ini [2010-11-09 10:53:19 | 000,001,769 | ---- | M] () -- D:\WINDOWS\Language_trs.ini [2010-11-09 10:46:44 | 000,000,000 | ---- | M] () -- D:\WINDOWS\nsreg.dat [2010-11-09 10:04:44 | 000,008,192 | ---- | M] () -- D:\WINDOWS\REGLOCS.OLD [2010-11-09 10:03:36 | 000,000,261 | ---- | M] () -- D:\WINDOWS\System32\$winnt$.inf [2010-11-09 10:01:55 | 000,002,596 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT [2010-11-09 10:01:52 | 000,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb [2010-11-09 10:01:52 | 000,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb [2010-11-09 10:01:41 | 000,004,293 | ---- | M] () -- D:\WINDOWS\ODBCINST.INI [2010-11-09 09:58:51 | 000,021,856 | ---- | M] () -- D:\WINDOWS\System32\emptyregdb.dat [2010-10-28 13:29:48 | 000,175,104 | RHS- | M] () -- D:\b9v.exe [2010-10-22 07:23:30 | 000,061,440 | ---- | M] (Khronos Group) -- D:\WINDOWS\System32\OpenCL.dll [2010-10-22 07:23:29 | 000,003,739 | ---- | M] () -- D:\WINDOWS\System32\nvinfo.pb [5 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ] [1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ] [color="#e56717"]========== Files Created - No Company Name ==========[/color] [2010-12-18 00:33:07 | 000,000,355 | ---- | C] () -- D:\WINDOWS\System32\drivers\etc\hosts.ussclean [2010-12-18 00:33:07 | 000,000,355 | ---- | C] () -- D:\WINDOWS\System32\drivers\etc\hosts [2010-12-17 21:02:47 | 000,001,944 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\multiSAVER.lnk [2010-12-17 21:00:38 | 000,042,664 | ---- | C] () -- D:\WINDOWS\System32\drivers\fsbts.sys [2010-12-17 03:08:26 | 000,000,706 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Real Hide IP.lnk [2010-12-15 22:06:35 | 000,005,174 | ---- | C] () -- D:\WINDOWS\System32\nppt9x.vxd [2010-12-12 18:44:21 | 000,000,000 | ---- | C] () -- D:\WINDOWS\System32\94332.lic [2010-12-12 14:29:31 | 000,206,038 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\Zdjęcia-0011.jpg [2010-12-02 15:19:44 | 000,117,248 | RHS- | C] () -- D:\WINDOWS\System32\arking1.dll [2010-12-02 15:19:31 | 000,000,664 | ---- | C] () -- D:\WINDOWS\System32\d3d9caps.dat [2010-12-01 09:24:10 | 000,000,926 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Governor of Poker 2 Premium Edition.lnk [2010-11-29 16:09:39 | 000,186,368 | RHS- | C] () -- D:\WINDOWS\System32\arking.exe [2010-11-29 16:09:39 | 000,121,344 | RHS- | C] () -- D:\WINDOWS\System32\arking0.dll [2010-11-28 02:17:51 | 000,000,584 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\Skrót do l2.lnk [2010-11-19 15:13:41 | 000,177,152 | RHS- | C] () -- D:\i00dvoym.exe [2010-11-18 16:29:20 | 000,001,729 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-11-18 16:26:40 | 000,001,619 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\McAfee Security Scan Plus.lnk [2010-11-18 16:26:40 | 000,001,611 | ---- | C] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk [2010-11-18 12:38:39 | 000,000,707 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Download Manager.lnk [2010-11-16 13:02:46 | 000,176,640 | RHS- | C] () -- D:\et3ypes.exe [2010-11-15 13:52:38 | 000,000,650 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\Skrót do JDownloader.lnk [2010-11-14 15:17:51 | 000,177,664 | RHS- | C] () -- D:\bud3mkqr.exe [2010-11-10 20:41:43 | 000,000,205 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\Call of Duty Black Ops.url [2010-11-10 20:41:43 | 000,000,205 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\Call of Duty Black Ops - Multiplayer.url [2010-11-10 20:06:20 | 000,000,521 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Steam.lnk [2010-11-10 17:54:41 | 000,177,664 | RHS- | C] () -- D:\cbbw88s.exe [2010-11-09 15:34:35 | 000,000,574 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\MuOnline.lnk [2010-11-09 14:39:01 | 000,116,224 | RHS- | C] () -- D:\WINDOWS\System32\mgking1.dll [2010-11-09 13:49:15 | 000,693,932 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmplayer.chm [2010-11-09 13:49:15 | 000,354,468 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud1.wav [2010-11-09 13:49:15 | 000,343,204 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud7.wav [2010-11-09 13:49:15 | 000,343,204 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud6.wav [2010-11-09 13:49:15 | 000,172,196 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud9.wav [2010-11-09 13:49:15 | 000,172,196 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud8.wav [2010-11-09 13:49:15 | 000,172,196 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud3.wav [2010-11-09 13:49:15 | 000,086,196 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud5.wav [2010-11-09 13:49:15 | 000,086,180 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud4.wav [2010-11-09 13:49:15 | 000,086,180 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud2.wav [2010-11-09 13:49:15 | 000,071,460 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmplayer.adm [2010-11-09 13:49:15 | 000,034,548 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmdm.inf [2010-11-09 13:49:15 | 000,027,965 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmplay.chm [2010-11-09 13:49:15 | 000,023,829 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tourbg.gif [2010-11-09 13:49:15 | 000,017,489 | ---- | C] () -- D:\WINDOWS\System32\dllcache\videobg.gif [2010-11-09 13:49:15 | 000,013,540 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmfsdk.inf [2010-11-09 13:49:15 | 000,008,677 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm7.gif [2010-11-09 13:49:15 | 000,007,892 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm9.gif [2010-11-09 13:49:15 | 000,007,636 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm2.gif [2010-11-09 13:49:15 | 000,007,369 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm4.gif [2010-11-09 13:49:15 | 000,006,241 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm3.gif [2010-11-09 13:49:15 | 000,006,060 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm6.gif [2010-11-09 13:49:15 | 000,005,789 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm1.gif [2010-11-09 13:49:15 | 000,005,290 | ---- | C] () -- D:\WINDOWS\System32\dllcache\vidsamp.gif [2010-11-09 13:49:15 | 000,004,193 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm8.gif [2010-11-09 13:49:15 | 000,003,187 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tour.js [2010-11-09 13:49:15 | 000,002,477 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm5.gif [2010-11-09 13:49:15 | 000,002,469 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tplay.gif [2010-11-09 13:49:15 | 000,002,450 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tpause.gif [2010-11-09 13:49:15 | 000,002,375 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tplayh.gif [2010-11-09 13:49:15 | 000,002,371 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tpauseh.gif [2010-11-09 13:49:15 | 000,001,771 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmptour.css [2010-11-09 13:49:15 | 000,001,714 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpocm.inf [2010-11-09 13:49:15 | 000,001,398 | ---- | C] () -- D:\WINDOWS\System32\dllcache\taon.gif [2010-11-09 13:49:15 | 000,001,380 | ---- | C] () -- D:\WINDOWS\System32\dllcache\taonh.gif [2010-11-09 13:49:15 | 000,001,380 | ---- | C] () -- D:\WINDOWS\System32\dllcache\taoff.gif [2010-11-09 13:49:15 | 000,001,367 | ---- | C] () -- D:\WINDOWS\System32\dllcache\taoffh.gif [2010-11-09 13:49:11 | 000,066,160 | ---- | C] () -- D:\WINDOWS\System32\dllcache\revert.wmz [2010-11-09 13:49:11 | 000,001,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\skins.inf [2010-11-09 13:49:11 | 000,001,148 | ---- | C] () -- D:\WINDOWS\System32\dllcache\snd.htm [2010-11-09 13:49:10 | 000,089,253 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plyr_err.chm [2010-11-09 13:49:10 | 000,022,060 | ---- | C] () -- D:\WINDOWS\System32\dllcache\npds.zip [2010-11-09 13:49:10 | 000,000,403 | ---- | C] () -- D:\WINDOWS\System32\dllcache\npdrmv2.zip [2010-11-09 13:49:09 | 000,067,866 | ---- | C] () -- D:\WINDOWS\System32\drivers\netwlan5.img [2010-11-09 13:49:09 | 000,036,644 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplayer2.inf [2010-11-09 13:49:09 | 000,002,778 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplogoh.gif [2010-11-09 13:49:09 | 000,002,545 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplogo.gif [2010-11-09 13:49:06 | 000,005,971 | ---- | C] () -- D:\WINDOWS\System32\dllcache\events.js [2010-11-09 13:49:03 | 000,184,137 | ---- | C] () -- D:\WINDOWS\System32\dllcache\compact.wmz [2010-11-09 13:49:03 | 000,129,045 | ---- | C] () -- D:\WINDOWS\System32\drivers\cxthsfs2.cty [2010-11-09 13:49:03 | 000,009,585 | ---- | C] () -- D:\WINDOWS\System32\dllcache\controls.css [2010-11-09 13:49:03 | 000,000,999 | ---- | C] () -- D:\WINDOWS\System32\dllcache\bktrh.gif [2010-11-09 13:49:03 | 000,000,773 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cnth.gif [2010-11-09 13:49:03 | 000,000,773 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cnt.gif [2010-11-09 13:49:03 | 000,000,772 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cntd.gif [2010-11-09 13:49:03 | 000,000,760 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cloapph.gif [2010-11-09 13:49:03 | 000,000,717 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cloapp.gif [2010-11-09 13:48:11 | 000,064,352 | ---- | C] () -- D:\WINDOWS\System32\drivers\ativmc20.cod [2010-11-09 13:05:03 | 000,092,160 | ---- | C] () -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-11-09 12:47:33 | 000,000,825 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\MUAutoClicker.lnk [2010-11-09 12:35:15 | 000,000,626 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\ipla.lnk [2010-11-09 12:34:53 | 000,000,762 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk [2010-11-09 12:27:15 | 000,001,602 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-11-09 11:26:22 | 000,021,504 | ---- | C] () -- D:\WINDOWS\jestertb.dll [2010-11-09 11:21:18 | 000,165,376 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll [2010-11-09 11:21:18 | 000,000,038 | ---- | C] () -- D:\WINDOWS\avisplitter.ini [2010-11-09 11:21:17 | 000,000,414 | ---- | C] () -- D:\WINDOWS\System32\lame_acm.xml [2010-11-09 11:21:16 | 000,790,528 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll [2010-11-09 11:21:16 | 000,134,144 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll [2010-11-09 11:21:16 | 000,108,032 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll [2010-11-09 11:13:50 | 000,240,592 | ---- | C] () -- D:\WINDOWS\System32\nvdrsdb0.bin [2010-11-09 11:13:48 | 000,240,592 | ---- | C] () -- D:\WINDOWS\System32\nvdrsdb1.bin [2010-11-09 11:13:48 | 000,000,001 | ---- | C] () -- D:\WINDOWS\System32\nvdrssel.bin [2010-11-09 11:13:48 | 000,000,000 | ---- | C] () -- D:\WINDOWS\System32\nvdrswr.lk [2010-11-09 11:13:11 | 000,003,739 | ---- | C] () -- D:\WINDOWS\System32\nvinfo.pb [2010-11-09 11:11:13 | 000,001,834 | ---- | C] () -- D:\Documents and Settings\Żuczek\Menu Start\Programy\Autostart\GIGABYTE Gamer HUD Lite.lnk [2010-11-09 11:05:02 | 000,940,794 | ---- | C] () -- D:\WINDOWS\System32\LoopyMusic.wav [2010-11-09 11:05:02 | 000,146,650 | ---- | C] () -- D:\WINDOWS\System32\BuzzingBee.wav [2010-11-09 11:01:16 | 000,019,495 | ---- | C] () -- D:\WINDOWS\System32\nvdisp.nvu [2010-11-09 10:53:22 | 000,005,810 | R--- | C] () -- D:\WINDOWS\System32\drivers\ASACPI.sys [2010-11-09 10:53:19 | 000,001,769 | ---- | C] () -- D:\WINDOWS\Language_trs.ini [2010-11-09 10:53:08 | 000,021,891 | ---- | C] () -- D:\WINDOWS\Ascd_tmp.ini [2010-11-09 10:53:08 | 000,010,296 | ---- | C] () -- D:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2010-11-09 10:46:44 | 000,000,000 | ---- | C] () -- D:\WINDOWS\nsreg.dat [2010-11-09 10:20:39 | 000,001,393 | ---- | C] () -- D:\WINDOWS\imsins.BAK [2010-11-09 10:20:35 | 000,004,293 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI [2010-11-09 10:20:33 | 001,685,606 | ---- | C] () -- D:\WINDOWS\System32\dllcache\sam.spd [2010-11-09 10:20:33 | 000,643,717 | ---- | C] () -- D:\WINDOWS\System32\dllcache\ltts1033.lxa [2010-11-09 10:20:33 | 000,605,050 | ---- | C] () -- D:\WINDOWS\System32\dllcache\r1033tts.lxa [2010-11-09 10:20:33 | 000,000,888 | ---- | C] () -- D:\WINDOWS\System32\dllcache\sam.sdf [2010-11-09 10:20:17 | 000,001,734 | ---- | C] () -- D:\WINDOWS\System32\AUTOEXEC.NT [2010-11-09 10:18:25 | 000,808,524 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5IIS.CAT [2010-11-09 10:18:25 | 000,399,670 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2010-11-09 10:18:25 | 000,037,509 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MW770.CAT [2010-11-09 10:18:25 | 000,013,497 | ---- | C] () -- D:\WINDOWS\System32\dllcache\HPCRDP.CAT [2010-11-09 10:18:25 | 000,008,599 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IASNT4.CAT [2010-11-09 10:18:25 | 000,007,382 | ---- | C] () -- D:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2010-11-09 10:18:25 | 000,007,334 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmerrenu.cat [2010-11-09 10:18:24 | 001,014,483 | ---- | C] () -- D:\WINDOWS\System32\dllcache\SP2.CAT [2010-11-09 10:17:48 | 000,098,256 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT [2010-11-09 10:16:56 | 000,178,176 | RHS- | C] () -- D:\dwh.exe [2010-11-09 10:16:39 | 000,000,261 | ---- | C] () -- D:\WINDOWS\System32\$winnt$.inf [2010-11-09 10:16:30 | 000,177,152 | RHS- | C] () -- D:\WINDOWS\System32\mgking.exe [2010-11-09 10:16:30 | 000,116,224 | RHS- | C] () -- D:\WINDOWS\System32\mgking0.dll [2010-11-09 10:15:30 | 000,175,104 | RHS- | C] () -- D:\b9v.exe [2010-11-09 10:15:30 | 000,000,063 | RHS- | C] () -- D:\autorun.inf [2010-11-09 10:04:44 | 000,008,192 | ---- | C] () -- D:\WINDOWS\REGLOCS.OLD [2010-11-09 10:03:36 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat [2010-11-09 10:03:17 | 000,175,104 | ---- | C] () -- D:\WINDOWS\System32\dllcache\pintlcsa.dll [2010-11-09 10:03:08 | 001,158,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\korwbrkr.lex [2010-11-09 10:03:04 | 000,196,665 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imjpinst.exe [2010-11-09 10:03:04 | 000,059,392 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imscinst.exe [2010-11-09 10:03:02 | 000,134,339 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imekr.lex [2010-11-09 10:02:52 | 013,463,552 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hwxjpn.dll [2010-11-09 10:02:48 | 000,108,827 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hanja.lex [2010-11-09 10:02:40 | 000,173,568 | ---- | C] () -- D:\WINDOWS\System32\dllcache\chtskf.dll [2010-11-09 10:01:55 | 000,002,596 | ---- | C] () -- D:\WINDOWS\System32\CONFIG.NT [2010-11-09 10:01:52 | 000,023,392 | ---- | C] () -- D:\WINDOWS\System32\nscompat.tlb [2010-11-09 10:01:52 | 000,016,832 | ---- | C] () -- D:\WINDOWS\System32\amcompat.tlb [2010-11-09 10:01:51 | 000,316,640 | ---- | C] () -- D:\WINDOWS\WMSysPr9.prx [2010-11-09 10:00:24 | 004,399,505 | ---- | C] () -- D:\WINDOWS\System32\dllcache\nls302en.lex [2010-11-09 09:59:57 | 000,048,680 | -HS- | C] () -- D:\WINDOWS\winnt256.bmp [2010-11-09 09:59:57 | 000,048,680 | -HS- | C] () -- D:\WINDOWS\winnt.bmp [2010-11-09 09:59:51 | 000,000,984 | ---- | C] () -- D:\WINDOWS\System32\dllcache\srframe.mmf [2010-11-09 09:58:51 | 000,021,856 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat [2010-11-09 09:57:52 | 000,065,832 | ---- | C] () -- D:\WINDOWS\Stiuk z Santa Fe.bmp [2010-11-09 09:57:52 | 000,026,680 | ---- | C] () -- D:\WINDOWS\Wachlarze.bmp [2010-11-09 09:57:52 | 000,017,362 | ---- | C] () -- D:\WINDOWS\Rododendron.bmp [2010-11-09 09:57:52 | 000,009,522 | ---- | C] () -- D:\WINDOWS\Indiański pled.bmp [2010-11-09 09:57:51 | 000,065,978 | ---- | C] () -- D:\WINDOWS\Bąbelki.bmp [2010-11-09 09:57:51 | 000,065,954 | ---- | C] () -- D:\WINDOWS\Pod mikroskopem.bmp [2010-11-09 09:57:51 | 000,026,582 | ---- | C] () -- D:\WINDOWS\Nefryt.bmp [2010-11-09 09:57:51 | 000,017,336 | ---- | C] () -- D:\WINDOWS\Na rybkach.bmp [2010-11-09 09:57:51 | 000,017,062 | ---- | C] () -- D:\WINDOWS\Kawa.bmp [2010-11-09 09:57:51 | 000,016,730 | ---- | C] () -- D:\WINDOWS\Puch.bmp [2010-11-09 09:57:51 | 000,001,272 | ---- | C] () -- D:\WINDOWS\Niebieska koronka 16.bmp [2010-11-09 09:57:48 | 000,003,286 | ---- | C] () -- D:\WINDOWS\System32\tslabels.h [2010-11-09 09:57:48 | 000,001,225 | ---- | C] () -- D:\WINDOWS\System32\usrlogon.cmd [2010-11-09 09:57:47 | 000,000,768 | ---- | C] () -- D:\WINDOWS\System32\msdtcprf.h [2010-11-09 09:57:41 | 000,063,488 | ---- | C] () -- D:\WINDOWS\System32\wmimgmt.msc [color="#e56717"]========== LOP Check ==========[/color] [2010-12-17 20:59:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\f-secure [2010-12-17 20:58:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\fssg [2010-11-09 12:34:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-11-22 17:40:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-11-09 11:27:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ROCCAT [2010-12-17 21:34:02 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\F-Secure [2010-11-09 12:34:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Gadu-Gadu 10 [2010-12-16 17:39:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\ipla [2010-11-09 11:28:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\ROCCAT [2010-12-01 09:24:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\YoudaGames [color="#e56717"]========== Purity Check ==========[/color] [color="#e56717"]========== Custom Scans ==========[/color] [color="#a23bec"]< %systemdrive%\*.* >[/color] [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () -- D:\autorun.inf [2010-10-28 13:29:48 | 000,175,104 | RHS- | M] () -- D:\b9v.exe [2010-11-16 13:02:20 | 000,177,664 | RHS- | M] () -- D:\bud3mkqr.exe [2010-11-10 17:54:15 | 000,177,664 | RHS- | M] () -- D:\cbbw88s.exe [2010-11-09 14:39:01 | 000,178,176 | RHS- | M] () -- D:\dwh.exe [2010-11-18 05:37:21 | 000,176,640 | RHS- | M] () -- D:\et3ypes.exe [2010-11-19 15:13:14 | 000,177,152 | RHS- | M] () -- D:\i00dvoym.exe [2010-12-18 00:06:55 | 2145,386,496 | -HS- | M] () -- D:\pagefile.sys [color="#a23bec"]< MD5 for: AGP440.