x-kom hosting

Infekcja i00dvoym.exe

hot123
utworzono
utworzono (edytowane)

Witam, mam podobny problem z i00dvoym. Zalągł się już na każdą partycje obu dysków :/ Przydało by się też usunąć inny badziew z którym antyvirus sobie nie radzi. Czy ten scrypt jest uniwersalny dla każdego? Jeśli nie to proszę o pomoc.

[b]OTL Log[/b]
[log]OTL logfile created on: 2010-12-18 00:57:01 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = D:\Documents and Settings\Żuczek\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 71,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 29,29 Gb Total Space | 4,17 Gb Free Space | 14,22% Space Free | Partition Type: NTFS
Drive D: | 97,25 Gb Total Space | 86,59 Gb Free Space | 89,03% Space Free | Partition Type: NTFS
Drive E: | 400,01 Gb Total Space | 391,63 Gb Free Space | 97,91% Space Free | Partition Type: NTFS
Drive F: | 119,75 Gb Total Space | 0,96 Gb Free Space | 0,80% Space Free | Partition Type: NTFS
Drive G: | 500,00 Gb Total Space | 499,64 Gb Free Space | 99,93% Space Free | Partition Type: NTFS
Drive H: | 400,00 Gb Total Space | 17,37 Gb Free Space | 4,34% Space Free | Partition Type: NTFS
Drive I: | 571,45 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive J: | 7,45 Gb Total Space | 7,45 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

Computer Name: ZCK | User Name: Żuczek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color="#e56717"]========== Processes (All) ==========[/color]

PRC - [2010-12-18 00:55:05 | 000,575,488 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Żuczek\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2010-12-17 21:04:04 | 000,783,016 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\Anti-Virus\fssm32.exe
PRC - [2010-12-17 21:04:04 | 000,492,200 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\Anti-Virus\fsgk32.exe
PRC - [2010-12-11 02:50:46 | 000,016,856 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-12-11 02:50:45 | 000,912,344 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-12-02 12:09:34 | 000,032,849 | ---- | M] (MyWebSearch.com) -- D:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
PRC - [2010-11-09 17:39:09 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\spoolsv.exe
PRC - [2010-06-14 16:10:32 | 000,153,672 | ---- | M] (Logitech Inc.) -- D:\Program Files\Logitech\Gaming Software\LWEMon.exe
PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-01-15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- D:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wuauclt.exe
PRC - [2009-08-05 16:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\Common\FSMA32.EXE
PRC - [2009-08-05 16:58:50 | 000,076,384 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\Common\FSLAUNCH.EXE
PRC - [2009-08-05 16:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\Anti-Virus\fsgk32st.exe
PRC - [2009-07-14 13:34:58 | 000,168,004 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\nvsvc32.exe
PRC - [2009-06-30 18:11:10 | 001,678,848 | ---- | M] () -- D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
PRC - [2009-05-21 07:01:02 | 017,881,600 | ---- | M] (Realtek Semiconductor Corp.) -- D:\WINDOWS\RTHDCPL.EXE
PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\services.exe
PRC - [2008-10-06 11:51:46 | 000,151,552 | ---- | M] (ROCCAT) -- D:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE
PRC - [2008-10-06 11:40:32 | 000,458,752 | ---- | M] (ROCCAT) -- D:\Program Files\ROCCAT\Kone Mouse\OSD.exe
PRC - [2008-04-14 18:21:49 | 000,126,464 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 18:21:44 | 000,139,776 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\taskmgr.exe
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 18:21:42 | 000,050,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 18:21:38 | 000,033,280 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 18:21:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2008-04-14 18:21:10 | 000,006,144 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 18:21:02 | 000,044,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\alg.exe


[color="#e56717"]========== Modules (All) ==========[/color]

MOD - [2010-12-18 00:55:05 | 000,575,488 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Żuczek\Moje dokumenty\Pobieranie\OTL.exe
MOD - [2010-12-02 12:09:34 | 000,045,134 | ---- | M] (MyWebSearch.com) -- D:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010-08-16 09:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rpcrt4.dll
MOD - [2010-07-27 07:30:33 | 008,491,008 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shell32.dll
MOD - [2010-07-16 13:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ole32.dll
MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\secur32.dll
MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 11:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 18:21:56 | 000,146,432 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 18:20:57 | 000,172,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 18:20:57 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\version.dll
MOD - [2008-04-14 18:20:56 | 000,580,096 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 18:20:56 | 000,219,648 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 18:20:56 | 000,067,584 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 18:20:45 | 000,064,000 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 18:20:44 | 000,551,936 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 18:20:44 | 000,084,992 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 18:20:44 | 000,023,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 18:20:41 | 000,119,808 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 18:20:39 | 000,343,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 18:20:35 | 000,586,240 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mlang.dll
MOD - [2008-04-14 18:20:32 | 000,110,080 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 18:20:31 | 000,185,344 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 18:20:14 | 000,822,272 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 18:20:13 | 000,280,064 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 18:20:11 | 000,498,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 18:16:32 | 000,110,592 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 18:12:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msctfime.ime


[color="#e56717"]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-12-17 21:17:27 | 000,064,016 | ---- | M] (F-Secure Corporation) [On_Demand | Stopped] -- D:\Program Files\mmp\multisaver\ORSP Client\fsorsp.exe -- (FSORSPClient)
SRV - [2010-12-02 12:09:34 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Stopped] -- D:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService)
SRV - [2010-11-17 14:22:27 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- D:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010-01-15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- D:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009-08-05 16:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) [Auto | Running] -- D:\Program Files\mmp\multisaver\Common\FSMA32.EXE -- (FSMA)
SRV - [2009-08-05 16:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) [On_Demand | Stopped] -- D:\Program Files\mmp\multisaver\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2009-08-05 16:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- D:\Program Files\mmp\multisaver\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)


[color="#e56717"]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-12-17 21:06:05 | 000,042,664 | ---- | M] () [Kernel | Boot | Running] -- D:\WINDOWS\system32\Drivers\fsbts.sys -- (fsbts)
DRV - [2010-12-17 21:04:59 | 000,130,728 | ---- | M] () [Kernel | On_Demand | Running] -- D:\Program Files\mmp\multisaver\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2010-04-27 16:57:28 | 000,066,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2010-04-27 16:57:28 | 000,015,048 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2010-04-27 16:57:22 | 000,022,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2010-04-27 14:01:26 | 000,037,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2009-08-05 16:58:30 | 000,068,064 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- D:\Program Files\mmp\multisaver\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2009-08-05 16:57:20 | 000,080,000 | ---- | M] (F-Secure Corporation) [Kernel | Boot | Running] -- D:\WINDOWS\System32\drivers\fsdfw.sys -- (FSFW)
DRV - [2009-08-05 16:56:14 | 000,039,776 | ---- | M] () [Kernel | Disabled | Stopped] -- D:\Program Files\mmp\multisaver\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter)
DRV - [2009-08-05 16:56:14 | 000,025,184 | ---- | M] () [Kernel | Disabled | Stopped] -- D:\Program Files\mmp\multisaver\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer)
DRV - [2009-07-14 19:54:00 | 007,741,664 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009-05-22 16:37:50 | 005,082,624 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-09-22 09:09:12 | 000,012,672 | ---- | M] (ROCCAT Ltd) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\Kone.sys -- (KoneFltr)
DRV - [2008-08-05 13:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008-04-13 17:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006-01-04 08:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2004-08-13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)


[color="#e56717"]========== Standard Registry (SafeList) ==========[/color]


[color="#e56717"]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2052111302-515967899-839522115-1003\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - D:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKU\S-1-5-21-2052111302-515967899-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2052111302-515967899-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=;

[color="#e56717"]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.5
FF - prefs.js..extensions.enabledItems: m3ffxtbr@mywebsearch.com:1.1
FF - prefs.js..extensions.enabledItems: support@real-hide-ip.com:1.0

FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: D:\Program Files\MyWebSearch\bar\1.bin [2010-12-18 00:38:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010-12-11 02:50:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010-12-11 02:50:51 | 000,000,000 | ---D | M]

[2010-11-09 10:46:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla\Extensions
[2010-12-17 20:35:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla\Firefox\Profiles\dolhcyuq.default\extensions
[2010-11-19 15:14:25 | 000,000,000 | ---D | M] (FlashGot) -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla\Firefox\Profiles\dolhcyuq.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010-11-16 19:06:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla\Firefox\Profiles\dolhcyuq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-11-09 15:19:05 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla\Firefox\Profiles\dolhcyuq.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010-12-17 20:35:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla\Firefox\Profiles\dolhcyuq.default\extensions\support@real-hide-ip.com
[2010-12-17 13:32:34 | 000,000,000 | ---D | M] -- D:\Program Files\Mozilla Firefox\extensions
[2010-11-09 17:39:25 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010-11-09 17:39:09 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-10-27 06:37:26 | 000,002,767 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-10-27 06:37:26 | 000,001,406 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-10-27 06:37:26 | 000,000,917 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-10-27 06:37:26 | 000,000,858 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-10-27 06:37:26 | 000,001,183 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-10-27 06:37:26 | 000,001,683 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-12-18 00:33:07 | 000,000,355 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - D:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - D:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - D:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O4 - HKLM..\Run: [F-Secure Manager] D:\Program Files\mmp\multisaver\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] D:\Program Files\mmp\multisaver\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Kone] D:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE (ROCCAT)
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] D:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [MyWebSearch Email Plugin] D:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [NvCplDaemon] D:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] D:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] D:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [Start WingMan Profiler] D:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - Startup: D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk = D:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: D:\Documents and Settings\Żuczek\Menu Start\Programy\Autostart\GIGABYTE Gamer HUD Lite.lnk = D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2052111302-515967899-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2052111302-515967899-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-2052111302-515967899-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\Program Files\mmp\multisaver\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\Program Files\mmp\multisaver\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\Program Files\mmp\multisaver\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - D:\Program Files\mmp\multisaver\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-02-02 19:01:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () - F:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () - G:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () - H:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009-08-13 07:26:19 | 000,000,000 | R--D | M] - I:\AUTORUN -- [ CDFS ]
O32 - AutoRun File - [2004-09-27 04:24:38 | 000,000,041 | R--- | M] () - I:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2010-12-18 00:41:08 | 000,000,000 | RHSD | M] - J:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color="#e56717"]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-12-17 21:34:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\F-Secure
[2010-12-17 21:00:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\F-Secure
[2010-12-17 21:00:21 | 000,080,000 | ---- | C] (F-Secure Corporation) -- D:\WINDOWS\System32\drivers\fsdfw.sys
[2010-12-17 20:59:20 | 000,000,000 | ---D | C] -- D:\Program Files\mmp
[2010-12-17 20:58:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\fssg
[2010-12-17 20:56:41 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\f-secure
[2010-12-17 03:08:29 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\RealHideIP
[2010-12-17 03:08:29 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\RealHideIP
[2010-12-17 03:08:04 | 000,000,000 | ---D | C] -- D:\Program Files\RealHideIP
[2010-12-15 22:06:35 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- D:\WINDOWS\System32\npptNT2.sys
[2010-12-02 15:46:02 | 000,000,000 | ---D | C] -- D:\WINDOWS\B83FC356B7C0441F8A4DD71E088E7974.TMP
[2010-12-02 15:19:14 | 000,000,000 | ---D | C] -- D:\WINDOWS\Minidump
[2010-12-02 12:09:35 | 000,032,768 | ---- | C] (FunWebProducts.com) -- D:\WINDOWS\System32\f3PSSavr.scr
[2010-12-02 12:09:33 | 000,000,000 | ---D | C] -- D:\Program Files\MyWebSearch
[2010-12-02 12:09:11 | 000,000,000 | ---D | C] -- D:\Program Files\FunWebProducts
[2010-12-01 09:24:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\YoudaGames
[2010-12-01 09:23:56 | 000,000,000 | ---D | C] -- D:\Program Files\Governor of Poker 2 Premium Edition
[2010-11-29 20:31:30 | 000,000,000 | ---D | C] -- D:\WINDOWS\Sun
[2010-11-23 01:22:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Focus Home Interactive
[2010-11-22 17:40:50 | 000,000,000 | ---D | C] -- D:\Program Files\PlayReady
[2010-11-21 17:25:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Dane aplikacji\McAfee
[2010-11-18 16:29:01 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Adobe
[2010-11-18 16:28:08 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Adobe
[2010-11-18 16:28:04 | 000,000,000 | ---D | C] -- D:\Program Files\Adobe
[2010-11-18 16:28:03 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Adobe AIR
[2010-11-18 16:26:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\McAfee Security Scan
[2010-11-18 16:26:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\McAfee
[2010-11-18 16:26:39 | 000,000,000 | ---D | C] -- D:\Program Files\McAfee Security Scan
[2010-11-18 16:26:35 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Adobe
[2010-11-18 12:40:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Moje dokumenty\My Downloads
[2010-11-18 12:40:03 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\IGN_DLM
[2010-11-18 12:38:39 | 000,000,000 | ---D | C] -- D:\Program Files\Download Manager
[2010-11-16 19:22:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Treyarch
[2010-11-16 13:52:13 | 000,000,000 | ---D | C] -- D:\Program Files\NAPI-PROJEKT
[2010-11-10 20:56:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Activision
[2010-11-10 20:20:03 | 000,000,000 | ---D | C] -- D:\WINDOWS\Logs
[2010-11-10 20:06:19 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Steam
[2010-11-09 17:39:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Sun
[2010-11-09 17:39:38 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Java
[2010-11-09 17:39:06 | 000,000,000 | ---D | C] -- D:\Program Files\Java
[2010-11-09 17:38:17 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Sun
[2010-11-09 15:11:36 | 000,000,000 | ---D | C] -- D:\WINDOWS\Prefetch
[2010-11-09 15:03:18 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\pl
[2010-11-09 15:03:18 | 000,000,000 | ---D | C] -- D:\WINDOWS\l2schemas
[2010-11-09 15:03:18 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\bits
[2010-11-09 14:58:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\network diagnostic
[2010-11-09 14:55:02 | 000,000,000 | -H-D | C] -- D:\WINDOWS\$NtServicePackUninstall$
[2010-11-09 14:47:03 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\XPSViewer
[2010-11-09 14:47:01 | 000,000,000 | ---D | C] -- D:\Program Files\MSBuild
[2010-11-09 14:45:18 | 000,000,000 | ---D | C] -- D:\Program Files\MSXML 6.0
[2010-11-09 14:38:15 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Żuczek\IETldCache
[2010-11-09 14:35:02 | 000,000,000 | ---D | C] -- D:\WINDOWS\ie8updates
[2010-11-09 14:34:49 | 000,000,000 | ---D | C] -- D:\WINDOWS\WBEM
[2010-11-09 14:33:49 | 000,000,000 | -H-D | C] -- D:\WINDOWS\ie8
[2010-11-09 14:33:49 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\pl-PL
[2010-11-09 14:17:39 | 000,000,000 | ---D | C] -- D:\WINDOWS\ServicePackFiles
[2010-11-09 13:32:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Media Player Classic
[2010-11-09 13:29:56 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\PreInstall
[2010-11-09 13:29:54 | 000,000,000 | -H-D | C] -- D:\WINDOWS\$hf_mig$
[2010-11-09 13:08:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\WinRAR
[2010-11-09 12:41:09 | 000,000,000 | -HSD | C] -- D:\RECYCLER
[2010-11-09 12:35:17 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\ipla
[2010-11-09 12:35:17 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-11-09 12:35:10 | 000,000,000 | ---D | C] -- D:\Program Files\ipla
[2010-11-09 12:34:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Gadu-Gadu 10
[2010-11-09 12:34:53 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-11-09 12:34:38 | 000,000,000 | ---D | C] -- D:\Program Files\Gadu-Gadu 10
[2010-11-09 12:33:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Moje dokumenty\Pobieranie
[2010-11-09 12:33:33 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Macromedia
[2010-11-09 12:33:33 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Adobe
[2010-11-09 12:27:09 | 000,000,000 | ---D | C] -- D:\Program Files\Mozilla Firefox
[2010-11-09 12:05:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Ventrilo
[2010-11-09 12:05:37 | 000,000,000 | ---D | C] -- D:\Program Files\Ventrilo
[2010-11-09 11:33:29 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Deployment
[2010-11-09 11:32:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\en-US
[2010-11-09 11:32:21 | 000,000,000 | ---D | C] -- D:\Program Files\Reference Assemblies
[2010-11-09 11:31:41 | 000,000,000 | R-SD | C] -- D:\WINDOWS\assembly
[2010-11-09 11:31:27 | 000,000,000 | ---D | C] -- D:\WINDOWS\Microsoft.NET
[2010-11-09 11:30:49 | 000,000,000 | RH-D | C] -- D:\AHCache
[2010-11-09 11:28:19 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\ROCCAT
[2010-11-09 11:27:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\ROCCAT
[2010-11-09 11:27:06 | 000,000,000 | ---D | C] -- D:\Program Files\DIFX
[2010-11-09 11:26:56 | 000,012,672 | ---- | C] (ROCCAT Ltd) -- D:\WINDOWS\System32\drivers\Kone.sys
[2010-11-09 11:26:56 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\DRVSTORE
[2010-11-09 11:26:49 | 000,000,000 | ---D | C] -- D:\Program Files\ROCCAT
[2010-11-09 11:22:30 | 000,000,000 | ---D | C] -- D:\Program Files\Logitech
[2010-11-09 11:22:30 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Logitech
[2010-11-09 11:21:17 | 000,839,680 | ---- | C] ([url="http://www.mp3dev.org/"]http://www.mp3dev.org/[/url]) -- D:\WINDOWS\System32\lameACM.acm
[2010-11-09 11:21:16 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- D:\WINDOWS\System32\yv12vfw.dll
[2010-11-09 11:21:16 | 000,151,552 | ---- | C] (fccHandler) -- D:\WINDOWS\System32\ac3acm.acm
[2010-11-09 11:21:14 | 000,000,000 | ---D | C] -- D:\Program Files\K-Lite Codec Pack
[2010-11-09 11:19:39 | 000,000,000 | ---D | C] -- D:\Program Files\WinRAR
[2010-11-09 11:15:54 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Moje dokumenty\temp
[2010-11-09 11:13:15 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ReinstallBackups