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2010-11-09 14:55:01 | 023,908,281 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2010-11-09 14:55:01 | 023,908,281 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys [2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- D:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- D:\WINDOWS\system32\drivers\agp440.sys [color="#a23bec"]< MD5 for: ATAPI.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2010-11-09 14:55:01 | 023,908,281 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2010-11-09 14:55:01 | 023,908,281 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- D:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- D:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\$NtServicePackUninstall$\atapi.sys [color="#a23bec"]< MD5 for: BEEP.SYS >[/color] [2001-08-17 20:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- D:\WINDOWS\system32\dllcache\beep.sys [2001-08-17 20:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- D:\WINDOWS\system32\drivers\beep.sys [color="#a23bec"]< MD5 for: CDROM.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2010-11-09 14:55:01 | 023,908,281 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2010-11-09 14:55:01 | 023,908,281 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- D:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- D:\WINDOWS\system32\drivers\cdrom.sys [2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- D:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color="#a23bec"]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- D:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- D:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- D:\WINDOWS\system32\eventlog.dll [color="#a23bec"]< MD5 for: NDIS.SYS >[/color] [2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- D:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- D:\WINDOWS\system32\drivers\ndis.sys [2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- D:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color="#a23bec"]< MD5 for: WINLOGON.EXE >[/color] [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- D:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- D:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- D:\WINDOWS\system32\winlogon.exe < End of report >[/log] Oraz [b]RSIT Log[/b] [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Żuczek at 2010-12-18 01:13:25 Microsoft Windows XP Professional Dodatek Service Pack 3 System drive D: has 89 GB (89%) free of 100 GB Total RAM: 2047 MB (69% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 01:13:36, on 2010-12-18 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\nvsvc32.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\spoolsv.exe D:\WINDOWS\RTHDCPL.EXE D:\Program Files\Logitech\Gaming Software\LWEMon.exe D:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE D:\Program Files\Common Files\Java\Java Update\jusched.exe D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe D:\WINDOWS\system32\RUNDLL32.EXE D:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe D:\Program Files\mmp\multisaver\Anti-Virus\fsgk32st.exe D:\Program Files\mmp\multisaver\Common\FSMA32.EXE D:\Program Files\Java\jre6\bin\jqs.exe D:\Program Files\ROCCAT\Kone Mouse\osd.exe D:\WINDOWS\system32\wbem\wmiapsrv.exe D:\WINDOWS\system32\wuauclt.exe D:\Program Files\Mozilla Firefox\firefox.exe D:\Program Files\Mozilla Firefox\plugin-container.exe D:\WINDOWS\system32\taskmgr.exe D:\Program Files\mmp\multisaver\Anti-Virus\FSGK32.EXE D:\Program Files\mmp\multisaver\Anti-Virus\fssm32.exe D:\Program Files\mmp\multisaver\Common\FSLAUNCH.EXE D:\WINDOWS\explorer.exe D:\Documents and Settings\Żuczek\Moje dokumenty\Pobieranie\OTL.exe D:\WINDOWS\notepad.exe D:\WINDOWS\notepad.exe D:\Documents and Settings\Żuczek\Moje dokumenty\Pobieranie\RSIT.exe D:\Program Files\trend micro\Żuczek.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url] R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=; R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - D:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL O1 - Hosts: ::1 localhost O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - D:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - D:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - D:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Start WingMan Profiler] D:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui O4 - HKLM\..\Run: [Kone] "D:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE" O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "D:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h O4 - HKLM\..\Run: [MyWebSearch Email Plugin] D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [nwiz] D:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [F-Secure Manager] "D:\Program Files\mmp\multisaver\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "D:\Program Files\mmp\multisaver\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "D:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MSI" TRANSFORMS="D:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MST" WISE_SETUP_EXE_PATH="i:\driver\2k_xp\190.38\PhysX_9.09.0428_SystemSoftware.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: GIGABYTE Gamer HUD Lite.lnk = D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = ? O8 - Extra context menu item: &Search - [url="http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?s=100000341&p=GRxdm227YYPL&si=&a=n7GWZA1Az.f68hWBClPHSw&n=2010120211"]http://edits.mywebse...Sw&n=2010120211[/url] O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - D:\Program Files\mmp\multisaver\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - D:\Program Files\mmp\multisaver\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - D:\Program Files\mmp\multisaver\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - D:\Program Files\mmp\multisaver\ORSP Client\fsorsp.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - D:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files\Common Files\Steam\SteamService.exe -- End of file - 7581 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}] MyWebSearch Search Assistant BHO - D:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL [2010-12-02 54704] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}] mwsBar BHO - D:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [2010-12-02 775696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java™ Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-09 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-09 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {07B18EA9-A523-4961-B6BB-170DE4475CCA} - My Web Search - D:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [2010-12-02 775696] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2009-05-21 17881600] "Start WingMan Profiler"=D:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 153672] "Kone"=D:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE [2008-10-06 151552] "SunJavaUpdateSched"=D:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] "Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760] "Adobe ARM"=D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288] "My Web Search Bar Search Scope Monitor"=D:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe [2010-12-02 28783] "MyWebSearch Email Plugin"=D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe [2010-12-02 32849] "KernelFaultCheck"=D:\WINDOWS\system32\dumprep 0 -k [] "nwiz"=D:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-07-09 1657376] "NvMediaCenter"=D:\WINDOWS\system32\NvMcTray.dll [2009-07-14 86016] "NvCplDaemon"=D:\WINDOWS\system32\NvCpl.dll [2009-07-14 13877248] "F-Secure Manager"=D:\Program Files\mmp\multisaver\Common\FSM32.EXE [2009-08-05 199264] "F-Secure TNB"=D:\Program Files\mmp\multisaver\FSGUI\TNBUtil.exe [2009-08-05 2349664] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "WiseStubReboot"=MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I D:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MSI TRANSFORMS=D:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MST WISE_SETUP_EXE_PATH=i:\driver\2k_xp\190.38\PhysX_9.09.0428_SystemSoftware.exe [] D:\Documents and Settings\All Users\Menu Start\Programy\Autostart McAfee Security Scan Plus.lnk - D:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe D:\Documents and Settings\Żuczek\Menu Start\Programy\Autostart GIGABYTE Gamer HUD Lite.lnk - D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - D:\WINDOWS\system32\upnpui.dll [2008-04-14 239616] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=36 "NoDriveAutoRun"=0xFFFFFFFF [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "D:\Program Files\Gadu-Gadu 10\gg.exe"="D:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10" "D:\Documents and Settings\Żuczek\Ustawienia lokalne\Apps\2.0\NWRZZE6A.YKX\ALAWT2N6.5XZ\curs..tion_eee711038731a406_0004.0000_1829574f2226d088\CurseClient.exe"="D:\Documents and Settings\Żuczek\Ustawienia lokalne\Apps\2.0\NWRZZE6A.YKX\ALAWT2N6.5XZ\curs..tion_eee711038731a406_0004.0000_1829574f2226d088\CurseClient.exe:*:Enabled:Curse Client 4.0" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "E:\Gry\Steam\Steam.exe"="E:\Gry\Steam\Steam.exe:*:Enabled:Steam" "D:\Program Files\Java\jre6\bin\javaw.exe"="D:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary" "E:\Gry\Steam\SteamApps\common\call of duty black ops rcon\BlackOpsRcon.exe"="E:\Gry\Steam\SteamApps\common\call of duty black ops rcon\BlackOpsRcon.exe:*:Enabled:Call of Duty Black Ops - Remote Console" "E:\Gry\Steam\SteamApps\common\call of duty black ops\BlackOps.exe"="E:\Gry\Steam\SteamApps\common\call of duty black ops\BlackOps.exe:*:Enabled:Call of Duty: Black Ops" "E:\Gry\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe"="E:\Gry\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe:*:Enabled:Call of Duty: Black Ops - Multiplayer" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=" ======List of files/folders created in the last 1 months====== 2010-12-18 01:13:25 ----D---- D:\rsit 2010-12-18 01:13:25 ----D---- D:\Program Files\trend micro 2010-12-17 21:34:02 ----D---- D:\Documents and Settings\Żuczek\Dane aplikacji\F-Secure 2010-12-17 21:00:38 ----A---- D:\WINDOWS\system32\drivers\fsbts.sys 2010-12-17 21:00:21 ----A---- D:\WINDOWS\system32\drivers\fsdfw.sys 2010-12-17 20:59:20 ----D---- D:\Program Files\mmp 2010-12-17 20:58:57 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\fssg 2010-12-17 20:56:41 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\f-secure 2010-12-17 03:08:29 ----D---- D:\Documents and Settings\Żuczek\Dane aplikacji\RealHideIP 2010-12-17 03:08:29 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\RealHideIP 2010-12-17 03:08:04 ----D---- D:\Program Files\RealHideIP 2010-12-15 22:06:35 ----A---- D:\WINDOWS\system32\npptNT2.sys 2010-12-02 15:46:02 ----D---- D:\WINDOWS\B83FC356B7C0441F8A4DD71E088E7974.TMP 2010-12-02 15:19:44 ----RSH---- D:\WINDOWS\system32\arking1.dll 2010-12-02 15:19:14 ----D---- D:\WINDOWS\Minidump 2010-12-02 12:09:33 ----D---- D:\Program Files\MyWebSearch 2010-12-02 12:09:11 ----D---- D:\Program Files\FunWebProducts 2010-12-01 09:24:23 ----D---- D:\Documents and Settings\Żuczek\Dane aplikacji\YoudaGames 2010-12-01 09:23:56 ----D---- D:\Program Files\Governor of Poker 2 Premium Edition 2010-11-29 20:31:30 ----D---- D:\WINDOWS\Sun 2010-11-29 16:09:39 ----RSH---- D:\WINDOWS\system32\arking0.dll 2010-11-29 16:09:39 ----RSH---- D:\WINDOWS\system32\arking.exe 2010-11-22 17:40:50 ----D---- D:\Program Files\PlayReady 2010-11-19 23:22:26 ----A---- D:\WINDOWS\system32\drivers\USBSTOR.SYS 2010-11-19 15:13:41 ----RSH---- D:\i00dvoym.exe ======List of files/folders modified in the last 1 months====== 2010-12-18 01:13:25 ----RD---- D:\Program Files 2010-12-18 00:54:49 ----D---- D:\WINDOWS\Temp 2010-12-18 00:40:51 ----D---- D:\WINDOWS\Prefetch 2010-12-18 00:40:17 ----D---- D:\WINDOWS\system32 2010-12-18 00:39:29 ----RSH---- D:\WINDOWS\system32\mgking0.dll 2010-12-18 00:33:08 ----D---- D:\WINDOWS\system32\drivers\etc 2010-12-18 00:07:20 ----D---- D:\WINDOWS\system32\CatRoot2 2010-12-18 00:06:03 ----A---- D:\WINDOWS\SchedLgU.Txt 2010-12-17 21:23:01 ----D---- D:\WINDOWS 2010-12-17 21:00:38 ----D---- D:\WINDOWS\system32\drivers 2010-12-17 21:00:24 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI 2010-12-17 20:59:07 ----SHD---- D:\WINDOWS\Installer 2010-12-17 01:02:17 ----D---- D:\WINDOWS\system32\inetsrv 2010-12-16 17:39:24 ----D---- D:\Documents and Settings\Żuczek\Dane aplikacji\ipla 2010-12-15 21:58:15 ----HD---- D:\Program Files\InstallShield Installation Information 2010-12-14 21:10:05 ----D---- D:\Documents and Settings\Żuczek\Dane aplikacji\IGN_DLM 2010-12-11 02:50:58 ----D---- D:\Program Files\Mozilla Firefox 2010-12-02 15:46:25 ----D---- D:\WINDOWS\Help 2010-12-02 15:45:05 ----RSHDC---- D:\WINDOWS\system32\dllcache 2010-12-02 15:44:27 ----HD---- D:\WINDOWS\inf 2010-12-02 15:44:27 ----D---- D:\WINDOWS\system32\CatRoot 2010-12-02 15:42:09 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation 2010-12-02 15:36:39 ----D---- D:\Program Files\NVIDIA Corporation 2010-12-02 15:31:52 ----SD---- D:\Documents and Settings\Żuczek\Dane aplikacji\Microsoft 2010-11-28 08:13:30 ----D---- D:\WINDOWS\system32\Restore 2010-11-22 17:40:52 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\ipla 2010-11-22 17:40:49 ----SD---- D:\Documents and Settings\All Users\Dane aplikacji\Microsoft 2010-11-21 17:24:43 ----D---- D:\Program Files\McAfee Security Scan 2010-11-20 23:25:49 ----D---- D:\Program Files\Common Files\Steam 2010-11-19 15:13:14 ----RSH---- D:\WINDOWS\system32\mgking1.dll 2010-11-19 15:13:14 ----RSH---- D:\WINDOWS\system32\mgking.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 fsbts;fsbts; D:\WINDOWS\system32\Drivers\fsbts.sys [2010-12-17 42664] R0 FSFW;F-Secure Firewall Driver; D:\WINDOWS\System32\drivers\fsdfw.sys [2009-08-05 80000] R1 F-Secure HIPS;F-Secure HIPS Driver; \??\D:\Program Files\mmp\multisaver\HIPS\drivers\fshs.sys [] R1 intelppm;Sterownik procesora Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 kbdhid;Sterownik klawiatury HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\D:\Program Files\mmp\multisaver\Anti-Virus\minifilter\fsgk.sys [] R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;HID Class Driver; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-05-22 5082624] R3 KoneFltr;ROCCAT Kone; D:\WINDOWS\system32\drivers\Kone.sys [2008-09-22 12672] R3 mouhid;Sterownik myszy HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160] R3 MTsensor;ATK0110 ACPI UTILITY; D:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810] R3 nv;nv; D:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-07-14 7741664] R3 rtl8139;Sterownik NT karty Realtek RTL8139(A/B/C)-based PCI Fast Ethernet; D:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992] R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 USBSTOR;Sterownik magazynu masowego USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; D:\WINDOWS\system32\drivers\WmBEnum.sys [2010-04-27 22856] R3 WmFilter;Logitech Gaming HID Filter Driver; D:\WINDOWS\system32\drivers\WmFilter.sys [2010-04-27 37704] R3 WmVirHid;Logitech Virtual Hid Device Driver; D:\WINDOWS\system32\drivers\WmVirHid.sys [2010-04-27 15048] R3 WmXlCore;Logitech Translation Layer Driver; D:\WINDOWS\system32\drivers\WmXlCore.sys [2010-04-27 66632] S3 Ambfilt;Ambfilt; D:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736] S3 Monfilt;Monfilt; D:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056] S4 F-Secure Filter;F-Secure File System Filter; \??\D:\Program Files\mmp\multisaver\Anti-Virus\Win2K\FSfilter.sys [] S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\D:\Program Files\mmp\multisaver\Anti-Virus\Win2K\FSrec.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 F-Secure Gatekeeper Handler Starter;FSGKHS; D:\Program Files\mmp\multisaver\Anti-Virus\fsgk32st.exe [2009-08-05 215648] R2 FSMA;F-Secure Management Agent; D:\Program Files\mmp\multisaver\Common\FSMA32.EXE [2009-08-05 186976] R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2010-11-09 153376] R2 nvsvc;NVIDIA Display Driver Service; D:\WINDOWS\system32\nvsvc32.exe [2009-07-14 168004] S2 MyWebSearchService;My Web Search Service; D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe [2010-12-02 28762] S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-30 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; D:\Program Files\mmp\multisaver\FWES\Program\fsdfwd.exe [2009-08-05 522848] S3 FSORSPClient;F-Secure ORSP Client; D:\Program Files\mmp\multisaver\ORSP Client\fsorsp.exe [2010-12-17 64016] S3 idsvc;Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 McComponentHostService;McAfee Security Scan Component Host Service; D:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] S3 Steam Client Service;Steam Client Service; D:\Program Files\Common Files\Steam\SteamService.exe [2010-11-17 403240] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------[/log] [color="#ff0000"]//nie piszemy w innych tematach //wydzielam //dan[/color]