[2010-11-09 11:13:12 | 000,061,440 | ---- | C] (Khronos Group) -- D:\WINDOWS\System32\OpenCL.dll
[2010-11-09 11:12:09 | 000,000,000 | ---D | C] -- D:\NVIDIA
[2010-11-09 11:11:11 | 000,000,000 | ---D | C] -- D:\Program Files\GIGABYTE
[2010-11-09 11:05:00 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Lang
[2010-11-09 11:02:17 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Wise Installation Wizard
[2010-11-09 11:02:01 | 000,000,000 | -H-D | C] -- D:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2010-11-09 11:01:44 | 000,000,000 | ---D | C] -- D:\Program Files\NVIDIA Corporation
[2010-11-09 11:01:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation
[2010-11-09 10:54:46 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\RTCOM
[2010-11-09 10:54:14 | 000,290,816 | ---- | C] (Realtek Semiconductor Crop.) -- D:\WINDOWS\vncutil.exe
[2010-11-09 10:54:14 | 000,122,880 | ---- | C] (Realtek Semiconductor) -- D:\WINDOWS\RtkAudioService.exe
[2010-11-09 10:54:05 | 002,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- D:\WINDOWS\ALCWZRD.EXE
[2010-11-09 10:54:05 | 001,684,736 | ---- | C] (Creative) -- D:\WINDOWS\System32\drivers\Ambfilt.sys
[2010-11-09 10:54:04 | 000,000,000 | -H-D | C] -- D:\Program Files\InstallShield Installation Information
[2010-11-09 10:54:04 | 000,000,000 | ---D | C] -- D:\Program Files\Realtek
[2010-11-09 10:53:55 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\InstallShield
[2010-11-09 10:46:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Mozilla
[2010-11-09 10:46:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla
[2010-11-09 10:20:36 | 000,000,000 | -HSD | C] -- D:\WINDOWS\Installer
[2010-11-09 10:20:35 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\ODBC
[2010-11-09 10:20:32 | 000,000,000 | R--D | C] -- D:\Program Files
[2010-11-09 10:20:32 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\SpeechEngines
[2010-11-09 10:20:32 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Microsoft Shared
[2010-11-09 10:20:32 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files
[2010-11-09 10:20:04 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Menu Start
[2010-11-09 10:20:04 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty
[2010-11-09 10:20:04 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\All Users\Szablony
[2010-11-09 10:20:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Ulubione
[2010-11-09 10:20:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Pulpit
[2010-11-09 10:18:14 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\CatRoot2
[2010-11-09 10:18:14 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\CatRoot
[2010-11-09 10:18:08 | 000,000,000 | --SD | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Microsoft
[2010-11-09 10:18:08 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\All Users\Dane aplikacji
[2010-11-09 10:17:49 | 000,000,000 | -HSD | C] -- D:\System Volume Information
[2010-11-09 10:17:49 | 000,000,000 | ---D | C] -- D:\Documents and Settings
[2010-11-09 10:12:20 | 000,000,000 | R-SD | C] -- D:\WINDOWS\Fonts
[2010-11-09 10:12:20 | 000,000,000 | RHSD | C] -- D:\WINDOWS\System32\dllcache
[2010-11-09 10:12:20 | 000,000,000 | R--D | C] -- D:\WINDOWS\Web
[2010-11-09 10:12:20 | 000,000,000 | -H-D | C] -- D:\WINDOWS\inf
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\WinSxS
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\wins
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\wbem
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\usmt
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\twain_32
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Temp
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\system32
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\system
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\spool
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ShellExt
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Setup
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\security
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Resources
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\repair
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ras
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Provisioning
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\PeerNet
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\pchealth
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\oobe
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\npp
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\mui
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\mui
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\msapps
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\msagent
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Media
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\java
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\inetsrv
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\IME
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\ime
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\icsxml
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ias
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Help
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\export
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\etc
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\ehome
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Driver Cache
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\disdn
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\dhcp
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Debug
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Cursors
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Connection Wizard
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\config
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Config
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\AppPatch
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\addins
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\3com_dmi
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\3076
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\2052
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1054
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1045
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1042
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1041
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1037
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1033
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1031
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1028
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1025
[2010-11-09 10:11:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Identities
[2010-11-09 10:11:05 | 000,000,000 | -H-D | C] -- D:\Program Files\Uninstall Information
[2010-11-09 10:11:04 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Żuczek\Moje dokumenty\Moje obrazy
[2010-11-09 10:11:04 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Żuczek\Moje dokumenty\Moja muzyka
[2010-11-09 10:10:56 | 000,000,000 | --SD | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Microsoft
[2010-11-09 10:10:56 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Żuczek\SendTo
[2010-11-09 10:10:56 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Żuczek\Recent
[2010-11-09 10:10:56 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji
[2010-11-09 10:10:56 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Żuczek\Ulubione
[2010-11-09 10:10:56 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Żuczek\Moje dokumenty
[2010-11-09 10:10:56 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Żuczek\Menu Start
[2010-11-09 10:10:56 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Żuczek\Cookies
[2010-11-09 10:10:56 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne
[2010-11-09 10:10:56 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Żuczek\Szablony
[2010-11-09 10:10:56 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Żuczek\PrintHood
[2010-11-09 10:10:56 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Żuczek\NetHood
[2010-11-09 10:10:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Pulpit
[2010-11-09 10:10:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-11-09 10:09:28 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\SoftwareDistribution
[2010-11-09 10:05:04 | 000,000,000 | ---D | C] -- D:\WINDOWS\SoftwareDistribution
[2010-11-09 10:05:01 | 000,000,000 | --SD | C] -- D:\WINDOWS\System32\Microsoft
[2010-11-09 10:05:01 | 000,000,000 | --SD | C] -- D:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2010-11-09 10:05:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-11-09 10:04:41 | 000,000,000 | --SD | C] -- D:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2010-11-09 10:04:41 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-11-09 10:03:20 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia330.dll
[2010-11-09 10:03:20 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia001.dll
[2010-11-09 10:02:38 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- D:\WINDOWS\System32\dllcache\cap7146.sys
[2010-11-09 10:02:19 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\xircom
[2010-11-09 10:02:19 | 000,000,000 | ---D | C] -- D:\Program Files\xerox
[2010-11-09 10:02:19 | 000,000,000 | ---D | C] -- D:\Program Files\microsoft frontpage
[2010-11-09 10:00:55 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\All Users\DRM
[2010-11-09 10:00:47 | 000,000,000 | --SD | C] -- D:\WINDOWS\Downloaded Program Files
[2010-11-09 10:00:47 | 000,000,000 | R--D | C] -- D:\WINDOWS\Offline Web Pages
[2010-11-09 10:00:38 | 000,000,000 | -H-D | C] -- D:\Program Files\WindowsUpdate
[2010-11-09 10:00:33 | 000,000,000 | ---D | C] -- D:\Program Files\Usługi online
[2010-11-09 10:00:18 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\DirectX
[2010-11-09 09:59:49 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Services
[2010-11-09 09:59:46 | 000,000,000 | --SD | C] -- D:\WINDOWS\Tasks
[2010-11-09 09:59:46 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\MSSoap
[2010-11-09 09:59:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\srchasst
[2010-11-09 09:59:41 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Macromed
[2010-11-09 09:59:34 | 000,000,000 | ---D | C] -- D:\Program Files\Movie Maker
[2010-11-09 09:59:27 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Restore
[2010-11-09 09:59:23 | 000,000,000 | ---D | C] -- D:\Program Files\NetMeeting
[2010-11-09 09:59:21 | 000,000,000 | ---D | C] -- D:\Program Files\Outlook Express
[2010-11-09 09:59:15 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\System
[2010-11-09 09:59:11 | 000,000,000 | ---D | C] -- D:\Program Files\Internet Explorer
[2010-11-09 09:59:10 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty\Moje obrazy
[2010-11-09 09:58:33 | 000,000,000 | ---D | C] -- D:\Program Files\ComPlus Applications
[2010-11-09 09:58:24 | 000,000,000 | ---D | C] -- D:\WINDOWS\Registration
[2010-11-09 09:58:14 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty\Moja muzyka
[2010-11-09 09:58:14 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Media Player
[2010-11-09 09:58:08 | 000,000,000 | ---D | C] -- D:\Program Files\Messenger
[2010-11-09 09:58:04 | 000,000,000 | ---D | C] -- D:\Program Files\MSN Gaming Zone
[2010-11-09 09:57:39 | 000,000,000 | ---D | C] -- D:\Program Files\Windows NT
[2010-11-09 09:57:37 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\MsDtc
[2010-11-09 09:57:35 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Com
[2010-11-09 09:57:21 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty\Moje wideo
[5 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

[color="#e56717"]========== Files - Modified Within 60 Days ==========[/color]

[2010-12-18 00:40:17 | 000,186,368 | RHS- | M] () -- D:\WINDOWS\System32\arking.exe
[2010-12-18 00:40:17 | 000,121,344 | RHS- | M] () -- D:\WINDOWS\System32\arking0.dll
[2010-12-18 00:39:29 | 000,116,224 | RHS- | M] () -- D:\WINDOWS\System32\mgking0.dll
[2010-12-18 00:33:07 | 000,000,355 | ---- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts.ussclean
[2010-12-18 00:33:07 | 000,000,355 | ---- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts
[2010-12-18 00:07:01 | 000,243,457 | ---- | M] () -- D:\WINDOWS\System32\NvApps.xml
[2010-12-18 00:06:58 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2010-12-17 21:06:05 | 000,042,664 | ---- | M] () -- D:\WINDOWS\System32\drivers\fsbts.sys
[2010-12-17 21:02:47 | 000,001,944 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\multiSAVER.lnk
[2010-12-17 21:00:24 | 000,496,774 | ---- | M] () -- D:\WINDOWS\System32\perfh015.dat
[2010-12-17 21:00:24 | 000,438,638 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2010-12-17 21:00:24 | 000,086,784 | ---- | M] () -- D:\WINDOWS\System32\perfc015.dat
[2010-12-17 21:00:24 | 000,070,352 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2010-12-17 05:18:29 | 000,092,160 | ---- | M] () -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-12-17 03:08:26 | 000,000,706 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Real Hide IP.lnk
[2010-12-17 01:01:01 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2010-12-12 18:44:21 | 000,000,000 | ---- | M] () -- D:\WINDOWS\System32\94332.lic
[2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () -- D:\autorun.inf
[2010-12-02 15:44:15 | 000,000,664 | ---- | M] () -- D:\WINDOWS\System32\d3d9caps.dat
[2010-12-02 15:19:44 | 000,117,248 | RHS- | M] () -- D:\WINDOWS\System32\arking1.dll
[2010-12-02 12:09:33 | 000,032,768 | ---- | M] (FunWebProducts.com) -- D:\WINDOWS\System32\f3PSSavr.scr
[2010-12-01 09:24:10 | 000,000,926 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Governor of Poker 2 Premium Edition.lnk
[2010-11-28 02:17:51 | 000,000,584 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\Skrót do l2.lnk
[2010-11-21 17:24:44 | 000,001,619 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\McAfee Security Scan Plus.lnk
[2010-11-21 17:24:44 | 000,001,611 | ---- | M] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk
[2010-11-19 15:13:39 | 000,001,729 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-11-19 15:13:14 | 000,177,152 | RHS- | M] () -- D:\WINDOWS\System32\mgking.exe
[2010-11-19 15:13:14 | 000,177,152 | RHS- | M] () -- D:\i00dvoym.exe
[2010-11-19 15:13:14 | 000,116,224 | RHS- | M] () -- D:\WINDOWS\System32\mgking1.dll
[2010-11-18 12:38:39 | 000,000,707 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Download Manager.lnk
[2010-11-18 05:37:21 | 000,176,640 | RHS- | M] () -- D:\et3ypes.exe
[2010-11-16 13:02:20 | 000,177,664 | RHS- | M] () -- D:\bud3mkqr.exe
[2010-11-15 13:52:38 | 000,000,650 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\Skrót do JDownloader.lnk
[2010-11-14 15:16:31 | 000,098,256 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2010-11-14 15:09:11 | 000,001,393 | ---- | M] () -- D:\WINDOWS\imsins.BAK
[2010-11-10 20:41:43 | 000,000,205 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\Call of Duty Black Ops.url
[2010-11-10 20:41:43 | 000,000,205 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\Call of Duty Black Ops - Multiplayer.url
[2010-11-10 20:06:20 | 000,000,521 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Steam.lnk
[2010-11-10 17:54:15 | 000,177,664 | RHS- | M] () -- D:\cbbw88s.exe
[2010-11-09 15:34:35 | 000,000,574 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\MuOnline.lnk
[2010-11-09 15:12:10 | 000,316,640 | ---- | M] () -- D:\WINDOWS\WMSysPr9.prx
[2010-11-09 14:39:01 | 000,178,176 | RHS- | M] () -- D:\dwh.exe
[2010-11-09 12:47:33 | 000,000,825 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\MUAutoClicker.lnk
[2010-11-09 12:35:15 | 000,000,626 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\ipla.lnk
[2010-11-09 12:34:53 | 000,000,762 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2010-11-09 12:27:15 | 000,001,602 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2010-11-09 11:26:22 | 000,021,504 | ---- | M] () -- D:\WINDOWS\jestertb.dll
[2010-11-09 11:13:50 | 000,240,592 | ---- | M] () -- D:\WINDOWS\System32\nvdrsdb0.bin
[2010-11-09 11:13:50 | 000,000,001 | ---- | M] () -- D:\WINDOWS\System32\nvdrssel.bin
[2010-11-09 11:13:48 | 000,240,592 | ---- | M] () -- D:\WINDOWS\System32\nvdrsdb1.bin
[2010-11-09 11:13:48 | 000,000,000 | ---- | M] () -- D:\WINDOWS\System32\nvdrswr.lk
[2010-11-09 11:11:13 | 000,001,834 | ---- | M] () -- D:\Documents and Settings\Żuczek\Menu Start\Programy\Autostart\GIGABYTE Gamer HUD Lite.lnk
[2010-11-09 11:05:02 | 000,940,794 | ---- | M] () -- D:\WINDOWS\System32\LoopyMusic.wav
[2010-11-09 11:05:02 | 000,146,650 | ---- | M] () -- D:\WINDOWS\System32\BuzzingBee.wav
[2010-11-09 10:53:29 | 000,021,891 | ---- | M] () -- D:\WINDOWS\Ascd_tmp.ini
[2010-11-09 10:53:19 | 000,001,769 | ---- | M] () -- D:\WINDOWS\Language_trs.ini
[2010-11-09 10:46:44 | 000,000,000 | ---- | M] () -- D:\WINDOWS\nsreg.dat
[2010-11-09 10:04:44 | 000,008,192 | ---- | M] () -- D:\WINDOWS\REGLOCS.OLD
[2010-11-09 10:03:36 | 000,000,261 | ---- | M] () -- D:\WINDOWS\System32\$winnt$.inf
[2010-11-09 10:01:55 | 000,002,596 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT
[2010-11-09 10:01:52 | 000,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb
[2010-11-09 10:01:52 | 000,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb
[2010-11-09 10:01:41 | 000,004,293 | ---- | M] () -- D:\WINDOWS\ODBCINST.INI
[2010-11-09 09:58:51 | 000,021,856 | ---- | M] () -- D:\WINDOWS\System32\emptyregdb.dat
[2010-10-28 13:29:48 | 000,175,104 | RHS- | M] () -- D:\b9v.exe
[2010-10-22 07:23:30 | 000,061,440 | ---- | M] (Khronos Group) -- D:\WINDOWS\System32\OpenCL.dll
[2010-10-22 07:23:29 | 000,003,739 | ---- | M] () -- D:\WINDOWS\System32\nvinfo.pb
[5 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]