Tomek01 komentarz 18 grudnia 2010 komentarz 18 grudnia 2010 Jest infekcja autorun.inf oraz Adware MyWebSearch. Zastosuj [b][color=#0000CD][url=http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe]Flash Disinfector[/url][/color][/b], najlepiej z podpiętym pendrive'm czy innymi pamięciami USB. W OTL, w oknie Custom scan/fixes wklej: [code]:Processes Explorer.exe :OTL PRC - [2010-12-02 12:09:34 | 000,032,849 | ---- | M] (MyWebSearch.com) -- D:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE MOD - [2010-12-02 12:09:34 | 000,045,134 | ---- | M] (MyWebSearch.com) -- D:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL SRV - [2010-12-02 12:09:34 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Stopped] -- D:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService) IE - HKU\S-1-5-21-2052111302-515967899-839522115-1003\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - D:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com) FF - prefs.js..extensions.enabledItems: m3ffxtbr@mywebsearch.com:1.1 FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: D:\Program Files\MyWebSearch\bar\1.bin [2010-12-18 00:38:36 | 000,000,000 | ---D | M] O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - D:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com) O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - D:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com) O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - D:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] D:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (MyWebSearch.com) O4 - HKLM..\Run: [MyWebSearch Email Plugin] D:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (MyWebSearch.com) O32 - AutoRun File - [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () - E:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () - F:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () - G:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () - H:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2009-08-13 07:26:19 | 000,000,000 | R--D | M] - I:\AUTORUN -- [ CDFS ] O32 - AutoRun File - [2004-09-27 04:24:38 | 000,000,041 | R--- | M] () - I:\AUTORUN.INF -- [ CDFS ] :Files D:\Program Files\MyWebSearch D:\Program Files\FunWebProducts D:\WINDOWS\System32\arking.exe D:\WINDOWS\System32\arking0.dll D:\WINDOWS\System32\mgking0.dll D:\WINDOWS\System32\arking1.dll D:\WINDOWS\System32\mgking.exe D:\WINDOWS\System32\mgking1.dll D:\autorun.inf D:\i00dvoym.exe D:\et3ypes.exe D:\bud3mkqr.exe D:\cbbw88s.exe D:\dwh.exe D:\b9v.exe :Reg [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {07B18EA9-A523-4961-B6BB-170DE4475CCA}=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "My Web Search Bar Search Scope Monitor"=- "MyWebSearch Email Plugin"=- :Services MyWebSearchService :Commands [emptytemp] [start explorer] [Reboot][/code] Klikasz run fix, komputer uruchamia się ponownie. Wrzuć log z usuwania oraz nowe logi: OTL i RSIT Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i wyniki pokaż na forum.
hot123 komentarz 19 grudnia 2010 Autor komentarz 19 grudnia 2010 Mam log z Malwarebytes, aż wstyd pokazywać, syf [log]Malwarebytes' Anti-Malware 1.50 www.malwarebytes.org Wersja bazy: 5351 Windows 5.1.2600 Dodatek Service Pack 3 Internet Explorer 8.0.6001.18702 2010-12-19 04:27:55 mbam-log-2010-12-19 (04-27-55).txt Typ skanowania: Pełne skanowanie (C:\|D:\|E:\|F:\|G:\|H:\|) Przeskanowano obiektów: 596258 Upłynęło: 4 godzin(y), 8 minut(y), 54 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 21 Zainfekowanych wartości rejestru: 2 Zainfekowane informacje rejestru systemowego: 0 Zainfekowanych folderów: 5 Zainfekowanych plików: 401 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\MADOWN (Worm.Magania) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MyWebSearchService (Adware.MyWebSearch) -> Quarantined and deleted successfully. Zainfekowanych wartości rejestru: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Value: MyWebSearch bar Uninstall -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> Value: (default) -> Quarantined and deleted successfully. Zainfekowane informacje rejestru systemowego: (Nie znaleziono zagrożeń) Zainfekowanych folderów: d:\program files\mywebsearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. d:\program files\mywebsearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully. d:\program files\mywebsearch\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. d:\program files\mywebsearch\bar\1.bin\chrome (Adware.MyWebSearch) -> Quarantined and deleted successfully. d:\program files\mywebsearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully. Zainfekowanych plików: d:\program files\uninstall fun web products.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\09lf.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\2bbi1ax.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\2ul.exe (Worm.Magania) -> Quarantined and deleted successfully. c:\33r.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\3dcs9.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\62.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\s1.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\tgt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\utcddeq.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\vgyn6ewc.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\wyskq6lt.exe (Worm.Taterf) -> Quarantined and deleted successfully. c:\x3xh.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\xcr.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\y6cqb2is.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\ysyjq1bs.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\dqm.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\dwh.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\et3ypes.exe (Spyware.PWS) -> Quarantined and deleted successfully. c:\eyruu.exe (Worm.Magania) -> Quarantined and deleted successfully. c:\fk.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\g6jk.exe (Worm.Magania) -> Quarantined and deleted successfully. c:\ggb6w.exe (Trojan.Onlinegames) -> Quarantined and deleted successfully. c:\hc3hvi0.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\ho0q.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\i8ikdjwt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\awb3ryk.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\b9v.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\ba.exe (Worm.Taterf) -> Quarantined and deleted successfully. c:\biriprg.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\bu8.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\ca.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\cbbw88s.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\cgaqyi.exe (Trojan.PWS) -> Quarantined and deleted successfully. c:\chxnxyx.exe (Worm.Taterf) -> Quarantined and deleted successfully. c:\affi8l.exe (Worm.Taterf) -> Quarantined and deleted successfully. c:\krwyrv0d.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\mk28sp.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\n0qls.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016332.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016281.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016325.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016326.exe (Worm.Magania) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016327.exe (Worm.Taterf) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016328.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016329.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016330.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016331.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016333.exe (Worm.Taterf) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016334.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016335.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016337.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016338.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016339.exe (Trojan.PWS) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016340.exe (Worm.Taterf) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016341.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016342.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016343.exe (Spyware.PWS) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016344.exe (Worm.Magania) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016346.exe (Worm.Magania) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016347.exe (Trojan.Onlinegames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016348.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016349.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016351.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016352.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016353.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016354.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016357.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016358.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016361.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016362.exe (Worm.Taterf) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016363.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016364.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016365.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016366.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016367.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016417.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016418.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\Users\Michał\Desktop\aktywator\aktywator.exe (Trojan.Agent) -> Quarantined and deleted successfully. d:\program files\mywebsearch\bar\1.bin\F3HTMLMU.DLL (PUP.FunWebProducts) -> Not selected for removal. d:\program files\mywebsearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully. d:\program files\mywebsearch\bar\1.bin\MWSBAR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully. d:\program files\mywebsearch\bar\1.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully. d:\program files\mywebsearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully. d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP38\A0013812.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP38\A0013813.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully. d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP38\A0013814.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP38\A0013815.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully. d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP41\A0014799.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP41\A0014800.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully. d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP41\A0014801.exe (Malware.Packer) -> Quarantined and deleted successfully. d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP41\A0014802.dll (Malware.Packer) -> Quarantined and deleted successfully. d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP45\A0016121.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP45\A0016122.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully. d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP45\A0016123.exe (Malware.Packer) -> Quarantined and deleted successfully. d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP45\A0016124.dll (Malware.Packer) -> Quarantined and deleted successfully. d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016276.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016277.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully. d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016282.exe (Malware.Packer) -> Quarantined and deleted successfully. d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016283.dll (Malware.Packer) -> Quarantined and deleted successfully. d:\WINDOWS\system32\arking.exe (Malware.Packer) -> Quarantined and deleted successfully. d:\WINDOWS\system32\arking0.dll (Malware.Packer) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016383.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016369.exe (Worm.Magania) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016370.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016371.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016372.exe (Worm.Taterf) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016373.exe (Trojan.Agent) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016374.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016375.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016376.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016377.exe (Worm.Taterf) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016378.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016379.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016380.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016382.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016384.exe (Worm.Taterf) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016385.exe (Trojan.PWS) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016386.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016387.exe (Spyware.PWS) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016388.exe (Worm.Magania) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016389.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016390.exe (Worm.Magania) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016392.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016393.exe (Trojan.Onlinegames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016394.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016395.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016396.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016397.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016400.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016402.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016403.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016405.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016407.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016408.exe (Worm.Taterf) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016409.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016410.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016411.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016412.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016413.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016415.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\09lf.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\2bbi1ax.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\2ul.exe (Worm.Magania) -> Quarantined and deleted successfully. f:\33r.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\3dcs9.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\et3ypes.exe (Spyware.PWS) -> Quarantined and deleted successfully. f:\eyruu.exe (Worm.Magania) -> Quarantined and deleted successfully. f:\fk.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\g6jk.exe (Worm.Magania) -> Quarantined and deleted successfully. f:\ggb6w.exe (Trojan.Onlinegames) -> Quarantined and deleted successfully. f:\hc3hvi0.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\ho0q.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\i8ikdjwt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\krwyrv0d.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\mk28sp.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\n0qls.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\o1.com (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\s1.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\sq.com (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\62.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\6phx.com (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\8paf1d.com (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\affi8l.exe (Worm.Taterf) -> Quarantined and deleted successfully. f:\awb3ryk.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\b.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\b9v.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\ba.exe (Worm.Taterf) -> Quarantined and deleted successfully. f:\biriprg.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\bu8.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\ca.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\cbbw88s.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\cgaqyi.exe (Trojan.PWS) -> Quarantined and deleted successfully. f:\chxnxyx.exe (Worm.Taterf) -> Quarantined and deleted successfully. f:\d9c.bat (Worm.Magania) -> Quarantined and deleted successfully. f:\dqm.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\dwh.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\tgt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\ucivd6xi.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\upx.bat (Worm.AutoRun) -> Quarantined and deleted successfully. f:\utcddeq.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\vgyn6ewc.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\whi.com (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\wyskq6lt.exe (Worm.Taterf) -> Quarantined and deleted successfully. f:\x3xh.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\xbvv6o.com (Trojan.Gamania) -> Quarantined and deleted successfully. f:\xcr.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\y.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\y6cqb2is.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\ysyjq1bs.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\3j2h0tf.bat (Worm.Magania) -> Quarantined and deleted successfully. f:\Michał\downloads\minimizer\minimizer\minimizer.exe (Trojan.Downloader) -> Quarantined and deleted successfully. f:\Michał\Instalki\ventrilo-2.1.4-windows-i386.exe (Trojan.Dropper) -> Quarantined and deleted successfully. f:\Michał\Instalki\fruityloops.studio.producer.edition.xxl.v8.0.0-nope\fruityloops.studio.producer.edition.xxl.v8.0.0-nope\np-fls80\fruityloops.studio.producer.edition.xxl.v8.0.0-nope\Crack\fruityloops.studio.producer.edition.xxl.v8.0.0-nope.exe (Trojan.Downloader) -> Quarantined and deleted successfully. f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP902\A0248841.com (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP903\A0248848.