[color="#e56717"]========== Files Created - No Company Name ==========[/color]

[2010-12-18 00:33:07 | 000,000,355 | ---- | C] () -- D:\WINDOWS\System32\drivers\etc\hosts.ussclean
[2010-12-18 00:33:07 | 000,000,355 | ---- | C] () -- D:\WINDOWS\System32\drivers\etc\hosts
[2010-12-17 21:02:47 | 000,001,944 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\multiSAVER.lnk
[2010-12-17 21:00:38 | 000,042,664 | ---- | C] () -- D:\WINDOWS\System32\drivers\fsbts.sys
[2010-12-17 03:08:26 | 000,000,706 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Real Hide IP.lnk
[2010-12-15 22:06:35 | 000,005,174 | ---- | C] () -- D:\WINDOWS\System32\nppt9x.vxd
[2010-12-12 18:44:21 | 000,000,000 | ---- | C] () -- D:\WINDOWS\System32\94332.lic
[2010-12-12 14:29:31 | 000,206,038 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\Zdjęcia-0011.jpg
[2010-12-02 15:19:44 | 000,117,248 | RHS- | C] () -- D:\WINDOWS\System32\arking1.dll
[2010-12-02 15:19:31 | 000,000,664 | ---- | C] () -- D:\WINDOWS\System32\d3d9caps.dat
[2010-12-01 09:24:10 | 000,000,926 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Governor of Poker 2 Premium Edition.lnk
[2010-11-29 16:09:39 | 000,186,368 | RHS- | C] () -- D:\WINDOWS\System32\arking.exe
[2010-11-29 16:09:39 | 000,121,344 | RHS- | C] () -- D:\WINDOWS\System32\arking0.dll
[2010-11-28 02:17:51 | 000,000,584 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\Skrót do l2.lnk
[2010-11-19 15:13:41 | 000,177,152 | RHS- | C] () -- D:\i00dvoym.exe
[2010-11-18 16:29:20 | 000,001,729 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-11-18 16:26:40 | 000,001,619 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\McAfee Security Scan Plus.lnk
[2010-11-18 16:26:40 | 000,001,611 | ---- | C] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk
[2010-11-18 12:38:39 | 000,000,707 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Download Manager.lnk
[2010-11-16 13:02:46 | 000,176,640 | RHS- | C] () -- D:\et3ypes.exe
[2010-11-15 13:52:38 | 000,000,650 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\Skrót do JDownloader.lnk
[2010-11-14 15:17:51 | 000,177,664 | RHS- | C] () -- D:\bud3mkqr.exe
[2010-11-10 20:41:43 | 000,000,205 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\Call of Duty Black Ops.url
[2010-11-10 20:41:43 | 000,000,205 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\Call of Duty Black Ops - Multiplayer.url
[2010-11-10 20:06:20 | 000,000,521 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Steam.lnk
[2010-11-10 17:54:41 | 000,177,664 | RHS- | C] () -- D:\cbbw88s.exe
[2010-11-09 15:34:35 | 000,000,574 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\MuOnline.lnk
[2010-11-09 14:39:01 | 000,116,224 | RHS- | C] () -- D:\WINDOWS\System32\mgking1.dll
[2010-11-09 13:49:15 | 000,693,932 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmplayer.chm
[2010-11-09 13:49:15 | 000,354,468 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud1.wav
[2010-11-09 13:49:15 | 000,343,204 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud7.wav
[2010-11-09 13:49:15 | 000,343,204 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud6.wav
[2010-11-09 13:49:15 | 000,172,196 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud9.wav
[2010-11-09 13:49:15 | 000,172,196 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud8.wav
[2010-11-09 13:49:15 | 000,172,196 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud3.wav
[2010-11-09 13:49:15 | 000,086,196 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud5.wav
[2010-11-09 13:49:15 | 000,086,180 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud4.wav
[2010-11-09 13:49:15 | 000,086,180 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud2.wav
[2010-11-09 13:49:15 | 000,071,460 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmplayer.adm
[2010-11-09 13:49:15 | 000,034,548 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmdm.inf
[2010-11-09 13:49:15 | 000,027,965 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmplay.chm
[2010-11-09 13:49:15 | 000,023,829 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tourbg.gif
[2010-11-09 13:49:15 | 000,017,489 | ---- | C] () -- D:\WINDOWS\System32\dllcache\videobg.gif
[2010-11-09 13:49:15 | 000,013,540 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmfsdk.inf
[2010-11-09 13:49:15 | 000,008,677 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm7.gif
[2010-11-09 13:49:15 | 000,007,892 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm9.gif
[2010-11-09 13:49:15 | 000,007,636 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm2.gif
[2010-11-09 13:49:15 | 000,007,369 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm4.gif
[2010-11-09 13:49:15 | 000,006,241 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm3.gif
[2010-11-09 13:49:15 | 000,006,060 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm6.gif
[2010-11-09 13:49:15 | 000,005,789 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm1.gif
[2010-11-09 13:49:15 | 000,005,290 | ---- | C] () -- D:\WINDOWS\System32\dllcache\vidsamp.gif
[2010-11-09 13:49:15 | 000,004,193 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm8.gif
[2010-11-09 13:49:15 | 000,003,187 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tour.js
[2010-11-09 13:49:15 | 000,002,477 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm5.gif
[2010-11-09 13:49:15 | 000,002,469 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tplay.gif
[2010-11-09 13:49:15 | 000,002,450 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tpause.gif
[2010-11-09 13:49:15 | 000,002,375 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tplayh.gif
[2010-11-09 13:49:15 | 000,002,371 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tpauseh.gif
[2010-11-09 13:49:15 | 000,001,771 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmptour.css
[2010-11-09 13:49:15 | 000,001,714 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpocm.inf
[2010-11-09 13:49:15 | 000,001,398 | ---- | C] () -- D:\WINDOWS\System32\dllcache\taon.gif
[2010-11-09 13:49:15 | 000,001,380 | ---- | C] () -- D:\WINDOWS\System32\dllcache\taonh.gif
[2010-11-09 13:49:15 | 000,001,380 | ---- | C] () -- D:\WINDOWS\System32\dllcache\taoff.gif
[2010-11-09 13:49:15 | 000,001,367 | ---- | C] () -- D:\WINDOWS\System32\dllcache\taoffh.gif
[2010-11-09 13:49:11 | 000,066,160 | ---- | C] () -- D:\WINDOWS\System32\dllcache\revert.wmz
[2010-11-09 13:49:11 | 000,001,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\skins.inf
[2010-11-09 13:49:11 | 000,001,148 | ---- | C] () -- D:\WINDOWS\System32\dllcache\snd.htm
[2010-11-09 13:49:10 | 000,089,253 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plyr_err.chm
[2010-11-09 13:49:10 | 000,022,060 | ---- | C] () -- D:\WINDOWS\System32\dllcache\npds.zip
[2010-11-09 13:49:10 | 000,000,403 | ---- | C] () -- D:\WINDOWS\System32\dllcache\npdrmv2.zip
[2010-11-09 13:49:09 | 000,067,866 | ---- | C] () -- D:\WINDOWS\System32\drivers\netwlan5.img
[2010-11-09 13:49:09 | 000,036,644 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplayer2.inf
[2010-11-09 13:49:09 | 000,002,778 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplogoh.gif
[2010-11-09 13:49:09 | 000,002,545 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplogo.gif
[2010-11-09 13:49:06 | 000,005,971 | ---- | C] () -- D:\WINDOWS\System32\dllcache\events.js
[2010-11-09 13:49:03 | 000,184,137 | ---- | C] () -- D:\WINDOWS\System32\dllcache\compact.wmz
[2010-11-09 13:49:03 | 000,129,045 | ---- | C] () -- D:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010-11-09 13:49:03 | 000,009,585 | ---- | C] () -- D:\WINDOWS\System32\dllcache\controls.css
[2010-11-09 13:49:03 | 000,000,999 | ---- | C] () -- D:\WINDOWS\System32\dllcache\bktrh.gif
[2010-11-09 13:49:03 | 000,000,773 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cnth.gif
[2010-11-09 13:49:03 | 000,000,773 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cnt.gif
[2010-11-09 13:49:03 | 000,000,772 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cntd.gif
[2010-11-09 13:49:03 | 000,000,760 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cloapph.gif
[2010-11-09 13:49:03 | 000,000,717 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cloapp.gif
[2010-11-09 13:48:11 | 000,064,352 | ---- | C] () -- D:\WINDOWS\System32\drivers\ativmc20.cod
[2010-11-09 13:05:03 | 000,092,160 | ---- | C] () -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-11-09 12:47:33 | 000,000,825 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\MUAutoClicker.lnk
[2010-11-09 12:35:15 | 000,000,626 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\ipla.lnk
[2010-11-09 12:34:53 | 000,000,762 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2010-11-09 12:27:15 | 000,001,602 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2010-11-09 11:26:22 | 000,021,504 | ---- | C] () -- D:\WINDOWS\jestertb.dll
[2010-11-09 11:21:18 | 000,165,376 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll
[2010-11-09 11:21:18 | 000,000,038 | ---- | C] () -- D:\WINDOWS\avisplitter.ini
[2010-11-09 11:21:17 | 000,000,414 | ---- | C] () -- D:\WINDOWS\System32\lame_acm.xml
[2010-11-09 11:21:16 | 000,790,528 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll
[2010-11-09 11:21:16 | 000,134,144 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll
[2010-11-09 11:21:16 | 000,108,032 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll
[2010-11-09 11:13:50 | 000,240,592 | ---- | C] () -- D:\WINDOWS\System32\nvdrsdb0.bin
[2010-11-09 11:13:48 | 000,240,592 | ---- | C] () -- D:\WINDOWS\System32\nvdrsdb1.bin
[2010-11-09 11:13:48 | 000,000,001 | ---- | C] () -- D:\WINDOWS\System32\nvdrssel.bin
[2010-11-09 11:13:48 | 000,000,000 | ---- | C] () -- D:\WINDOWS\System32\nvdrswr.lk
[2010-11-09 11:13:11 | 000,003,739 | ---- | C] () -- D:\WINDOWS\System32\nvinfo.pb
[2010-11-09 11:11:13 | 000,001,834 | ---- | C] () -- D:\Documents and Settings\Żuczek\Menu Start\Programy\Autostart\GIGABYTE Gamer HUD Lite.lnk
[2010-11-09 11:05:02 | 000,940,794 | ---- | C] () -- D:\WINDOWS\System32\LoopyMusic.wav
[2010-11-09 11:05:02 | 000,146,650 | ---- | C] () -- D:\WINDOWS\System32\BuzzingBee.wav
[2010-11-09 11:01:16 | 000,019,495 | ---- | C] () -- D:\WINDOWS\System32\nvdisp.nvu
[2010-11-09 10:53:22 | 000,005,810 | R--- | C] () -- D:\WINDOWS\System32\drivers\ASACPI.sys
[2010-11-09 10:53:19 | 000,001,769 | ---- | C] () -- D:\WINDOWS\Language_trs.ini
[2010-11-09 10:53:08 | 000,021,891 | ---- | C] () -- D:\WINDOWS\Ascd_tmp.ini
[2010-11-09 10:53:08 | 000,010,296 | ---- | C] () -- D:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010-11-09 10:46:44 | 000,000,000 | ---- | C] () -- D:\WINDOWS\nsreg.dat
[2010-11-09 10:20:39 | 000,001,393 | ---- | C] () -- D:\WINDOWS\imsins.BAK
[2010-11-09 10:20:35 | 000,004,293 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2010-11-09 10:20:33 | 001,685,606 | ---- | C] () -- D:\WINDOWS\System32\dllcache\sam.spd
[2010-11-09 10:20:33 | 000,643,717 | ---- | C] () -- D:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010-11-09 10:20:33 | 000,605,050 | ---- | C] () -- D:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010-11-09 10:20:33 | 000,000,888 | ---- | C] () -- D:\WINDOWS\System32\dllcache\sam.sdf
[2010-11-09 10:20:17 | 000,001,734 | ---- | C] () -- D:\WINDOWS\System32\AUTOEXEC.NT
[2010-11-09 10:18:25 | 000,808,524 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010-11-09 10:18:25 | 000,399,670 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010-11-09 10:18:25 | 000,037,509 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MW770.CAT
[2010-11-09 10:18:25 | 000,013,497 | ---- | C] () -- D:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010-11-09 10:18:25 | 000,008,599 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010-11-09 10:18:25 | 000,007,382 | ---- | C] () -- D:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010-11-09 10:18:25 | 000,007,334 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010-11-09 10:18:24 | 001,014,483 | ---- | C] () -- D:\WINDOWS\System32\dllcache\SP2.CAT
[2010-11-09 10:17:48 | 000,098,256 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2010-11-09 10:16:56 | 000,178,176 | RHS- | C] () -- D:\dwh.exe
[2010-11-09 10:16:39 | 000,000,261 | ---- | C] () -- D:\WINDOWS\System32\$winnt$.inf
[2010-11-09 10:16:30 | 000,177,152 | RHS- | C] () -- D:\WINDOWS\System32\mgking.exe
[2010-11-09 10:16:30 | 000,116,224 | RHS- | C] () -- D:\WINDOWS\System32\mgking0.dll
[2010-11-09 10:15:30 | 000,175,104 | RHS- | C] () -- D:\b9v.exe
[2010-11-09 10:15:30 | 000,000,063 | RHS- | C] () -- D:\autorun.inf
[2010-11-09 10:04:44 | 000,008,192 | ---- | C] () -- D:\WINDOWS\REGLOCS.OLD
[2010-11-09 10:03:36 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2010-11-09 10:03:17 | 000,175,104 | ---- | C] () -- D:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010-11-09 10:03:08 | 001,158,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010-11-09 10:03:04 | 000,196,665 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imjpinst.exe
[2010-11-09 10:03:04 | 000,059,392 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imscinst.exe
[2010-11-09 10:03:02 | 000,134,339 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imekr.lex
[2010-11-09 10:02:52 | 013,463,552 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010-11-09 10:02:48 | 000,108,827 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hanja.lex
[2010-11-09 10:02:40 | 000,173,568 | ---- | C] () -- D:\WINDOWS\System32\dllcache\chtskf.dll
[2010-11-09 10:01:55 | 000,002,596 | ---- | C] () -- D:\WINDOWS\System32\CONFIG.NT
[2010-11-09 10:01:52 | 000,023,392 | ---- | C] () -- D:\WINDOWS\System32\nscompat.tlb
[2010-11-09 10:01:52 | 000,016,832 | ---- | C] () -- D:\WINDOWS\System32\amcompat.tlb
[2010-11-09 10:01:51 | 000,316,640 | ---- | C] () -- D:\WINDOWS\WMSysPr9.prx
[2010-11-09 10:00:24 | 004,399,505 | ---- | C] () -- D:\WINDOWS\System32\dllcache\nls302en.lex
[2010-11-09 09:59:57 | 000,048,680 | -HS- | C] () -- D:\WINDOWS\winnt256.bmp
[2010-11-09 09:59:57 | 000,048,680 | -HS- | C] () -- D:\WINDOWS\winnt.bmp
[2010-11-09 09:59:51 | 000,000,984 | ---- | C] () -- D:\WINDOWS\System32\dllcache\srframe.mmf
[2010-11-09 09:58:51 | 000,021,856 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2010-11-09 09:57:52 | 000,065,832 | ---- | C] () -- D:\WINDOWS\Stiuk z Santa Fe.bmp
[2010-11-09 09:57:52 | 000,026,680 | ---- | C] () -- D:\WINDOWS\Wachlarze.bmp
[2010-11-09 09:57:52 | 000,017,362 | ---- | C] () -- D:\WINDOWS\Rododendron.bmp
[2010-11-09 09:57:52 | 000,009,522 | ---- | C] () -- D:\WINDOWS\Indiański pled.bmp
[2010-11-09 09:57:51 | 000,065,978 | ---- | C] () -- D:\WINDOWS\Bąbelki.bmp
[2010-11-09 09:57:51 | 000,065,954 | ---- | C] () -- D:\WINDOWS\Pod mikroskopem.bmp
[2010-11-09 09:57:51 | 000,026,582 | ---- | C] () -- D:\WINDOWS\Nefryt.bmp
[2010-11-09 09:57:51 | 000,017,336 | ---- | C] () -- D:\WINDOWS\Na rybkach.bmp
[2010-11-09 09:57:51 | 000,017,062 | ---- | C] () -- D:\WINDOWS\Kawa.bmp
[2010-11-09 09:57:51 | 000,016,730 | ---- | C] () -- D:\WINDOWS\Puch.bmp
[2010-11-09 09:57:51 | 000,001,272 | ---- | C] () -- D:\WINDOWS\Niebieska koronka 16.bmp
[2010-11-09 09:57:48 | 000,003,286 | ---- | C] () -- D:\WINDOWS\System32\tslabels.h
[2010-11-09 09:57:48 | 000,001,225 | ---- | C] () -- D:\WINDOWS\System32\usrlogon.cmd
[2010-11-09 09:57:47 | 000,000,768 | ---- | C] () -- D:\WINDOWS\System32\msdtcprf.h
[2010-11-09 09:57:41 | 000,063,488 | ---- | C] () -- D:\WINDOWS\System32\wmimgmt.msc

[color="#e56717"]========== LOP Check ==========[/color]

[2010-12-17 20:59:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\f-secure
[2010-12-17 20:58:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\fssg
[2010-11-09 12:34:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-11-22 17:40:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-11-09 11:27:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ROCCAT
[2010-12-17 21:34:02 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\F-Secure
[2010-11-09 12:34:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Gadu-Gadu 10
[2010-12-16 17:39:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\ipla
[2010-11-09 11:28:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\ROCCAT
[2010-12-01 09:24:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\YoudaGames

[color="#e56717"]========== Purity Check ==========[/color]



[color="#e56717"]========== Custom Scans ==========[/color]


[color="#a23bec"]< %systemdrive%\*.* >[/color]
[2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () -- D:\autorun.inf
[2010-10-28 13:29:48 | 000,175,104 | RHS- | M] () -- D:\b9v.exe
[2010-11-16 13:02:20 | 000,177,664 | RHS- | M] () -- D:\bud3mkqr.exe
[2010-11-10 17:54:15 | 000,177,664 | RHS- | M] () -- D:\cbbw88s.exe
[2010-11-09 14:39:01 | 000,178,176 | RHS- | M] () -- D:\dwh.exe
[2010-11-18 05:37:21 | 000,176,640 | RHS- | M] () -- D:\et3ypes.exe
[2010-11-19 15:13:14 | 000,177,152 | RHS- | M] () -- D:\i00dvoym.exe
[2010-12-18 00:06:55 | 2145,386,496 | -HS- | M] () -- D:\pagefile.sys


[color="#a23bec"]< MD5 for: AGP440.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2010-11-09 14:55:01 | 023,908,281 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2010-11-09 14:55:01 | 023,908,281 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- D:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- D:\WINDOWS\system32\drivers\agp440.sys

[color="#a23bec"]< MD5 for: ATAPI.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010-11-09 14:55:01 | 023,908,281 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010-11-09 14:55:01 | 023,908,281 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- D:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- D:\WINDOWS\system32\drivers\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\$NtServicePackUninstall$\atapi.sys

[color="#a23bec"]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 20:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- D:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 20:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- D:\WINDOWS\system32\drivers\beep.sys

[color="#a23bec"]< MD5 for: CDROM.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2010-11-09 14:55:01 | 023,908,281 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2010-11-09 14:55:01 | 023,908,281 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- D:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- D:\WINDOWS\system32\drivers\cdrom.sys
[2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- D:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

[color="#a23bec"]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- D:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- D:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- D:\WINDOWS\system32\eventlog.dll

[color="#a23bec"]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- D:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- D:\WINDOWS\system32\drivers\ndis.sys
[2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- D:\WINDOWS\$NtServicePackUninstall$\ndis.sys

[color="#a23bec"]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- D:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- D:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- D:\WINDOWS\system32\winlogon.exe

< End of report >[/log]

Oraz [b]RSIT Log[/b]
[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by Żuczek at 2010-12-18 01:13:25
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive D: has 89 GB (89%) free of 100 GB
Total RAM: 2047 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 01:13:36, on 2010-12-18
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\RTHDCPL.EXE
D:\Program Files\Logitech\Gaming Software\LWEMon.exe
D:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
D:\Program Files\mmp\multisaver\Anti-Virus\fsgk32st.exe
D:\Program Files\mmp\multisaver\Common\FSMA32.EXE
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\ROCCAT\Kone Mouse\osd.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
D:\WINDOWS\system32\taskmgr.exe
D:\Program Files\mmp\multisaver\Anti-Virus\FSGK32.EXE
D:\Program Files\mmp\multisaver\Anti-Virus\fssm32.exe
D:\Program Files\mmp\multisaver\Common\FSLAUNCH.EXE
D:\WINDOWS\explorer.exe
D:\Documents and Settings\Żuczek\Moje dokumenty\Pobieranie\OTL.exe
D:\WINDOWS\notepad.exe
D:\WINDOWS\notepad.exe
D:\Documents and Settings\Żuczek\Moje dokumenty\Pobieranie\RSIT.exe
D:\Program Files\trend micro\Żuczek.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - D:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O1 - Hosts: ::1 localhost
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - D:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - D:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - D:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Start WingMan Profiler] D:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [Kone] "D:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "D:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [nwiz] D:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [F-Secure Manager] "D:\Program Files\mmp\multisaver\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "D:\Program Files\mmp\multisaver\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "D:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MSI" TRANSFORMS="D:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MST" WISE_SETUP_EXE_PATH="i:\driver\2k_xp\190.38\PhysX_9.09.0428_SystemSoftware.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: GIGABYTE Gamer HUD Lite.lnk = D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: &Search - [url="http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?s=100000341&p=GRxdm227YYPL&si=&a=n7GWZA1Az.f68hWBClPHSw&n=2010120211"]http://edits.mywebse...Sw&n=2010120211[/url]
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - D:\Program Files\mmp\multisaver\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - D:\Program Files\mmp\multisaver\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - D:\Program Files\mmp\multisaver\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - D:\Program Files\mmp\multisaver\ORSP Client\fsorsp.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - D:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 7581 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}]
MyWebSearch Search Assistant BHO - D:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL [2010-12-02 54704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
mwsBar BHO - D:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [2010-12-02 775696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-09 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{07B18EA9-A523-4961-B6BB-170DE4475CCA} - My Web Search - D:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [2010-12-02 775696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2009-05-21 17881600]
"Start WingMan Profiler"=D:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 153672]
"Kone"=D:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE [2008-10-06 151552]
"SunJavaUpdateSched"=D:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"My Web Search Bar Search Scope Monitor"=D:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe [2010-12-02 28783]
"MyWebSearch Email Plugin"=D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe [2010-12-02 32849]
"KernelFaultCheck"=D:\WINDOWS\system32\dumprep 0 -k []
"nwiz"=D:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-07-09 1657376]
"NvMediaCenter"=D:\WINDOWS\system32\NvMcTray.dll [2009-07-14 86016]
"NvCplDaemon"=D:\WINDOWS\system32\NvCpl.dll [2009-07-14 13877248]
"F-Secure Manager"=D:\Program Files\mmp\multisaver\Common\FSM32.EXE [2009-08-05 199264]
"F-Secure TNB"=D:\Program Files\mmp\multisaver\FSGUI\TNBUtil.exe [2009-08-05 2349664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WiseStubReboot"=MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I D:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MSI TRANSFORMS=D:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MST WISE_SETUP_EXE_PATH=i:\driver\2k_xp\190.38\PhysX_9.09.0428_SystemSoftware.exe []

D:\Documents and Settings\All Users\Menu Start\Programy\Autostart
McAfee Security Scan Plus.lnk - D:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

D:\Documents and Settings\Żuczek\Menu Start\Programy\Autostart
GIGABYTE Gamer HUD Lite.lnk - D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - D:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=0xFFFFFFFF

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Gadu-Gadu 10\gg.exe"="D:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10"
"D:\Documents and Settings\Żuczek\Ustawienia lokalne\Apps\2.0\NWRZZE6A.YKX\ALAWT2N6.5XZ\curs..tion_eee711038731a406_0004.0000_1829574f2226d088\CurseClient.exe"="D:\Documents and Settings\Żuczek\Ustawienia lokalne\Apps\2.0\NWRZZE6A.YKX\ALAWT2N6.5XZ\curs..tion_eee711038731a406_0004.0000_1829574f2226d088\CurseClient.exe:*:Enabled:Curse Client 4.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\Gry\Steam\Steam.exe"="E:\Gry\Steam\Steam.exe:*:Enabled:Steam"
"D:\Program Files\Java\jre6\bin\javaw.exe"="D:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary"
"E:\Gry\Steam\SteamApps\common\call of duty black ops rcon\BlackOpsRcon.exe"="E:\Gry\Steam\SteamApps\common\call of duty black ops rcon\BlackOpsRcon.exe:*:Enabled:Call of Duty Black Ops - Remote Console"
"E:\Gry\Steam\SteamApps\common\call of duty black ops\BlackOps.exe"="E:\Gry\Steam\SteamApps\common\call of duty black ops\BlackOps.exe:*:Enabled:Call of Duty: Black Ops"
"E:\Gry\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe"="E:\Gry\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe:*:Enabled:Call of Duty: Black Ops - Multiplayer"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="

======List of files/folders created in the last 1 months======

2010-12-18 01:13:25 ----D---- D:\rsit
2010-12-18 01:13:25 ----D---- D:\Program Files\trend micro
2010-12-17 21:34:02 ----D---- D:\Documents and Settings\Żuczek\Dane aplikacji\F-Secure
2010-12-17 21:00:38 ----A---- D:\WINDOWS\system32\drivers\fsbts.sys
2010-12-17 21:00:21 ----A---- D:\WINDOWS\system32\drivers\fsdfw.sys
2010-12-17 20:59:20 ----D---- D:\Program Files\mmp
2010-12-17 20:58:57 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\fssg
2010-12-17 20:56:41 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\f-secure
2010-12-17 03:08:29 ----D---- D:\Documents and Settings\Żuczek\Dane aplikacji\RealHideIP
2010-12-17 03:08:29 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\RealHideIP
2010-12-17 03:08:04 ----D---- D:\Program Files\RealHideIP
2010-12-15 22:06:35 ----A---- D:\WINDOWS\system32\npptNT2.sys
2010-12-02 15:46:02 ----D---- D:\WINDOWS\B83FC356B7C0441F8A4DD71E088E7974.TMP
2010-12-02 15:19:44 ----RSH---- D:\WINDOWS\system32\arking1.dll
2010-12-02 15:19:14 ----D---- D:\WINDOWS\Minidump
2010-12-02 12:09:33 ----D---- D:\Program Files\MyWebSearch
2010-12-02 12:09:11 ----D---- D:\Program Files\FunWebProducts
2010-12-01 09:24:23 ----D---- D:\Documents and Settings\Żuczek\Dane aplikacji\YoudaGames
2010-12-01 09:23:56 ----D---- D:\Program Files\Governor of Poker 2 Premium Edition
2010-11-29 20:31:30 ----D---- D:\WINDOWS\Sun
2010-11-29 16:09:39 ----RSH---- D:\WINDOWS\system32\arking0.dll
2010-11-29 16:09:39 ----RSH---- D:\WINDOWS\system32\arking.exe
2010-11-22 17:40:50 ----D---- D:\Program Files\PlayReady
2010-11-19 23:22:26 ----A---- D:\WINDOWS\system32\drivers\USBSTOR.SYS
2010-11-19 15:13:41 ----RSH---- D:\i00dvoym.exe