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP904\A0248863.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP905\A0248899.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP905\A0248912.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP905\A0248942.com (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP905\A0248984.cmd (Worm.Tartef) -> Quarantined and deleted successfully. f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP905\A0249983.cmd (Worm.Tartef) -> Quarantined and deleted successfully. f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP906\A0251038.cmd (Worm.Tartef) -> Quarantined and deleted successfully. f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP906\A0251046.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP909\A0252167.com (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP909\A0252186.cmd (Worm.Magania) -> Quarantined and deleted successfully. f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP910\A0252191.com (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP910\A0252205.com (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP910\A0252215.com (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP910\A0253219.com (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP910\A0253253.com (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP911\A0253257.com (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP912\A0253337.com (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP912\A0253359.cmd (Worm.Magania) -> Quarantined and deleted successfully. f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP929\A0262752.com (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP929\A0263715.com (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP929\A0263716.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP929\A0263737.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP308\A0038858.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP289\A0032493.exe (Worm.AutoRun) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP290\A0032508.exe (Worm.Magania) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP291\A0032518.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP292\A0032536.bat (Worm.Magania) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP293\A0032564.exe (Worm.Magania) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP294\A0032586.exe (Worm.Magania) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP295\A0032602.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP296\A0032628.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP296\A0032758.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP296\A0034758.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP296\A0035768.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP296\A0036768.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP296\A0037768.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP296\A0037815.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP296\A0037826.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP296\A0037841.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP296\A0037895.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP296\A0033758.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP296\A0037804.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP297\A0037899.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP297\A0037988.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP297\A0037999.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP297\A0038154.exe (Worm.AutoRun) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP298\A0038217.exe (Worm.AutoRun) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP299\A0038248.exe (Worm.Magania) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP300\A0038299.exe (Worm.Magania) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP301\A0038317.exe (Trojan.GameThief) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP302\A0038339.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP303\A0038346.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP304\A0038372.exe (Worm.Magania) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP305\A0038400.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP306\A0038451.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP307\A0038743.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP309\A0038872.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP309\A0039204.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP310\A0039243.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP311\A0039260.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP312\A0039277.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP313\A0039290.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP314\A0039318.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP315\A0039342.exe (Worm.Magania) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP316\A0039364.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP317\A0039403.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP318\A0039432.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP319\A0039460.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP320\A0039495.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP321\A0039522.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP322\A0039547.exe (Worm.Taterf) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP323\A0039581.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP324\A0039612.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP325\A0039643.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP326\A0039680.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP327\A0039711.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP328\A0039738.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP329\A0039773.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP331\A0039873.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP331\A0040049.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP332\A0040069.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP332\A0041050.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP333\A0041070.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP334\A0041091.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP335\A0041115.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP336\A0041214.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP337\A0041254.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP338\A0041277.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP339\A0041304.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP340\A0041309.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP340\A0041380.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP340\A0041421.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP341\A0041429.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP341\A0041521.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP342\A0041536.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP342\A0041570.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016280.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP143\A0010744.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP144\A0010787.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP144\A0010932.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP144\A0011808.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP144\A0011822.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP144\A0011836.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP145\A0011840.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP146\A0011884.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP146\A0011938.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP147\A0011943.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP147\A0011954.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP148\A0011961.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP149\A0011966.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP150\A0011971.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP151\A0011978.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP151\A0012032.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP151\A0012041.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP151\A0012052.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP152\A0012058.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP152\A0012092.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP152\A0012108.exe (Password.Stealer) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP152\A0012124.exe (Password.Stealer) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP153\A0012131.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP153\A0013124.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP154\A0013492.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\affi8l.exe (Worm.Taterf) -> Quarantined and deleted successfully. g:\mk28sp.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\09lf.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\2bbi1ax.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\2ul.exe (Worm.Magania) -> Quarantined and deleted successfully. g:\33r.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\3dcs9.exe (Trojan.Agent) -> Quarantined and deleted successfully. g:\62.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\awb3ryk.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\b9v.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\ba.exe (Worm.Taterf) -> Quarantined and deleted successfully. g:\biriprg.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\bu8.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\ca.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\cbbw88s.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\cgaqyi.exe (Trojan.PWS) -> Quarantined and deleted successfully. g:\chxnxyx.exe (Worm.Taterf) -> Quarantined and deleted successfully. g:\dqm.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\dwh.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\et3ypes.exe (Spyware.PWS) -> Quarantined and deleted successfully. g:\eyruu.exe (Worm.Magania) -> Quarantined and deleted successfully. g:\fk.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\g6jk.exe (Worm.Magania) -> Quarantined and deleted successfully. g:\ggb6w.exe (Trojan.Onlinegames) -> Quarantined and deleted successfully. g:\hc3hvi0.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\ho0q.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\i8ikdjwt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\krwyrv0d.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\n0qls.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\s1.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\tgt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\utcddeq.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\vgyn6ewc.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\wyskq6lt.exe (Worm.Taterf) -> Quarantined and deleted successfully. g:\x3xh.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\xcr.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\y6cqb2is.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\ysyjq1bs.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. g:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016279.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\09lf.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\2bbi1ax.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\2ul.exe (Worm.Magania) -> Quarantined and deleted successfully. h:\33r.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\3dcs9.exe (Trojan.Agent) -> Quarantined and deleted successfully. h:\62.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\affi8l.exe (Worm.Taterf) -> Quarantined and deleted successfully. h:\awb3ryk.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\b9v.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\ba.exe (Worm.Taterf) -> Quarantined and deleted successfully. h:\biriprg.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\bu8.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\ca.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\cbbw88s.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\cgaqyi.exe (Trojan.PWS) -> Quarantined and deleted successfully. h:\chxnxyx.exe (Worm.Taterf) -> Quarantined and deleted successfully. h:\dqm.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\dwh.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\et3ypes.exe (Spyware.PWS) -> Quarantined and deleted successfully. h:\eyruu.exe (Worm.Magania) -> Quarantined and deleted successfully. h:\fk.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\g6jk.exe (Worm.Magania) -> Quarantined and deleted successfully. h:\ggb6w.exe (Trojan.Onlinegames) -> Quarantined and deleted successfully. h:\hc3hvi0.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\ho0q.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\i8ikdjwt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\krwyrv0d.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\mk28sp.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\n0qls.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\s1.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\tgt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\utcddeq.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\vgyn6ewc.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\wyskq6lt.exe (Worm.Taterf) -> Quarantined and deleted successfully. h:\x3xh.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\xcr.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\y6cqb2is.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\ysyjq1bs.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. h:\downloads\rapiddownloads\61x_popcap_games\61x popcap games\!CRACK\UniCrack.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. h:\downloads\rapiddownloads\61x_popcap_games\61x popcap games\Atomica\keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. h:\Gry\Counter\platform\Admin\adminserver.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully. h:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016278.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. d:\program files\mywebsearch\bar\1.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully. d:\program files\mywebsearch\bar\History\search3 (Adware.MyWebSearch) -> Quarantined and deleted successfully.[/log] Jak włączyłem Dr.Weba wykonał szybki skan, i nic już nie wykrył. loga nie mam. Zostawiłem na noc na pełny skan ale chyba w nocy prądu nie było :/ Także zostawie to na koniec.
Tomek01 komentarz 19 grudnia 2010 komentarz 19 grudnia 2010 Mbam wykonał dobrą robotę, wyrył również ślady Vundo w rejestrze, ale usunął. Czekam na zestaw logów, o które prosiłem.
hot123 komentarz 19 grudnia 2010 Autor komentarz 19 grudnia 2010 (edytowane) A to chyba potwierdzenie tej roboty [log]All processes killed ========== PROCESSES ========== Process Explorer.exe killed successfully! ========== OTL ========== No active process named MWSOEMON.EXE was found! Error: No service named MyWebSearchService was found to stop! Service\Driver key MyWebSearchService not found. File D:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE not found. Registry value HKEY_USERS\S-1-5-21-2052111302-515967899-839522115-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00A6FAF6-072E-44cf-8957-5838F569A31D} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\ not found. File D:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL not found. Prefs.js: m3ffxtbr@mywebsearch.com:1.1 removed from extensions.enabledItems Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com not found. File D:\Program Files\MyWebSearch\bar\1.bin not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}\ not found. File D:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\ not found. File D:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ not found. File HKLM..\Run: [My Web Search Bar Search Scope Monitor] D:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Email Plugin not found. File D:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE not found. Folder move failed. C:\autorun.inf scheduled to be moved on reboot. D:\autorun.inf folder moved successfully. Folder move failed. E:\autorun.inf scheduled to be moved on reboot. Folder move failed. F:\autorun.inf scheduled to be moved on reboot. Folder move failed. G:\autorun.inf scheduled to be moved on reboot. Folder move failed. H:\autorun.inf scheduled to be moved on reboot. File not found. File I:\AUTORUN.INF not found. ========== FILES ========== File\Folder D:\Program Files\MyWebSearch not found. File\Folder D:\Program Files\FunWebProducts not found. File\Folder D:\WINDOWS\System32\arking.exe not found. File\Folder D:\WINDOWS\System32\arking0.dll not found. File\Folder D:\WINDOWS\System32\mgking0.dll not found. File\Folder D:\WINDOWS\System32\arking1.dll not found. File\Folder D:\WINDOWS\System32\mgking.exe not found. File\Folder D:\WINDOWS\System32\mgking1.dll not found. File\Folder D:\autorun.inf not found. File\Folder D:\i00dvoym.exe not found. File\Folder D:\et3ypes.exe not found. File\Folder D:\bud3mkqr.exe not found. File\Folder D:\cbbw88s.exe not found. File\Folder D:\dwh.exe not found. File\Folder D:\b9v.exe not found. ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\My Web Search Bar Search Scope Monitor not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Email Plugin not found. ========== SERVICES/DRIVERS ========== Error: No service named MyWebSearchService was found to stop! Service\Driver key MyWebSearchService not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56502 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Żuczek ->Temp folder emptied: 516217968 bytes ->Temporary Internet Files folder emptied: 170782249 bytes ->Java cache emptied: 455607 bytes ->FireFox cache emptied: 81474147 bytes ->Flash cache emptied: 87038 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2334857 bytes %systemroot%\System32 .tmp files removed: 2596 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 1005773 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 737,00 mb OTL by OldTimer - Version 3.2.17.3 log created on 12192010_214821 Files\Folders moved on Reboot... Folder move failed. C:\autorun.inf scheduled to be moved on reboot. Folder move failed. E:\autorun.inf scheduled to be moved on reboot. Folder move failed. F:\autorun.inf scheduled to be moved on reboot. Folder move failed. G:\autorun.inf scheduled to be moved on reboot. Folder move failed. H:\autorun.inf scheduled to be moved on reboot. Registry entries deleted on Reboot...[/log] [b]log OTL[/b] [log]OTL logfile created on: 2010-12-19 21:56:06 - Run 2 OTL by OldTimer - Version 3.2.17.3 Folder = D:\Documents and Settings\Żuczek\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 70,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free Paging file location(s): D:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files Drive C: | 29,29 Gb Total Space | 4,18 Gb Free Space | 14,28% Space Free | Partition Type: NTFS Drive D: | 97,25 Gb Total Space | 85,58 Gb Free Space | 88,00% Space Free | Partition Type: NTFS Drive E: | 400,01 Gb Total Space | 391,63 Gb Free Space | 97,91% Space Free | Partition Type: NTFS Drive F: | 119,75 Gb Total Space | 0,97 Gb Free Space | 0,81% Space Free | Partition Type: NTFS Drive G: | 500,00 Gb Total Space | 499,64 Gb Free Space | 99,93% Space Free | Partition Type: NTFS Drive H: | 400,00 Gb Total Space | 25,98 Gb Free Space | 6,50% Space Free | Partition Type: NTFS Drive I: | 1,52 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive J: | 7,45 Gb Total Space | 7,45 Gb Free Space | 100,00% Space Free | Partition Type: FAT32 Computer Name: ZCK | User Name: Żuczek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-12-18 00:55:05 | 000,575,488 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Żuczek\Moje dokumenty\Pobieranie\OTL.exe PRC - [2010-12-17 21:17:27 | 000,064,016 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\ORSP Client\fsorsp.exe PRC - [2010-12-17 21:05:43 | 000,365,248 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\Anti-Virus\fsav32.exe PRC - [2010-12-17 21:04:04 | 000,783,016 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\Anti-Virus\fssm32.exe PRC - [2010-12-17 21:04:04 | 000,492,200 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\Anti-Virus\fsgk32.exe PRC - [2010-12-11 02:50:46 | 000,016,856 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010-12-11 02:50:45 | 000,912,344 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-11-09 17:39:09 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\spoolsv.exe PRC - [2010-06-14 16:10:32 | 000,153,672 | ---- | M] (Logitech Inc.) -- D:\Program Files\Logitech\Gaming Software\LWEMon.exe PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-01-15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- D:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe PRC - [2009-08-05 16:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\Common\FSMA32.EXE PRC - [2009-08-05 16:58:50 | 000,199,264 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\Common\FSM32.EXE PRC - [2009-08-05 16:58:50 | 000,088,672 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\Common\FSHDLL32.EXE PRC - [2009-08-05 16:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\FWES\program\fsdfwd.exe PRC - [2009-08-05 16:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\Anti-Virus\fsgk32st.exe PRC - [2009-07-14 13:34:58 | 000,168,004 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\nvsvc32.exe PRC - [2009-06-30 18:11:10 | 001,678,848 | ---- | M] () -- D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe PRC - [2009-05-21 07:01:02 | 017,881,600 | ---- | M] (Realtek Semiconductor Corp.) -- D:\WINDOWS\RTHDCPL.EXE PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\services.exe PRC - [2009-02-06 11:10:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2008-10-06 11:51:46 | 000,151,552 | ---- | M] (ROCCAT) -- D:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE PRC - [2008-10-06 11:40:32 | 000,458,752 | ---- | M] (ROCCAT) -- D:\Program Files\ROCCAT\Kone Mouse\OSD.exe PRC - [2008-04-14 18:21:49 | 000,126,464 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 18:21:42 | 000,050,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\smss.exe PRC - [2008-04-14 18:21:38 | 000,033,280 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rundll32.exe PRC - [2008-04-14 18:21:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe PRC - [2008-04-14 18:21:10 | 000,006,144 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 18:21:02 | 000,044,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\alg.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-12-18 00:55:05 | 000,575,488 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Żuczek\Moje dokumenty\Pobieranie\OTL.exe MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2010-08-16 09:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rpcrt4.dll MOD - [2010-07-27 07:30:33 | 008,491,008 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shell32.dll MOD - [2010-07-16 13:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ole32.dll MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shlwapi.dll MOD - [2009-08-05 16:58:30 | 000,330,336 | ---- | M] () -- \\?\d:\program files\mmp\multisaver\hips\fshook32.dll MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\secur32.dll MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\kernel32.dll MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 11:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntdll.dll MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\gdi32.dll MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 18:21:56 | 000,146,432 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 18:20:57 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\version.dll MOD - [2008-04-14 18:20:56 | 000,580,096 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\user32.dll MOD - [2008-04-14 18:20:56 | 000,219,648 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 18:20:56 | 000,067,584 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 18:20:44 | 000,551,936 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 18:20:44 | 000,084,992 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 18:20:44 | 000,023,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 18:20:39 | 000,343,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 18:20:35 | 000,586,240 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mlang.dll MOD - [2008-04-14 18:20:32 | 000,110,080 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\imm32.dll MOD - [2008-04-14 18:20:31 | 000,185,344 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 18:20:14 | 000,822,272 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comres.dll MOD - [2008-04-14 18:20:13 | 000,280,064 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 18:20:11 | 000,498,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 18:16:32 | 000,110,592 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msscript.ocx MOD - [2008-04-14 18:12:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msctfime.ime [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-12-17 21:17:27 | 000,064,016 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- D:\Program Files\mmp\multisaver\ORSP Client\fsorsp.exe -- (FSORSPClient) SRV - [2010-11-17 14:22:27 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- D:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-01-15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- D:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009-08-05 16:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) [Auto | Running] -- D:\Program Files\mmp\multisaver\Common\FSMA32.EXE -- (FSMA) SRV - [2009-08-05 16:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- D:\Program Files\mmp\multisaver\FWES\Program\fsdfwd.exe -- (FSDFWD) SRV - [2009-08-05 16:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- D:\Program Files\mmp\multisaver\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-12-17 21:06:05 | 000,042,664 | ---- | M] () [Kernel | Boot | Running] -- D:\WINDOWS\system32\Drivers\fsbts.sys -- (fsbts) DRV - [2010-12-17 21:04:59 | 000,130,728 | ---- | M] () [Kernel | On_Demand | Running] -- D:\Program Files\mmp\multisaver\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper) DRV - [2010-04-27 16:57:28 | 000,066,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2010-04-27 16:57:28 | 000,015,048 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid) DRV - [2010-04-27 16:57:22 | 000,022,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2010-04-27 14:01:26 | 000,037,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter) DRV - [2009-08-05 16:58:30 | 000,068,064 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- D:\Program Files\mmp\multisaver\HIPS\drivers\fshs.sys -- (F-Secure HIPS) DRV - [2009-08-05 16:57:20 | 000,080,000 | ---- | M] (F-Secure Corporation) [Kernel | Boot | Running] -- D:\WINDOWS\System32\drivers\fsdfw.sys -- (FSFW) DRV - [2009-08-05 16:56:14 | 000,039,776 | ---- | M] () [Kernel | Disabled | Stopped] -- D:\Program Files\mmp\multisaver\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter) DRV - [2009-08-05 16:56:14 | 000,025,184 | ---- | M] () [Kernel | Disabled | Stopped] -- D:\Program Files\mmp\multisaver\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer) DRV - [2009-07-14 19:54:00 | 007,741,664 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2009-05-22 16:37:50 | 005,082,624 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008-09-22 09:09:12 | 000,012,672 | ---- | M] (ROCCAT Ltd) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\Kone.sys -- (KoneFltr) DRV - [2008-08-05 13:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2008-04-13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2006-01-04 08:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2004-08-13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2052111302-515967899-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2052111302-515967899-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=; [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.5 FF - prefs.js..extensions.enabledItems: support@real-hide-ip.com:1.0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010-12-11 02:50:51 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010-12-11 02:50:51 | 000,000,000 | ---D | M] [2010-11-09 10:46:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla\Extensions [2010-12-19 16:52:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla\Firefox\Profiles\dolhcyuq.default\extensions [2010-11-19 15:14:25 | 000,000,000 | ---D | M] (FlashGot) -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla\Firefox\Profiles\dolhcyuq.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010-11-16 19:06:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla\Firefox\Profiles\dolhcyuq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-11-09 15:19:05 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla\Firefox\Profiles\dolhcyuq.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010-12-17 20:35:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla\Firefox\Profiles\dolhcyuq.default\extensions\support@real-hide-ip.com [2010-12-19 16:52:40 | 000,000,000 | ---D | M] -- D:\Program Files\Mozilla Firefox\extensions [2010-11-09 17:39:25 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-11-09 17:39:09 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-10-27 06:37:26 | 000,002,767 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-10-27 06:37:26 | 000,001,406 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-10-27 06:37:26 | 000,000,917 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-10-27 06:37:26 | 000,000,858 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-10-27 06:37:26 | 000,001,183 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-10-27 06:37:26 | 000,001,683 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-12-18 00:33:07 | 000,000,355 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O4 - HKLM..\Run: [F-Secure Manager] D:\Program Files\mmp\multisaver\Common\FSM32.EXE (F-Secure Corporation) O4 - HKLM..\Run: [F-Secure TNB] D:\Program Files\mmp\multisaver\FSGUI\TNBUtil.exe (F-Secure Corporation) O4 - HKLM..\Run: [Kone] D:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE (ROCCAT) O4 - HKLM..\Run: [NvCplDaemon] D:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] D:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] D:\Program Files\NVIDIA Corporation\nView\nwiz.exe () O4 - HKLM..\Run: [Start WingMan Profiler] D:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.) O4 - Startup: D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk = D:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.) O4 - Startup: D:\Documents and Settings\Żuczek\Menu Start\Programy\Autostart\GIGABYTE Gamer HUD Lite.lnk = D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2052111302-515967899-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2052111302-515967899-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O7 - HKU\S-1-5-21-2052111302-515967899-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\Program Files\mmp\multisaver\FSPS\program\FSLSP.DLL (F-Secure Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\Program Files\mmp\multisaver\FSPS\program\FSLSP.DLL (F-Secure Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\Program Files\mmp\multisaver\FSPS\program\FSLSP.DLL (F-Secure Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - D:\Program Files\mmp\multisaver\FSPS\program\FSLSP.DLL (F-Secure Corporation) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-02-02 19:01:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-12-19 21:46:45 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-12-19 21:46:45 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-12-19 21:46:46 | 000,000,000 | RHSD | M] - F:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-12-19 21:46:46 | 000,000,000 | RHSD | M] - G:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-12-19 21:46:46 | 000,000,000 | RHSD | M] - H:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-12-18 00:41:08 | 000,000,000 | RHSD | M] - J:\autorun.inf -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-12-19 21:48:21 | 000,000,000 | ---D | C] -- D:\_OTL [2010-12-19 20:40:32 | 000,000,000 | ---D | C] -- D:\Program Files\USB Drum [2010-12-19 06:59:36 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\DoctorWeb [2010-12-19 03:21:19 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\KB905474 [2010-12-19 00:09:49 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Malwarebytes [2010-12-19 00:09:43 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-12-19 00:09:42 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2010-12-19 00:09:39 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbam.sys [2010-12-19 00:09:38 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes' Anti-Malware [2010-12-18 01:13:25 | 000,000,000 | ---D | C] -- D:\Program Files\trend micro [2010-12-18 01:13:25 | 000,000,000 | ---D | C] -- D:\rsit [2010-12-17 21:34:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\F-Secure [2010-12-17 21:00:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\F-Secure [2010-12-17 21:00:21 | 000,080,000 | ---- | C] (F-Secure Corporation) -- D:\WINDOWS\System32\drivers\fsdfw.sys [2010-12-17 20:59:20 | 000,000,000 | ---D | C] -- D:\Program Files\mmp [2010-12-17 20:58:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\fssg [2010-12-17 20:56:41 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\f-secure [2010-12-17 03:08:29 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\RealHideIP [2010-12-17 03:08:29 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\RealHideIP [2010-12-17 03:08:04 | 000,000,000 | ---D | C] -- D:\Program Files\RealHideIP [2010-12-15 22:06:35 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- D:\WINDOWS\System32\npptNT2.sys [2010-12-02 15:19:14 | 000,000,000 | ---D | C] -- D:\WINDOWS\Minidump [2010-12-01 09:24:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\YoudaGames [2010-12-01 09:23:56 | 000,000,000 | ---D | C] -- D:\Program Files\Governor of Poker 2 Premium Edition [2010-11-29 20:31:30 | 000,000,000 | ---D | C] -- D:\WINDOWS\Sun [2010-11-23 01:22:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Focus Home Interactive [2010-11-22 17:40:50 | 000,000,000 | ---D | C] -- D:\Program Files\PlayReady [2010-11-21 17:25:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Dane aplikacji\McAfee [2010-11-18 16:29:01 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Adobe [2010-11-18 16:28:08 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Adobe [2010-11-18 16:28:04 | 000,000,000 | ---D | C] -- D:\Program Files\Adobe [2010-11-18 16:28:03 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Adobe AIR [2010-11-18 16:26:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\McAfee Security Scan [2010-11-18 16:26:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\McAfee [2010-11-18 16:26:39 | 000,000,000 | ---D | C] -- D:\Program Files\McAfee Security Scan [2010-11-18 16:26:35 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Adobe [2010-11-18 12:40:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Moje dokumenty\My Downloads [2010-11-18 12:40:03 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\IGN_DLM [2010-11-18 12:38:39 | 000,000,000 | ---D | C] -- D:\Program Files\Download Manager [2010-11-16 19:22:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Treyarch [2010-11-16 13:52:13 | 000,000,000 | ---D | C] -- D:\Program