======List of files/folders modified in the last 1 months======

2010-12-18 01:13:25 ----RD---- D:\Program Files
2010-12-18 00:54:49 ----D---- D:\WINDOWS\Temp
2010-12-18 00:40:51 ----D---- D:\WINDOWS\Prefetch
2010-12-18 00:40:17 ----D---- D:\WINDOWS\system32
2010-12-18 00:39:29 ----RSH---- D:\WINDOWS\system32\mgking0.dll
2010-12-18 00:33:08 ----D---- D:\WINDOWS\system32\drivers\etc
2010-12-18 00:07:20 ----D---- D:\WINDOWS\system32\CatRoot2
2010-12-18 00:06:03 ----A---- D:\WINDOWS\SchedLgU.Txt
2010-12-17 21:23:01 ----D---- D:\WINDOWS
2010-12-17 21:00:38 ----D---- D:\WINDOWS\system32\drivers
2010-12-17 21:00:24 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2010-12-17 20:59:07 ----SHD---- D:\WINDOWS\Installer
2010-12-17 01:02:17 ----D---- D:\WINDOWS\system32\inetsrv
2010-12-16 17:39:24 ----D---- D:\Documents and Settings\Żuczek\Dane aplikacji\ipla
2010-12-15 21:58:15 ----HD---- D:\Program Files\InstallShield Installation Information
2010-12-14 21:10:05 ----D---- D:\Documents and Settings\Żuczek\Dane aplikacji\IGN_DLM
2010-12-11 02:50:58 ----D---- D:\Program Files\Mozilla Firefox
2010-12-02 15:46:25 ----D---- D:\WINDOWS\Help
2010-12-02 15:45:05 ----RSHDC---- D:\WINDOWS\system32\dllcache
2010-12-02 15:44:27 ----HD---- D:\WINDOWS\inf
2010-12-02 15:44:27 ----D---- D:\WINDOWS\system32\CatRoot
2010-12-02 15:42:09 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation
2010-12-02 15:36:39 ----D---- D:\Program Files\NVIDIA Corporation
2010-12-02 15:31:52 ----SD---- D:\Documents and Settings\Żuczek\Dane aplikacji\Microsoft
2010-11-28 08:13:30 ----D---- D:\WINDOWS\system32\Restore
2010-11-22 17:40:52 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\ipla
2010-11-22 17:40:49 ----SD---- D:\Documents and Settings\All Users\Dane aplikacji\Microsoft
2010-11-21 17:24:43 ----D---- D:\Program Files\McAfee Security Scan
2010-11-20 23:25:49 ----D---- D:\Program Files\Common Files\Steam
2010-11-19 15:13:14 ----RSH---- D:\WINDOWS\system32\mgking1.dll
2010-11-19 15:13:14 ----RSH---- D:\WINDOWS\system32\mgking.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fsbts;fsbts; D:\WINDOWS\system32\Drivers\fsbts.sys [2010-12-17 42664]
R0 FSFW;F-Secure Firewall Driver; D:\WINDOWS\System32\drivers\fsdfw.sys [2009-08-05 80000]
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\D:\Program Files\mmp\multisaver\HIPS\drivers\fshs.sys []
R1 intelppm;Sterownik procesora Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 kbdhid;Sterownik klawiatury HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\D:\Program Files\mmp\multisaver\Anti-Virus\minifilter\fsgk.sys []
R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;HID Class Driver; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-05-22 5082624]
R3 KoneFltr;ROCCAT Kone; D:\WINDOWS\system32\drivers\Kone.sys [2008-09-22 12672]
R3 mouhid;Sterownik myszy HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; D:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; D:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-07-14 7741664]
R3 rtl8139;Sterownik NT karty Realtek RTL8139(A/B/C)-based PCI Fast Ethernet; D:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Sterownik magazynu masowego USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; D:\WINDOWS\system32\drivers\WmBEnum.sys [2010-04-27 22856]
R3 WmFilter;Logitech Gaming HID Filter Driver; D:\WINDOWS\system32\drivers\WmFilter.sys [2010-04-27 37704]
R3 WmVirHid;Logitech Virtual Hid Device Driver; D:\WINDOWS\system32\drivers\WmVirHid.sys [2010-04-27 15048]
R3 WmXlCore;Logitech Translation Layer Driver; D:\WINDOWS\system32\drivers\WmXlCore.sys [2010-04-27 66632]
S3 Ambfilt;Ambfilt; D:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 Monfilt;Monfilt; D:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S4 F-Secure Filter;F-Secure File System Filter; \??\D:\Program Files\mmp\multisaver\Anti-Virus\Win2K\FSfilter.sys []
S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\D:\Program Files\mmp\multisaver\Anti-Virus\Win2K\FSrec.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 F-Secure Gatekeeper Handler Starter;FSGKHS; D:\Program Files\mmp\multisaver\Anti-Virus\fsgk32st.exe [2009-08-05 215648]
R2 FSMA;F-Secure Management Agent; D:\Program Files\mmp\multisaver\Common\FSMA32.EXE [2009-08-05 186976]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2010-11-09 153376]
R2 nvsvc;NVIDIA Display Driver Service; D:\WINDOWS\system32\nvsvc32.exe [2009-07-14 168004]
S2 MyWebSearchService;My Web Search Service; D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe [2010-12-02 28762]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-30 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; D:\Program Files\mmp\multisaver\FWES\Program\fsdfwd.exe [2009-08-05 522848]
S3 FSORSPClient;F-Secure ORSP Client; D:\Program Files\mmp\multisaver\ORSP Client\fsorsp.exe [2010-12-17 64016]
S3 idsvc;Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; D:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 Steam Client Service;Steam Client Service; D:\Program Files\Common Files\Steam\SteamService.exe [2010-11-17 403240]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------[/log]

[color="#ff0000"]//nie piszemy w innych tematach
//wydzielam
//dan[/color]

Tomek01
komentarz
komentarz

Jest infekcja autorun.inf oraz Adware MyWebSearch.


Zastosuj [b][color=#0000CD][url=http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe]Flash Disinfector[/url][/color][/b], najlepiej z podpiętym pendrive'm czy innymi pamięciami USB.

W OTL, w oknie Custom scan/fixes wklej:
[code]:Processes
Explorer.exe

:OTL
PRC - [2010-12-02 12:09:34 | 000,032,849 | ---- | M] (MyWebSearch.com) -- D:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
MOD - [2010-12-02 12:09:34 | 000,045,134 | ---- | M] (MyWebSearch.com) -- D:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
SRV - [2010-12-02 12:09:34 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Stopped] -- D:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService)
IE - HKU\S-1-5-21-2052111302-515967899-839522115-1003\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - D:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
FF - prefs.js..extensions.enabledItems: m3ffxtbr@mywebsearch.com:1.1
FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: D:\Program Files\MyWebSearch\bar\1.bin [2010-12-18 00:38:36 | 000,000,000 | ---D | M]
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - D:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - D:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - D:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] D:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [MyWebSearch Email Plugin] D:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (MyWebSearch.com)
O32 - AutoRun File - [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () - F:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () - G:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-12-02 15:46:43 | 000,000,063 | RHS- | M] () - H:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009-08-13 07:26:19 | 000,000,000 | R--D | M] - I:\AUTORUN -- [ CDFS ]
O32 - AutoRun File - [2004-09-27 04:24:38 | 000,000,041 | R--- | M] () - I:\AUTORUN.INF -- [ CDFS ]

:Files
D:\Program Files\MyWebSearch
D:\Program Files\FunWebProducts
D:\WINDOWS\System32\arking.exe
D:\WINDOWS\System32\arking0.dll
D:\WINDOWS\System32\mgking0.dll
D:\WINDOWS\System32\arking1.dll
D:\WINDOWS\System32\mgking.exe
D:\WINDOWS\System32\mgking1.dll
D:\autorun.inf
D:\i00dvoym.exe
D:\et3ypes.exe
D:\bud3mkqr.exe
D:\cbbw88s.exe
D:\dwh.exe
D:\b9v.exe

:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{07B18EA9-A523-4961-B6BB-170DE4475CCA}=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"My Web Search Bar Search Scope Monitor"=-
"MyWebSearch Email Plugin"=-

:Services
MyWebSearchService

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]

Klikasz run fix, komputer uruchamia się ponownie.
Wrzuć log z usuwania oraz nowe logi: OTL i RSIT


Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i wyniki pokaż na forum.

hot123
komentarz
komentarz

Mam log z Malwarebytes, aż wstyd pokazywać, syf :P

[log]Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Wersja bazy: 5351

Windows 5.1.2600 Dodatek Service Pack 3
Internet Explorer 8.0.6001.18702

2010-12-19 04:27:55
mbam-log-2010-12-19 (04-27-55).txt

Typ skanowania: Pełne skanowanie (C:\|D:\|E:\|F:\|G:\|H:\|)
Przeskanowano obiektów: 596258
Upłynęło: 4 godzin(y), 8 minut(y), 54 sekund(y)

Zainfekowanych procesów w pamięci: 0
Zainfekowanych modułów w pamięci: 0
Zainfekowanych kluczy rejestru: 21
Zainfekowanych wartości rejestru: 2
Zainfekowane informacje rejestru systemowego: 0
Zainfekowanych folderów: 5
Zainfekowanych plików: 401

Zainfekowanych procesów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych modułów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych kluczy rejestru:
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\MADOWN (Worm.Magania) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MyWebSearchService (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Zainfekowanych wartości rejestru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Value: MyWebSearch bar Uninstall -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> Value: (default) -> Quarantined and deleted successfully.

Zainfekowane informacje rejestru systemowego:
(Nie znaleziono zagrożeń)