Files\NAPI-PROJEKT [2010-11-10 20:56:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Activision [2010-11-10 20:20:03 | 000,000,000 | ---D | C] -- D:\WINDOWS\Logs [2010-11-10 20:06:19 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Steam [2010-11-09 17:39:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Sun [2010-11-09 17:39:38 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Java [2010-11-09 17:39:06 | 000,000,000 | ---D | C] -- D:\Program Files\Java [2010-11-09 17:38:17 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Sun [2010-11-09 15:11:36 | 000,000,000 | ---D | C] -- D:\WINDOWS\Prefetch [2010-11-09 15:03:18 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\pl [2010-11-09 15:03:18 | 000,000,000 | ---D | C] -- D:\WINDOWS\l2schemas [2010-11-09 15:03:18 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\bits [2010-11-09 14:58:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\network diagnostic [2010-11-09 14:55:02 | 000,000,000 | -H-D | C] -- D:\WINDOWS\$NtServicePackUninstall$ [2010-11-09 14:47:03 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\XPSViewer [2010-11-09 14:47:01 | 000,000,000 | ---D | C] -- D:\Program Files\MSBuild [2010-11-09 14:45:18 | 000,000,000 | ---D | C] -- D:\Program Files\MSXML 6.0 [2010-11-09 14:38:15 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Żuczek\IETldCache [2010-11-09 14:35:02 | 000,000,000 | ---D | C] -- D:\WINDOWS\ie8updates [2010-11-09 14:34:49 | 000,000,000 | ---D | C] -- D:\WINDOWS\WBEM [2010-11-09 14:33:49 | 000,000,000 | -H-D | C] -- D:\WINDOWS\ie8 [2010-11-09 14:33:49 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\pl-PL [2010-11-09 14:17:39 | 000,000,000 | ---D | C] -- D:\WINDOWS\ServicePackFiles [2010-11-09 13:32:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Media Player Classic [2010-11-09 13:29:56 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\PreInstall [2010-11-09 13:29:54 | 000,000,000 | -H-D | C] -- D:\WINDOWS\$hf_mig$ [2010-11-09 13:08:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\WinRAR [2010-11-09 12:41:09 | 000,000,000 | -HSD | C] -- D:\RECYCLER [2010-11-09 12:35:17 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\ipla [2010-11-09 12:35:17 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-11-09 12:35:10 | 000,000,000 | ---D | C] -- D:\Program Files\ipla [2010-11-09 12:34:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Gadu-Gadu 10 [2010-11-09 12:34:53 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-11-09 12:34:38 | 000,000,000 | ---D | C] -- D:\Program Files\Gadu-Gadu 10 [2010-11-09 12:33:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Moje dokumenty\Pobieranie [2010-11-09 12:33:33 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Macromedia [2010-11-09 12:33:33 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Adobe [2010-11-09 12:27:09 | 000,000,000 | ---D | C] -- D:\Program Files\Mozilla Firefox [2010-11-09 12:05:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Ventrilo [2010-11-09 12:05:37 | 000,000,000 | ---D | C] -- D:\Program Files\Ventrilo [2010-11-09 11:33:29 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Deployment [2010-11-09 11:32:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\en-US [2010-11-09 11:32:21 | 000,000,000 | ---D | C] -- D:\Program Files\Reference Assemblies [2010-11-09 11:31:41 | 000,000,000 | R-SD | C] -- D:\WINDOWS\assembly [2010-11-09 11:31:27 | 000,000,000 | ---D | C] -- D:\WINDOWS\Microsoft.NET [2010-11-09 11:30:49 | 000,000,000 | RH-D | C] -- D:\AHCache [2010-11-09 11:28:19 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\ROCCAT [2010-11-09 11:27:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\ROCCAT [2010-11-09 11:27:06 | 000,000,000 | ---D | C] -- D:\Program Files\DIFX [2010-11-09 11:26:56 | 000,012,672 | ---- | C] (ROCCAT Ltd) -- D:\WINDOWS\System32\drivers\Kone.sys [2010-11-09 11:26:56 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\DRVSTORE [2010-11-09 11:26:49 | 000,000,000 | ---D | C] -- D:\Program Files\ROCCAT [2010-11-09 11:22:30 | 000,000,000 | ---D | C] -- D:\Program Files\Logitech [2010-11-09 11:22:30 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Logitech [2010-11-09 11:21:17 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- D:\WINDOWS\System32\lameACM.acm [2010-11-09 11:21:16 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- D:\WINDOWS\System32\yv12vfw.dll [2010-11-09 11:21:16 | 000,151,552 | ---- | C] (fccHandler) -- D:\WINDOWS\System32\ac3acm.acm [2010-11-09 11:21:14 | 000,000,000 | ---D | C] -- D:\Program Files\K-Lite Codec Pack [2010-11-09 11:19:39 | 000,000,000 | ---D | C] -- D:\Program Files\WinRAR [2010-11-09 11:15:54 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Moje dokumenty\temp [2010-11-09 11:13:15 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ReinstallBackups [2010-11-09 11:13:12 | 000,061,440 | ---- | C] (Khronos Group) -- D:\WINDOWS\System32\OpenCL.dll [2010-11-09 11:12:09 | 000,000,000 | ---D | C] -- D:\NVIDIA [2010-11-09 11:11:11 | 000,000,000 | ---D | C] -- D:\Program Files\GIGABYTE [2010-11-09 11:05:00 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Lang [2010-11-09 11:02:17 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Wise Installation Wizard [2010-11-09 11:02:01 | 000,000,000 | -H-D | C] -- D:\WINDOWS\$MSI31Uninstall_KB893803v2$ [2010-11-09 11:01:44 | 000,000,000 | ---D | C] -- D:\Program Files\NVIDIA Corporation [2010-11-09 11:01:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation [2010-11-09 10:54:46 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\RTCOM [2010-11-09 10:54:14 | 000,290,816 | ---- | C] (Realtek Semiconductor Crop.) -- D:\WINDOWS\vncutil.exe [2010-11-09 10:54:14 | 000,122,880 | ---- | C] (Realtek Semiconductor) -- D:\WINDOWS\RtkAudioService.exe [2010-11-09 10:54:05 | 002,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- D:\WINDOWS\ALCWZRD.EXE [2010-11-09 10:54:05 | 001,684,736 | ---- | C] (Creative) -- D:\WINDOWS\System32\drivers\Ambfilt.sys [2010-11-09 10:54:04 | 000,000,000 | -H-D | C] -- D:\Program Files\InstallShield Installation Information [2010-11-09 10:54:04 | 000,000,000 | ---D | C] -- D:\Program Files\Realtek [2010-11-09 10:53:55 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\InstallShield [2010-11-09 10:46:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Mozilla [2010-11-09 10:46:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla [2010-11-09 10:20:36 | 000,000,000 | -HSD | C] -- D:\WINDOWS\Installer [2010-11-09 10:20:35 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\ODBC [2010-11-09 10:20:32 | 000,000,000 | R--D | C] -- D:\Program Files [2010-11-09 10:20:32 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\SpeechEngines [2010-11-09 10:20:32 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Microsoft Shared [2010-11-09 10:20:32 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files [2010-11-09 10:20:04 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Menu Start [2010-11-09 10:20:04 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty [2010-11-09 10:20:04 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\All Users\Szablony [2010-11-09 10:20:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Ulubione [2010-11-09 10:20:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Pulpit [2010-11-09 10:18:14 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\CatRoot2 [2010-11-09 10:18:14 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\CatRoot [2010-11-09 10:18:08 | 000,000,000 | --SD | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Microsoft [2010-11-09 10:18:08 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\All Users\Dane aplikacji [2010-11-09 10:17:49 | 000,000,000 | -HSD | C] -- D:\System Volume Information [2010-11-09 10:17:49 | 000,000,000 | ---D | C] -- D:\Documents and Settings [2010-11-09 10:12:20 | 000,000,000 | R-SD | C] -- D:\WINDOWS\Fonts [2010-11-09 10:12:20 | 000,000,000 | RHSD | C] -- D:\WINDOWS\System32\dllcache [2010-11-09 10:12:20 | 000,000,000 | R--D | C] -- D:\WINDOWS\Web [2010-11-09 10:12:20 | 000,000,000 | -H-D | C] -- D:\WINDOWS\inf [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\WinSxS [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\wins [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\wbem [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\usmt [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\twain_32 [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Temp [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\system32 [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\system [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\spool [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ShellExt [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Setup [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\security [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Resources [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\repair [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ras [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Provisioning [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\PeerNet [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\pchealth [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\oobe [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\npp [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\mui [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\mui [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\msapps [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\msagent [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Media [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\java [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\inetsrv [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\IME [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\ime [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\icsxml [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ias [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Help [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\export [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\etc [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\ehome [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Driver Cache [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\disdn [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\dhcp [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Debug [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Cursors [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Connection Wizard [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\config [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Config [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\AppPatch [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\addins [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\3com_dmi [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\3076 [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\2052 [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1054 [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1045 [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1042 [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1041 [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1037 [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1033 [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1031 [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1028 [2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1025 [2010-11-09 10:11:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Identities [2010-11-09 10:11:05 | 000,000,000 | -H-D | C] -- D:\Program Files\Uninstall Information [2010-11-09 10:11:04 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Żuczek\Moje dokumenty\Moje obrazy [2010-11-09 10:11:04 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Żuczek\Moje dokumenty\Moja muzyka [2010-11-09 10:10:56 | 000,000,000 | --SD | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Microsoft [2010-11-09 10:10:56 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Żuczek\SendTo [2010-11-09 10:10:56 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Żuczek\Recent [2010-11-09 10:10:56 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji [2010-11-09 10:10:56 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Żuczek\Ulubione [2010-11-09 10:10:56 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Żuczek\Moje dokumenty [2010-11-09 10:10:56 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Żuczek\Menu Start [2010-11-09 10:10:56 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Żuczek\Cookies [2010-11-09 10:10:56 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne [2010-11-09 10:10:56 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Żuczek\Szablony [2010-11-09 10:10:56 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Żuczek\PrintHood [2010-11-09 10:10:56 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Żuczek\NetHood [2010-11-09 10:10:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Pulpit [2010-11-09 10:10:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-11-09 10:09:28 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\SoftwareDistribution [2010-11-09 10:05:04 | 000,000,000 | ---D | C] -- D:\WINDOWS\SoftwareDistribution [2010-11-09 10:05:01 | 000,000,000 | --SD | C] -- D:\WINDOWS\System32\Microsoft [2010-11-09 10:05:01 | 000,000,000 | --SD | C] -- D:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2010-11-09 10:05:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-11-09 10:04:41 | 000,000,000 | --SD | C] -- D:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2010-11-09 10:04:41 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-11-09 10:03:20 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia330.dll [2010-11-09 10:03:20 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia001.dll [2010-11-09 10:02:38 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- D:\WINDOWS\System32\dllcache\cap7146.sys [2010-11-09 10:02:19 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\xircom [2010-11-09 10:02:19 | 000,000,000 | ---D | C] -- D:\Program Files\xerox [2010-11-09 10:02:19 | 000,000,000 | ---D | C] -- D:\Program Files\microsoft frontpage [2010-11-09 10:00:55 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\All Users\DRM [2010-11-09 10:00:47 | 000,000,000 | --SD | C] -- D:\WINDOWS\Downloaded Program Files [2010-11-09 10:00:47 | 000,000,000 | R--D | C] -- D:\WINDOWS\Offline Web Pages [2010-11-09 10:00:38 | 000,000,000 | -H-D | C] -- D:\Program Files\WindowsUpdate [2010-11-09 10:00:33 | 000,000,000 | ---D | C] -- D:\Program Files\Usługi online [2010-11-09 10:00:18 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\DirectX [2010-11-09 09:59:49 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Services [2010-11-09 09:59:46 | 000,000,000 | --SD | C] -- D:\WINDOWS\Tasks [2010-11-09 09:59:46 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\MSSoap [2010-11-09 09:59:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\srchasst [2010-11-09 09:59:41 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Macromed [2010-11-09 09:59:34 | 000,000,000 | ---D | C] -- D:\Program Files\Movie Maker [2010-11-09 09:59:27 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Restore [2010-11-09 09:59:23 | 000,000,000 | ---D | C] -- D:\Program Files\NetMeeting [2010-11-09 09:59:21 | 000,000,000 | ---D | C] -- D:\Program Files\Outlook Express [2010-11-09 09:59:15 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\System [2010-11-09 09:59:11 | 000,000,000 | ---D | C] -- D:\Program Files\Internet Explorer [2010-11-09 09:59:10 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty\Moje obrazy [2010-11-09 09:58:33 | 000,000,000 | ---D | C] -- D:\Program Files\ComPlus Applications [2010-11-09 09:58:24 | 000,000,000 | ---D | C] -- D:\WINDOWS\Registration [2010-11-09 09:58:14 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty\Moja muzyka [2010-11-09 09:58:14 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Media Player [2010-11-09 09:58:08 | 000,000,000 | ---D | C] -- D:\Program Files\Messenger [2010-11-09 09:58:04 | 000,000,000 | ---D | C] -- D:\Program Files\MSN Gaming Zone [2010-11-09 09:57:39 | 000,000,000 | ---D | C] -- D:\Program Files\Windows NT [2010-11-09 09:57:37 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\MsDtc [2010-11-09 09:57:35 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Com [2010-11-09 09:57:21 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty\Moje wideo [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-12-19 21:50:45 | 000,243,457 | ---- | M] () -- D:\WINDOWS\System32\NvApps.xml [2010-12-19 21:50:28 | 000,000,260 | ---- | M] () -- D:\WINDOWS\tasks\WGASetup.job [2010-12-19 21:49:50 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat [2010-12-19 20:40:33 | 000,000,658 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\USB Drum.lnk [2010-12-19 19:03:20 | 000,096,768 | ---- | M] () -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-12-19 05:14:56 | 000,098,256 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT [2010-12-19 03:19:42 | 000,001,393 | ---- | M] () -- D:\WINDOWS\imsins.BAK [2010-12-19 00:09:43 | 000,000,784 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-12-18 00:33:07 | 000,000,355 | ---- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts [2010-12-18 00:32:20 | 000,132,597 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\Flash_Disinfector.exe [2010-12-17 21:06:05 | 000,042,664 | ---- | M] () -- D:\WINDOWS\System32\drivers\fsbts.sys [2010-12-17 21:02:47 | 000,001,944 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\multiSAVER.lnk [2010-12-17 21:00:24 | 000,496,774 | ---- | M] () -- D:\WINDOWS\System32\perfh015.dat [2010-12-17 21:00:24 | 000,438,638 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat [2010-12-17 21:00:24 | 000,086,784 | ---- | M] () -- D:\WINDOWS\System32\perfc015.dat [2010-12-17 21:00:24 | 000,070,352 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat [2010-12-17 03:08:26 | 000,000,706 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Real Hide IP.lnk [2010-12-17 01:01:01 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl [2010-12-12 18:44:21 | 000,000,000 | ---- | M] () -- D:\WINDOWS\System32\94332.lic [2010-12-02 15:44:15 | 000,000,664 | ---- | M] () -- D:\WINDOWS\System32\d3d9caps.dat [2010-12-01 09:24:10 | 000,000,926 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Governor of Poker 2 Premium Edition.lnk [2010-11-29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-11-29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbam.sys [2010-11-28 02:17:51 | 000,000,584 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\Skrót do l2.lnk [2010-11-21 17:24:44 | 000,001,619 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\McAfee Security Scan Plus.lnk [2010-11-21 17:24:44 | 000,001,611 | ---- | M] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk [2010-11-19 15:13:39 | 000,001,729 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-11-18 12:38:39 | 000,000,707 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Download Manager.lnk [2010-11-15 13:52:38 | 000,000,650 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\Skrót do JDownloader.lnk [2010-11-10 20:41:43 | 000,000,205 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\Call of Duty Black Ops.url [2010-11-10 20:41:43 | 000,000,205 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\Call of Duty Black Ops - Multiplayer.url [2010-11-10 20:06:20 | 000,000,521 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Steam.lnk [2010-11-09 15:34:35 | 000,000,574 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\MuOnline.lnk [2010-11-09 15:12:10 | 000,316,640 | ---- | M] () -- D:\WINDOWS\WMSysPr9.prx [2010-11-09 12:47:33 | 000,000,825 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\MUAutoClicker.lnk [2010-11-09 12:35:15 | 000,000,626 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\ipla.lnk [2010-11-09 12:34:53 | 000,000,762 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk [2010-11-09 12:27:15 | 000,001,602 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-11-09 11:26:22 | 000,021,504 | ---- | M] () -- D:\WINDOWS\jestertb.dll [2010-11-09 11:13:50 | 000,240,592 | ---- | M] () -- D:\WINDOWS\System32\nvdrsdb0.bin [2010-11-09 11:13:50 | 000,000,001 | ---- | M] () -- D:\WINDOWS\System32\nvdrssel.bin [2010-11-09 11:13:48 | 000,240,592 | ---- | M] () -- D:\WINDOWS\System32\nvdrsdb1.bin [2010-11-09 11:13:48 | 000,000,000 | ---- | M] () -- D:\WINDOWS\System32\nvdrswr.lk [2010-11-09 11:11:13 | 000,001,834 | ---- | M] () -- D:\Documents and Settings\Żuczek\Menu Start\Programy\Autostart\GIGABYTE Gamer HUD Lite.lnk [2010-11-09 11:05:02 | 000,940,794 | ---- | M] () -- D:\WINDOWS\System32\LoopyMusic.wav [2010-11-09 11:05:02 | 000,146,650 | ---- | M] () -- D:\WINDOWS\System32\BuzzingBee.wav [2010-11-09 10:53:29 | 000,021,891 | ---- | M] () -- D:\WINDOWS\Ascd_tmp.ini [2010-11-09 10:53:19 | 000,001,769 | ---- | M] () -- D:\WINDOWS\Language_trs.ini [2010-11-09 10:46:44 | 000,000,000 | ---- | M] () -- D:\WINDOWS\nsreg.dat [2010-11-09 10:04:44 | 000,008,192 | ---- | M] () -- D:\WINDOWS\REGLOCS.OLD [2010-11-09 10:03:36 | 000,000,261 | ---- | M] () -- D:\WINDOWS\System32\$winnt$.inf [2010-11-09 10:01:55 | 000,002,596 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT [2010-11-09 10:01:52 | 000,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb [2010-11-09 10:01:52 | 000,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb [2010-11-09 10:01:41 | 000,004,293 | ---- | M] () -- D:\WINDOWS\ODBCINST.INI [2010-11-09 09:58:51 | 000,021,856 | ---- | M] () -- D:\WINDOWS\System32\emptyregdb.dat [2010-10-22 07:23:30 | 000,061,440 | ---- | M] (Khronos Group) -- D:\WINDOWS\System32\OpenCL.dll [2010-10-22 07:23:29 | 000,003,739 | ---- | M] () -- D:\WINDOWS\System32\nvinfo.pb [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-12-19 20:40:33 | 000,000,658 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\USB Drum.lnk [2010-12-19 03:21:19 | 000,000,260 | ---- | C] () -- D:\WINDOWS\tasks\WGASetup.job [2010-12-19 00:09:43 | 000,000,784 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-12-18 00:33:07 | 000,000,355 | ---- | C] () -- D:\WINDOWS\System32\drivers\etc\hosts [2010-12-18 00:32:19 | 000,132,597 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\Flash_Disinfector.exe [2010-12-17 21:02:47 | 000,001,944 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\multiSAVER.lnk [2010-12-17 21:00:38 | 000,042,664 | ---- | C] () -- D:\WINDOWS\System32\drivers\fsbts.sys [2010-12-17 03:08:26 | 000,000,706 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Real Hide IP.lnk [2010-12-15 22:06:35 | 000,005,174 | ---- | C] () -- D:\WINDOWS\System32\nppt9x.vxd [2010-12-12 18:44:21 | 000,000,000 | ---- | C] () -- D:\WINDOWS\System32\94332.lic [2010-12-12 14:29:31 | 000,206,038 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\Zdjęcia-0011.jpg [2010-12-02 15:19:31 | 000,000,664 | ---- | C] () -- D:\WINDOWS\System32\d3d9caps.dat [2010-12-01 09:24:10 | 000,000,926 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Governor of Poker 2 Premium Edition.lnk [2010-11-28 02:17:51 | 000,000,584 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\Skrót do l2.lnk [2010-11-18 16:29:20 | 000,001,729 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk [2010-11-18 16:26:40 | 000,001,619 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\McAfee Security Scan Plus.lnk [2010-11-18 16:26:40 | 000,001,611 | ---- | C] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk [2010-11-18 12:38:39 | 000,000,707 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Download Manager.lnk [2010-11-15 13:52:38 | 000,000,650 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\Skrót do JDownloader.lnk [2010-11-10 20:41:43 | 000,000,205 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\Call of Duty Black Ops.url [2010-11-10 20:41:43 | 000,000,205 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\Call of Duty Black Ops - Multiplayer.url [2010-11-10 20:06:20 | 000,000,521 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Steam.lnk [2010-11-09 15:34:35 | 000,000,574 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\MuOnline.lnk [2010-11-09 13:49:15 | 000,693,932 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmplayer.chm [2010-11-09 13:49:15 | 000,354,468 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud1.wav [2010-11-09 13:49:15 | 000,343,204 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud7.wav [2010-11-09 13:49:15 | 000,343,204 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud6.wav [2010-11-09 13:49:15 | 000,172,196 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud9.wav [2010-11-09 13:49:15 | 000,172,196 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud8.wav [2010-11-09 13:49:15 | 000,172,196 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud3.wav [2010-11-09 13:49:15 | 000,086,196 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud5.wav [2010-11-09 13:49:15 | 000,086,180 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud4.wav [2010-11-09 13:49:15 | 000,086,180 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud2.wav [2010-11-09 13:49:15 | 000,071,460 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmplayer.adm [2010-11-09 13:49:15 | 000,034,548 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmdm.inf [2010-11-09 13:49:15 | 000,027,965 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmplay.chm [2010-11-09 13:49:15 | 000,023,829 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tourbg.gif [2010-11-09 13:49:15 | 000,017,489 | ---- | C] () -- D:\WINDOWS\System32\dllcache\videobg.gif [2010-11-09 13:49:15 | 000,013,540 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmfsdk.inf [2010-11-09 13:49:15 | 000,008,677 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm7.gif [2010-11-09 13:49:15 | 000,007,892 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm9.gif [2010-11-09 13:49:15 | 000,007,636 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm2.gif [2010-11-09 13:49:15 | 000,007,369 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm4.gif [2010-11-09 13:49:15 | 000,006,241 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm3.gif [2010-11-09 13:49:15 | 000,006,060 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm6.gif [2010-11-09 13:49:15 | 000,005,789 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm1.gif [2010-11-09 13:49:15 | 000,005,290 | ---- | C] () -- D:\WINDOWS\System32\dllcache\vidsamp.gif [2010-11-09 13:49:15 | 000,004,193 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm8.gif [2010-11-09 13:49:15 | 000,003,187 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tour.js [2010-11-09 13:49:15 | 000,002,477 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm5.gif [2010-11-09 13:49:15 | 000,002,469 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tplay.gif [2010-11-09 13:49:15 | 000,002,450 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tpause.gif [2010-11-09 13:49:15 | 000,002,375 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tplayh.gif [2010-11-09 13:49:15 | 000,002,371 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tpauseh.gif [2010-11-09 13:49:15 | 000,001,771 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmptour.css [2010-11-09 13:49:15 | 000,001,714 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpocm.inf [2010-11-09 13:49:15 | 000,001,398 | ---- | C] () -- D:\WINDOWS\System32\dllcache\taon.gif [2010-11-09 13:49:15 | 000,001,380 | ---- | C] () -- D:\WINDOWS\System32\dllcache\taonh.gif [2010-11-09 13:49:15 | 000,001,380 | ---- | C] () -- D:\WINDOWS\System32\dllcache\taoff.gif [2010-11-09 13:49:15 | 000,001,367 | ---- | C] () -- D:\WINDOWS\System32\dllcache\taoffh.gif [2010-11-09 13:49:11 | 000,066,160 | ---- | C] () -- D:\WINDOWS\System32\dllcache\revert.wmz [2010-11-09 13:49:11 | 000,001,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\skins.inf [2010-11-09 13:49:11 | 000,001,148 | ---- | C] () -- D:\WINDOWS\System32\dllcache\snd.htm [2010-11-09 13:49:10 | 000,089,253 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plyr_err.chm [2010-11-09 13:49:10 | 000,022,060 | ---- | C] () -- D:\WINDOWS\System32\dllcache\npds.zip [2010-11-09 13:49:10 | 000,000,403 | ---- | C] () -- D:\WINDOWS\System32\dllcache\npdrmv2.zip [2010-11-09 13:49:09 | 000,067,866 | ---- | C] () -- D:\WINDOWS\System32\drivers\netwlan5.img [2010-11-09 13:49:09 | 000,036,644 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplayer2.inf [2010-11-09 13:49:09 | 000,002,778 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplogoh.gif [2010-11-09 13:49:09 | 000,002,545 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplogo.gif [2010-11-09 13:49:06 | 000,005,971 | ---- | C] () -- D:\WINDOWS\System32\dllcache\events.js [2010-11-09 13:49:03 | 000,184,137 | ---- | C] () -- D:\WINDOWS\System32\dllcache\compact.wmz [2010-11-09 13:49:03 | 000,129,045 | ---- | C] () -- D:\WINDOWS\System32\drivers\cxthsfs2.cty [2010-11-09 13:49:03 | 000,009,585 | ---- | C] () -- D:\WINDOWS\System32\dllcache\controls.css [2010-11-09 13:49:03 | 000,000,999 | ---- | C] () -- D:\WINDOWS\System32\dllcache\bktrh.gif [2010-11-09 13:49:03 | 000,000,773 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cnth.gif [2010-11-09 13:49:03 | 000,000,773 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cnt.gif [2010-11-09 13:49:03 | 000,000,772 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cntd.gif [2010-11-09 13:49:03 | 000,000,760 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cloapph.gif [2010-11-09 13:49:03 | 000,000,717 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cloapp.gif [2010-11-09 13:48:11 | 000,064,352 | ---- | C] () -- D:\WINDOWS\System32\drivers\ativmc20.cod [2010-11-09 13:05:03 | 000,096,768 | ---- | C] () -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-11-09 12:47:33 | 000,000,825 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\MUAutoClicker.lnk [2010-11-09 12:35:15 | 000,000,626 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\ipla.lnk [2010-11-09 12:34:53 | 000,000,762 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk [2010-11-09 12:27:15 | 000,001,602 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk [2010-11-09 11:26:22 | 000,021,504 | ---- | C] () -- D:\WINDOWS\jestertb.dll [2010-11-09 11:21:18 | 000,165,376 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll [2010-11-09 11:21:18 | 000,000,038 | ---- | C] () -- D:\WINDOWS\avisplitter.ini [2010-11-09 11:21:17 | 000,000,414 | ---- | C] () -- D:\WINDOWS\System32\lame_acm.xml [2010-11-09 11:21:16 | 000,790,528 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll [2010-11-09 11:21:16 | 000,134,144 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll [2010-11-09 11:21:16 | 000,108,032 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll [2010-11-09 11:13:50 | 000,240,592 | ---- | C] () -- D:\WINDOWS\System32\nvdrsdb0.bin [2010-11-09 11:13:48 | 000,240,592 | ---- | C] () -- D:\WINDOWS\System32\nvdrsdb1.bin [2010-11-09 11:13:48 | 000,000,001 | ---- | C] () -- D:\WINDOWS\System32\nvdrssel.bin [2010-11-09 11:13:48 | 000,000,000 | ---- | C] () -- D:\WINDOWS\System32\nvdrswr.lk [2010-11-09 11:13:11 | 000,003,739 | ---- | C] () -- D:\WINDOWS\System32\nvinfo.pb [2010-11-09 11:11:13 | 000,001,834 | ---- | C] () -- D:\Documents and Settings\Żuczek\Menu Start\Programy\Autostart\GIGABYTE Gamer HUD Lite.lnk [2010-11-09 11:05:02 | 000,940,794 | ---- | C] () -- D:\WINDOWS\System32\LoopyMusic.wav [2010-11-09 11:05:02 | 000,146,650 | ---- | C] () -- D:\WINDOWS\System32\BuzzingBee.wav [2010-11-09 11:01:16 | 000,019,495 | ---- | C] () -- D:\WINDOWS\System32\nvdisp.nvu [2010-11-09 10:53:22 | 000,005,810 | R--- | C] () -- D:\WINDOWS\System32\drivers\ASACPI.sys [2010-11-09 10:53:19 | 000,001,769 | ---- | C] () -- D:\WINDOWS\Language_trs.ini [2010-11-09 10:53:08 | 000,021,891 | ---- | C] () -- D:\WINDOWS\Ascd_tmp.ini [2010-11-09 10:53:08 | 000,010,296 | ---- | C] () -- D:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2010-11-09 10:46:44 | 000,000,000 | ---- | C] () -- D:\WINDOWS\nsreg.dat [2010-11-09 10:20:39 | 000,001,393 | ---- | C] () -- D:\WINDOWS\imsins.BAK [2010-11-09 10:20:35 | 000,004,293 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI [2010-11-09 10:20:33 | 001,685,606 | ---- | C] () -- D:\WINDOWS\System32\dllcache\sam.spd [2010-11-09 10:20:33 | 000,643,717 | ---- | C] () -- D:\WINDOWS\System32\dllcache\ltts1033.lxa [2010-11-09 10:20:33 | 000,605,050 | ---- | C] () -- D:\WINDOWS\System32\dllcache\r1033tts.lxa [2010-11-09 10:20:33 | 000,000,888 | ---- | C] () -- D:\WINDOWS\System32\dllcache\sam.sdf [2010-11-09 10:20:17 | 000,001,734 | ---- | C] () -- D:\WINDOWS\System32\AUTOEXEC.NT [2010-11-09 10:18:25 | 000,808,524 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5IIS.CAT [2010-11-09 10:18:25 | 000,399,670 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2010-11-09 10:18:25 | 000,037,509 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MW770.CAT [2010-11-09 10:18:25 | 000,013,497 | ---- | C] () -- D:\WINDOWS\System32\dllcache\HPCRDP.CAT [2010-11-09 10:18:25 | 000,008,599 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IASNT4.CAT [2010-11-09 10:18:25 | 000,007,382 | ---- | C] () -- D:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2010-11-09 10:18:25 | 000,007,334 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmerrenu.cat [2010-11-09 10:18:24 | 001,014,483 | ---- | C] () -- D:\WINDOWS\System32\dllcache\SP2.CAT [2010-11-09 10:17:48 | 000,098,256 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT [2010-11-09 10:16:39 | 000,000,261 | ---- | C] () -- D:\WINDOWS\System32\$winnt$.inf [2010-11-09 10:04:44 | 000,008,192 | ---- | C] () -- D:\WINDOWS\REGLOCS.OLD [2010-11-09 10:03:36 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat [2010-11-09 10:03:17 | 000,175,104 | ---- | C] () -- D:\WINDOWS\System32\dllcache\pintlcsa.dll [2010-11-09 10:03:08 | 001,158,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\korwbrkr.lex [2010-11-09 10:03:04 | 000,196,665 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imjpinst.exe [2010-11-09 10:03:04 | 000,059,392 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imscinst.exe [2010-11-09 10:03:02 | 000,134,339 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imekr.lex [2010-11-09 10:02:52 | 013,463,552 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hwxjpn.dll [2010-11-09 10:02:48 | 000,108,827 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hanja.lex [2010-11-09 10:02:40 | 000,173,568 | ---- | C] () -- D:\WINDOWS\System32\dllcache\chtskf.dll [2010-11-09 10:01:55 | 000,002,596 | ---- | C] () -- D:\WINDOWS\System32\CONFIG.NT [2010-11-09 10:01:52 | 000,023,392 | ---- | C] () -- D:\WINDOWS\System32\nscompat.tlb [2010-11-09 10:01:52 | 000,016,832 | ---- | C] () -- D:\WINDOWS\System32\amcompat.tlb [2010-11-09 10:01:51 | 000,316,640 | ---- | C] () -- D:\WINDOWS\WMSysPr9.prx [2010-11-09 10:00:24 | 004,399,505 | ---- | C] () -- D:\WINDOWS\System32\dllcache\nls302en.lex [2010-11-09 09:59:57 | 000,048,680 | -HS- | C] () -- D:\WINDOWS\winnt256.bmp [2010-11-09 09:59:57 | 000,048,680 | -HS- | C] () -- D:\WINDOWS\winnt.bmp [2010-11-09 09:59:51 | 000,000,984 | ---- | C] () -- D:\WINDOWS\System32\dllcache\srframe.mmf [2010-11-09 09:58:51 | 000,021,856 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat [2010-11-09 09:57:52 | 000,065,832 | ---- | C] () -- D:\WINDOWS\Stiuk z Santa Fe.bmp [2010-11-09 09:57:52 | 000,026,680 | ---- | C] () -- D:\WINDOWS\Wachlarze.bmp [2010-11-09 09:57:52 | 000,017,362 | ---- | C] () -- D:\WINDOWS\Rododendron.bmp [2010-11-09 09:57:52 | 000,009,522 | ---- | C] () -- D:\WINDOWS\Indiański pled.bmp [2010-11-09 09:57:51 | 000,065,978 | ---- | C] () -- D:\WINDOWS\Bąbelki.bmp [2010-11-09 09:57:51 | 000,065,954 | ---- | C] () -- D:\WINDOWS\Pod mikroskopem.bmp [2010-11-09 09:57:51 | 000,026,582 | ---- | C] () -- D:\WINDOWS\Nefryt.bmp [2010-11-09 09:57:51 | 000,017,336 | ---- | C] () -- D:\WINDOWS\Na rybkach.bmp [2010-11-09 09:57:51 | 000,017,062 | ---- | C] () -- D:\WINDOWS\Kawa.bmp [2010-11-09 09:57:51 | 000,016,730 | ---- | C] () -- D:\WINDOWS\Puch.bmp [2010-11-09 09:57:51 | 000,001,272 | ---- | C] () -- D:\WINDOWS\Niebieska koronka 16.bmp [2010-11-09 09:57:48 | 000,003,286 | ---- | C] () -- D:\WINDOWS\System32\tslabels.h [2010-11-09 09:57:48 | 000,001,225 | ---- | C] () -- D:\WINDOWS\System32\usrlogon.cmd [2010-11-09 09:57:47 | 000,000,768 | ---- | C] () -- D:\WINDOWS\System32\msdtcprf.h [2010-11-09 09:57:41 | 000,063,488 | ---- | C] () -- D:\WINDOWS\System32\wmimgmt.msc [color=#E56717]========== LOP Check ==========[/color] [2010-12-17 20:59:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\f-secure [2010-12-17 20:58:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\fssg [2010-11-09 12:34:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-11-22 17:40:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ipla [2010-11-09 11:27:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ROCCAT [2010-12-17 21:34:02 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\F-Secure [2010-11-09 12:34:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Gadu-Gadu 10 [2010-12-16 17:39:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\ipla [2010-11-09 11:28:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\ROCCAT [2010-12-01 09:24:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\YoudaGames [2010-12-19 21:50:28 | 000,000,260 | ---- | M] () -- D:\WINDOWS\Tasks\WGASetup.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-12-19 21:49:47 | 2145,386,496 | -HS- | M] () -- D:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [2010-11-09 14:55:01 | 023,908,281 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2010-11-09 14:55:01 | 023,908,281 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys [2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- D:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- D:\WINDOWS\system32\drivers\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2010-11-09 14:55:01 | 023,908,281 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2010-11-09 14:55:01 | 023,908,281 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- D:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- D:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\$NtServicePackUninstall$\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-17 20:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- D:\WINDOWS\system32\dllcache\beep.sys [2001-08-17 20:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- D:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2010-11-09 14:55:01 | 023,908,281 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2010-11-09 14:55:01 | 023,908,281 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- D:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- D:\WINDOWS\system32\drivers\cdrom.sys [2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- D:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- D:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- D:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- D:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- D:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- D:\WINDOWS\system32\drivers\ndis.sys [2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- D:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- D:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- D:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- D:\WINDOWS\system32\winlogon.exe < End of report >[/log] [b]log RSIT[/b] [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Żuczek at 2010-12-19 22:03:23 Microsoft Windows XP Professional Dodatek Service Pack 3 System drive D: has 88 GB (88%) free of 100 GB Total RAM: 2047 MB (68% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:03:27, on 2010-12-19 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\nvsvc32.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\spoolsv.exe D:\WINDOWS\Explorer.EXE D:\Program Files\mmp\multisaver\Anti-Virus\fsgk32st.exe D:\Program Files\mmp\multisaver\Common\FSMA32.EXE D:\Program Files\mmp\multisaver\Anti-Virus\FSGK32.EXE D:\Program Files\Java\jre6\bin\jqs.exe D:\Program Files\mmp\multisaver\Common\FSHDLL32.EXE D:\Program Files\mmp\multisaver\Anti-Virus\fssm32.exe D:\Program Files\mmp\multisaver\FWES\Program\fsdfwd.exe D:\WINDOWS\system32\wbem\wmiapsrv.exe D:\Program Files\mmp\multisaver\Anti-Virus\fsav32.exe D:\WINDOWS\RTHDCPL.EXE D:\Program Files\Logitech\Gaming Software\LWEMon.exe D:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE D:\Program Files\Common Files\Java\Java Update\jusched.exe D:\WINDOWS\system32\RUNDLL32.EXE D:\Program Files\mmp\multisaver\Common\FSM32.EXE D:\Program Files\ROCCAT\Kone Mouse\osd.exe D:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe D:\Program Files\Mozilla Firefox\firefox.exe D:\Program Files\Mozilla Firefox\plugin-container.exe D:\Documents and Settings\Żuczek\Moje dokumenty\Pobieranie\RSIT.exe D:\Program Files\trend micro\Żuczek.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=; R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Start WingMan Profiler] D:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui O4 - HKLM\..\Run: [Kone] "D:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE" O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [nwiz] D:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [F-Secure Manager] "D:\Program Files\mmp\multisaver\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "D:\Program Files\mmp\multisaver\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "D:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MSI" TRANSFORMS="D:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MST" WISE_SETUP_EXE_PATH="i:\driver\2k_xp\190.38\PhysX_9.09.0428_SystemSoftware.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: GIGABYTE Gamer HUD Lite.lnk = D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = ? O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - D:\Program Files\mmp\multisaver\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - D:\Program Files\mmp\multisaver\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - D:\Program Files\mmp\multisaver\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - D:\Program Files\mmp\multisaver\ORSP Client\fsorsp.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - D:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files\Common Files\Steam\SteamService.exe -- End of file - 6444 bytes ======Scheduled tasks folder====== D:\WINDOWS\tasks\WGASetup.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-09 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-09 79648] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2009-05-21 17881600] "Start WingMan Profiler"=D:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 153672] "Kone"=D:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE [2008-10-06 151552] "SunJavaUpdateSched"=D:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] "Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760] "Adobe ARM"=D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288] "nwiz"=D:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-07-09 1657376] "NvMediaCenter"=D:\WINDOWS\system32\NvMcTray.dll [2009-07-14 86016] "NvCplDaemon"=D:\WINDOWS\system32\NvCpl.dll [2009-07-14 13877248] "F-Secure Manager"=D:\Program Files\mmp\multisaver\Common\FSM32.EXE [2009-08-05 199264] "F-Secure TNB"=D:\Program Files\mmp\multisaver\FSGUI\TNBUtil.exe [2009-08-05 2349664] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "WiseStubReboot"=MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I D:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MSI TRANSFORMS=D:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MST WISE_SETUP_EXE_PATH=i:\driver\2k_xp\190.38\PhysX_9.09.0428_SystemSoftware.exe [] D:\Documents and Settings\All Users\Menu Start\Programy\Autostart McAfee Security Scan Plus.lnk - D:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe D:\Documents and Settings\Żuczek\Menu Start\Programy\Autostart GIGABYTE Gamer HUD Lite.lnk - D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - D:\WINDOWS\system32\upnpui.dll [2008-04-14 239616] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=36 "NoDriveAutoRun"=0xFFFFFFFF [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "D:\Program Files\Gadu-Gadu 10\gg.exe"="D:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10" "D:\Documents and Settings\Żuczek\Ustawienia lokalne\Apps\2.0\NWRZZE6A.YKX\ALAWT2N6.5XZ\curs..tion_eee711038731a406_0004.0000_1829574f2226d088\CurseClient.exe"="D:\Documents and Settings\Żuczek\Ustawienia lokalne\Apps\2.0\NWRZZE6A.YKX\ALAWT2N6.5XZ\curs..tion_eee711038731a406_0004.0000_1829574f2226d088\CurseClient.exe:*:Enabled:Curse Client 4.0" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "E:\Gry\Steam\Steam.exe"="E:\Gry\Steam\Steam.exe:*:Enabled:Steam" "D:\Program Files\Java\jre6\bin\javaw.exe"="D:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary" "E:\Gry\Steam\SteamApps\common\call of duty black ops rcon\BlackOpsRcon.exe"="E:\Gry\Steam\SteamApps\common\call of duty black ops rcon\BlackOpsRcon.exe:*:Enabled:Call of Duty Black Ops - Remote Console" "E:\Gry\Steam\SteamApps\common\call of duty black ops\BlackOps.exe"="E:\Gry\Steam\SteamApps\common\call of duty black ops\BlackOps.exe:*:Enabled:Call of Duty: Black Ops" "E:\Gry\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe"="E:\Gry\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe:*:Enabled:Call of Duty: Black Ops - Multiplayer" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=" ======List of files/folders created in the last 1 months====== 2010-12-19 21:48:21 ----D---- D:\_OTL 2010-12-19 20:40:32 ----D---- D:\Program Files\USB Drum 2010-12-19 03:21:19 ----D---- D:\WINDOWS\system32\KB905474 2010-12-19 03:19:51 ----HDC---- D:\WINDOWS\$NtUninstallKB2296199$ 2010-12-19 03:19:37 ----HDC---- D:\WINDOWS\$NtUninstallKB2443105$ 2010-12-19 03:17:23 ----HDC---- D:\WINDOWS\$NtUninstallKB2440591$ 2010-12-19 03:17:10 ----HDC---- D:\WINDOWS\$NtUninstallKB2443685$ 2010-12-19 03:16:57 ----HDC---- D:\WINDOWS\$NtUninstallKB2436673$ 2010-12-19 03:16:46 ----HDC---- D:\WINDOWS\$NtUninstallKB2467659$ 2010-12-19 03:01:47 ----HDC---- D:\WINDOWS\$NtUninstallKB2423089$ 2010-12-19 00:09:49 ----D---- D:\Documents and Settings\Żuczek\Dane aplikacji\Malwarebytes 2010-12-19 00:09:43 ----A---- D:\WINDOWS\system32\drivers\mbamswissarmy.sys 2010-12-19 00:09:42 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes 2010-12-19 00:09:39 ----A---- D:\WINDOWS\system32\drivers\mbam.sys 2010-12-19 00:09:38 ----D---- D:\Program Files\Malwarebytes' Anti-Malware 2010-12-18 01:13:25 ----D---- D:\rsit 2010-12-18 01:13:25 ----D---- D:\Program Files\trend micro 2010-12-17 21:34:02 ----D---- D:\Documents and Settings\Żuczek\Dane aplikacji\F-Secure 2010-12-17 21:00:38 ----A---- D:\WINDOWS\system32\drivers\fsbts.sys 2010-12-17 21:00:21 ----A---- D:\WINDOWS\system32\drivers\fsdfw.sys 2010-12-17 20:59:20 ----D---- D:\Program Files\mmp 2010-12-17 20:58:57 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\fssg 2010-12-17 20:56:41 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\f-secure 2010-12-17 03:08:29 ----D---- D:\Documents and Settings\Żuczek\Dane aplikacji\RealHideIP 2010-12-17 03:08:29 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\RealHideIP 2010-12-17 03:08:04 ----D---- D:\Program Files\RealHideIP 2010-12-15 22:06:35 ----A---- D:\WINDOWS\system32\npptNT2.sys 2010-12-02 15:19:14 ----D---- D:\WINDOWS\Minidump 2010-12-01 09:24:23 ----D---- D:\Documents and Settings\Żuczek\Dane aplikacji\YoudaGames 2010-12-01 09:23:56 ----D---- D:\Program Files\Governor of Poker 2 Premium Edition 2010-11-29 20:31:30 ----D---- D:\WINDOWS\Sun 2010-11-22 17:40:50 ----D---- D:\Program Files\PlayReady ======List of files/folders modified in the last 1 months====== 2010-12-19 21:51:00 ----D---- D:\WINDOWS\Prefetch 2010-12-19 21:50:42 ----D---- D:\WINDOWS\Temp 2010-12-19 21:50:12 ----D---- D:\WINDOWS\system32\CatRoot2 2010-12-19 21:48:45 ----A---- D:\WINDOWS\SchedLgU.Txt 2010-12-19 21:48:34 ----D---- D:\WINDOWS\system32 2010-12-19 21:48:34 ----D---- D:\WINDOWS 2010-12-19 20:41:28 ----HD---- D:\WINDOWS\inf 2010-12-19 20:40:32 ----RD---- D:\Program Files 2010-12-19 05:26:12 ----D---- D:\WINDOWS\system32\drivers 2010-12-19 05:14:35 ----HDC---- D:\WINDOWS\$NtUninstallKB981793$ 2010-12-19 03:21:19 ----SD---- D:\WINDOWS\Tasks 2010-12-19 03:19:53 ----RSHDC---- D:\WINDOWS\system32\dllcache 2010-12-19 03:19:42 ----A---- D:\WINDOWS\imsins.BAK 2010-12-19 03:19:17 ----D---- D:\Program Files\Internet Explorer 2010-12-19 03:18:38 ----D---- D:\WINDOWS\ie8updates 2010-12-19 03:17:34 ----HD---- D:\WINDOWS\$hf_mig$ 2010-12-19 03:02:52 ----A---- D:\WINDOWS\system32\MRT.exe 2010-12-19 03:01:54 ----D---- D:\Program Files\Outlook Express 2010-12-18 14:14:58 ----D---- D:\WINDOWS\system32\drivers\etc 2010-12-17 21:00:24 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI 2010-12-17 20:59:07 ----SHD---- D:\WINDOWS\Installer 2010-12-17 01:02:17 ----D---- D:\WINDOWS\system32\inetsrv 2010-12-16 17:39:24 ----D---- D:\Documents and Settings\Żuczek\Dane aplikacji\ipla 2010-12-15 21:58:15 ----HD---- D:\Program Files\InstallShield Installation Information 2010-12-14 21:10:05 ----D---- D:\Documents and Settings\Żuczek\Dane aplikacji\IGN_DLM 2010-12-11 02:50:58 ----D---- D:\Program Files\Mozilla Firefox 2010-12-02 15:46:25 ----D---- D:\WINDOWS\Help 2010-12-02 15:44:27 ----D---- D:\WINDOWS\system32\CatRoot 2010-12-02 15:42:09 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation 2010-12-02 15:36:39 ----D---- D:\Program Files\NVIDIA Corporation 2010-12-02 15:31:52 ----SD---- D:\Documents and Settings\Żuczek\Dane aplikacji\Microsoft 2010-11-28 08:13:30 ----D---- D:\WINDOWS\system32\Restore 2010-11-22 17:40:52 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\ipla 2010-11-22 17:40:49 ----SD---- D:\Documents and Settings\All Users\Dane aplikacji\Microsoft 2010-11-21 17:24:43 ----D---- D:\Program Files\McAfee Security Scan 2010-11-20 23:25:49 ----D---- D:\Program Files\Common Files\Steam ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 fsbts;fsbts; D:\WINDOWS\system32\Drivers\fsbts.sys [2010-12-17 42664] R0 FSFW;F-Secure Firewall Driver; D:\WINDOWS\System32\drivers\fsdfw.sys [2009-08-05 80000] R1 F-Secure HIPS;F-Secure HIPS Driver; \??\D:\Program Files\mmp\multisaver\HIPS\drivers\fshs.sys [] R1 intelppm;Sterownik procesora Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 kbdhid;Sterownik klawiatury HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\D:\Program Files\mmp\multisaver\Anti-Virus\minifilter\fsgk.sys [] R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Sterownik Microsoft klasy HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-05-22 5082624] R3 KoneFltr;ROCCAT Kone; D:\WINDOWS\system32\drivers\Kone.sys [2008-09-22 12672] R3 mouhid;Sterownik myszy HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160] R3 MTsensor;ATK0110 ACPI UTILITY; D:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810] R3 nv;nv; D:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-07-14 7741664] R3 rtl8139;Sterownik NT karty Realtek RTL8139(A/B/C)-based PCI Fast Ethernet; D:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992] R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 USBSTOR;Sterownik magazynu masowego USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; D:\WINDOWS\system32\drivers\WmBEnum.sys [2010-04-27 22856] R3 WmFilter;Logitech Gaming HID Filter Driver; D:\WINDOWS\system32\drivers\WmFilter.sys [2010-04-27 37704] R3 WmVirHid;Logitech Virtual Hid Device Driver; D:\WINDOWS\system32\drivers\WmVirHid.sys [2010-04-27 15048] R3 WmXlCore;Logitech Translation Layer Driver; D:\WINDOWS\system32\drivers\WmXlCore.sys [2010-04-27 66632] S3 Ambfilt;Ambfilt; D:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736] S3 Monfilt;Monfilt; D:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056] S4 F-Secure Filter;F-Secure File System Filter; \??\D:\Program Files\mmp\multisaver\Anti-Virus\Win2K\FSfilter.sys [] S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\D:\Program Files\mmp\multisaver\Anti-Virus\Win2K\FSrec.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 F-Secure Gatekeeper Handler Starter;FSGKHS; D:\Program Files\mmp\multisaver\Anti-Virus\fsgk32st.exe [2009-08-05 215648] R2 FSMA;F-Secure Management Agent; D:\Program Files\mmp\multisaver\Common\FSMA32.EXE [2009-08-05 186976] R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2010-11-09 153376] R2 nvsvc;NVIDIA Display Driver Service; D:\WINDOWS\system32\nvsvc32.exe [2009-07-14 168004] R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; D:\Program Files\mmp\multisaver\FWES\Program\fsdfwd.exe [2009-08-05 522848] R3 FSORSPClient;F-Secure ORSP Client; D:\Program Files\mmp\multisaver\ORSP Client\fsorsp.exe [2010-12-17 64016] S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-30 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 McComponentHostService;McAfee Security Scan Component Host Service; D:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] S3 Steam Client Service;Steam Client Service; D:\Program Files\Common Files\Steam\SteamService.exe [2010-11-17 403240] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------[/log]
Tomek01 komentarz 19 grudnia 2010 komentarz 19 grudnia 2010 teraz jest ok. W OTL użyj funkcji CleanUp. Dla pewności jeszcze raz skan Mbam.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.