Zainfekowanych folderów:
d:\program files\mywebsearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\mywebsearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\mywebsearch\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\mywebsearch\bar\1.bin\chrome (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\mywebsearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Zainfekowanych plików:
d:\program files\uninstall fun web products.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\09lf.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\2bbi1ax.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\2ul.exe (Worm.Magania) -> Quarantined and deleted successfully.
c:\33r.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\3dcs9.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\62.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\s1.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\tgt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\utcddeq.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\vgyn6ewc.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\wyskq6lt.exe (Worm.Taterf) -> Quarantined and deleted successfully.
c:\x3xh.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\xcr.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\y6cqb2is.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\ysyjq1bs.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\dqm.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\dwh.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\et3ypes.exe (Spyware.PWS) -> Quarantined and deleted successfully.
c:\eyruu.exe (Worm.Magania) -> Quarantined and deleted successfully.
c:\fk.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\g6jk.exe (Worm.Magania) -> Quarantined and deleted successfully.
c:\ggb6w.exe (Trojan.Onlinegames) -> Quarantined and deleted successfully.
c:\hc3hvi0.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\ho0q.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\i8ikdjwt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\awb3ryk.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\b9v.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\ba.exe (Worm.Taterf) -> Quarantined and deleted successfully.
c:\biriprg.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\bu8.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\ca.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\cbbw88s.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\cgaqyi.exe (Trojan.PWS) -> Quarantined and deleted successfully.
c:\chxnxyx.exe (Worm.Taterf) -> Quarantined and deleted successfully.
c:\affi8l.exe (Worm.Taterf) -> Quarantined and deleted successfully.
c:\krwyrv0d.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\mk28sp.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\n0qls.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016332.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016281.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016325.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016326.exe (Worm.Magania) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016327.exe (Worm.Taterf) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016328.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016329.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016330.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016331.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016333.exe (Worm.Taterf) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016334.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016335.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016337.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016338.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016339.exe (Trojan.PWS) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016340.exe (Worm.Taterf) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016341.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016342.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016343.exe (Spyware.PWS) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016344.exe (Worm.Magania) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016346.exe (Worm.Magania) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016347.exe (Trojan.Onlinegames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016348.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016349.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016351.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016352.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016353.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016354.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016357.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016358.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016361.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016362.exe (Worm.Taterf) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016363.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016364.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016365.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016366.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016367.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016417.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016418.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\Users\Michał\Desktop\aktywator\aktywator.exe (Trojan.Agent) -> Quarantined and deleted successfully.
d:\program files\mywebsearch\bar\1.bin\F3HTMLMU.DLL (PUP.FunWebProducts) -> Not selected for removal.
d:\program files\mywebsearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\mywebsearch\bar\1.bin\MWSBAR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\mywebsearch\bar\1.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\mywebsearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP38\A0013812.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP38\A0013813.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP38\A0013814.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP38\A0013815.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP41\A0014799.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP41\A0014800.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP41\A0014801.exe (Malware.Packer) -> Quarantined and deleted successfully.
d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP41\A0014802.dll (Malware.Packer) -> Quarantined and deleted successfully.
d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP45\A0016121.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP45\A0016122.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP45\A0016123.exe (Malware.Packer) -> Quarantined and deleted successfully.
d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP45\A0016124.dll (Malware.Packer) -> Quarantined and deleted successfully.
d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016276.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016277.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016282.exe (Malware.Packer) -> Quarantined and deleted successfully.
d:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016283.dll (Malware.Packer) -> Quarantined and deleted successfully.
d:\WINDOWS\system32\arking.exe (Malware.Packer) -> Quarantined and deleted successfully.
d:\WINDOWS\system32\arking0.dll (Malware.Packer) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016383.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016369.exe (Worm.Magania) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016370.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016371.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016372.exe (Worm.Taterf) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016373.exe (Trojan.Agent) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016374.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016375.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016376.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016377.exe (Worm.Taterf) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016378.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016379.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016380.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016382.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016384.exe (Worm.Taterf) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016385.exe (Trojan.PWS) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016386.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016387.exe (Spyware.PWS) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016388.exe (Worm.Magania) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016389.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016390.exe (Worm.Magania) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016392.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016393.exe (Trojan.Onlinegames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016394.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016395.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016396.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016397.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016400.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016402.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016403.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016405.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016407.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016408.exe (Worm.Taterf) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016409.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016410.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016411.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016412.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016413.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
e:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016415.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\09lf.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\2bbi1ax.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\2ul.exe (Worm.Magania) -> Quarantined and deleted successfully.
f:\33r.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\3dcs9.exe (Trojan.Agent) -> Quarantined and deleted successfully.
f:\et3ypes.exe (Spyware.PWS) -> Quarantined and deleted successfully.
f:\eyruu.exe (Worm.Magania) -> Quarantined and deleted successfully.
f:\fk.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\g6jk.exe (Worm.Magania) -> Quarantined and deleted successfully.
f:\ggb6w.exe (Trojan.Onlinegames) -> Quarantined and deleted successfully.
f:\hc3hvi0.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\ho0q.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\i8ikdjwt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\krwyrv0d.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\mk28sp.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\n0qls.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\o1.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\s1.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\sq.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\62.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\6phx.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\8paf1d.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\affi8l.exe (Worm.Taterf) -> Quarantined and deleted successfully.
f:\awb3ryk.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\b.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\b9v.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\ba.exe (Worm.Taterf) -> Quarantined and deleted successfully.
f:\biriprg.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\bu8.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\ca.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\cbbw88s.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\cgaqyi.exe (Trojan.PWS) -> Quarantined and deleted successfully.
f:\chxnxyx.exe (Worm.Taterf) -> Quarantined and deleted successfully.
f:\d9c.bat (Worm.Magania) -> Quarantined and deleted successfully.
f:\dqm.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\dwh.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\tgt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\ucivd6xi.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\upx.bat (Worm.AutoRun) -> Quarantined and deleted successfully.
f:\utcddeq.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\vgyn6ewc.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\whi.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\wyskq6lt.exe (Worm.Taterf) -> Quarantined and deleted successfully.
f:\x3xh.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\xbvv6o.com (Trojan.Gamania) -> Quarantined and deleted successfully.
f:\xcr.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\y.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\y6cqb2is.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\ysyjq1bs.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\3j2h0tf.bat (Worm.Magania) -> Quarantined and deleted successfully.
f:\Michał\downloads\minimizer\minimizer\minimizer.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
f:\Michał\Instalki\ventrilo-2.1.4-windows-i386.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
f:\Michał\Instalki\fruityloops.studio.producer.edition.xxl.v8.0.0-nope\fruityloops.studio.producer.edition.xxl.v8.0.0-nope\np-fls80\fruityloops.studio.producer.edition.xxl.v8.0.0-nope\Crack\fruityloops.studio.producer.edition.xxl.v8.0.0-nope.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP902\A0248841.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP903\A0248848.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP904\A0248863.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP905\A0248899.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP905\A0248912.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP905\A0248942.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP905\A0248984.cmd (Worm.Tartef) -> Quarantined and deleted successfully.
f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP905\A0249983.cmd (Worm.Tartef) -> Quarantined and deleted successfully.
f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP906\A0251038.cmd (Worm.Tartef) -> Quarantined and deleted successfully.
f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP906\A0251046.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP909\A0252167.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP909\A0252186.cmd (Worm.Magania) -> Quarantined and deleted successfully.
f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP910\A0252191.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP910\A0252205.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP910\A0252215.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP910\A0253219.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP910\A0253253.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP911\A0253257.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP912\A0253337.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP912\A0253359.cmd (Worm.Magania) -> Quarantined and deleted successfully.
f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP929\A0262752.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP929\A0263715.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP929\A0263716.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{3202478f-f802-4b8d-a5d7-6496396c7669}\RP929\A0263737.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP308\A0038858.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP289\A0032493.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP290\A0032508.exe (Worm.Magania) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP291\A0032518.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP292\A0032536.bat (Worm.Magania) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP293\A0032564.exe (Worm.Magania) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP294\A0032586.exe (Worm.Magania) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP295\A0032602.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP296\A0032628.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP296\A0032758.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP296\A0034758.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP296\A0035768.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP296\A0036768.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP296\A0037768.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP296\A0037815.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP296\A0037826.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP296\A0037841.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP296\A0037895.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP296\A0033758.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP296\A0037804.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP297\A0037899.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP297\A0037988.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP297\A0037999.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP297\A0038154.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP298\A0038217.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP299\A0038248.exe (Worm.Magania) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP300\A0038299.exe (Worm.Magania) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP301\A0038317.exe (Trojan.GameThief) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP302\A0038339.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP303\A0038346.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP304\A0038372.exe (Worm.Magania) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP305\A0038400.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP306\A0038451.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP307\A0038743.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP309\A0038872.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP309\A0039204.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP310\A0039243.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP311\A0039260.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP312\A0039277.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP313\A0039290.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP314\A0039318.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP315\A0039342.exe (Worm.Magania) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP316\A0039364.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP317\A0039403.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP318\A0039432.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP319\A0039460.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP320\A0039495.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP321\A0039522.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP322\A0039547.exe (Worm.Taterf) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP323\A0039581.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP324\A0039612.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP325\A0039643.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP326\A0039680.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP327\A0039711.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP328\A0039738.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP329\A0039773.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP331\A0039873.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP331\A0040049.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP332\A0040069.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP332\A0041050.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP333\A0041070.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP334\A0041091.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP335\A0041115.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP336\A0041214.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP337\A0041254.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP338\A0041277.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP339\A0041304.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP340\A0041309.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP340\A0041380.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP340\A0041421.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP341\A0041429.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP341\A0041521.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP342\A0041536.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{7815cabc-a5d0-4062-b0e2-dd4189229006}\RP342\A0041570.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016280.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP143\A0010744.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP144\A0010787.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP144\A0010932.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP144\A0011808.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP144\A0011822.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP144\A0011836.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP145\A0011840.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP146\A0011884.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP146\A0011938.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP147\A0011943.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP147\A0011954.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP148\A0011961.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP149\A0011966.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP150\A0011971.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP151\A0011978.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP151\A0012032.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP151\A0012041.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP151\A0012052.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP152\A0012058.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP152\A0012092.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP152\A0012108.exe (Password.Stealer) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP152\A0012124.exe (Password.Stealer) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP153\A0012131.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP153\A0013124.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
f:\system volume information\_restore{e9f3d704-88b7-4518-ab0e-c9e4cbd2d9e6}\RP154\A0013492.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\affi8l.exe (Worm.Taterf) -> Quarantined and deleted successfully.
g:\mk28sp.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\09lf.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\2bbi1ax.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\2ul.exe (Worm.Magania) -> Quarantined and deleted successfully.
g:\33r.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\3dcs9.exe (Trojan.Agent) -> Quarantined and deleted successfully.
g:\62.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\awb3ryk.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\b9v.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\ba.exe (Worm.Taterf) -> Quarantined and deleted successfully.
g:\biriprg.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\bu8.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\ca.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\cbbw88s.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\cgaqyi.exe (Trojan.PWS) -> Quarantined and deleted successfully.
g:\chxnxyx.exe (Worm.Taterf) -> Quarantined and deleted successfully.
g:\dqm.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\dwh.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\et3ypes.exe (Spyware.PWS) -> Quarantined and deleted successfully.
g:\eyruu.exe (Worm.Magania) -> Quarantined and deleted successfully.
g:\fk.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\g6jk.exe (Worm.Magania) -> Quarantined and deleted successfully.
g:\ggb6w.exe (Trojan.Onlinegames) -> Quarantined and deleted successfully.
g:\hc3hvi0.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\ho0q.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\i8ikdjwt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\krwyrv0d.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\n0qls.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\s1.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\tgt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\utcddeq.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\vgyn6ewc.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\wyskq6lt.exe (Worm.Taterf) -> Quarantined and deleted successfully.
g:\x3xh.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\xcr.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\y6cqb2is.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\ysyjq1bs.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
g:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016279.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\09lf.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\2bbi1ax.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\2ul.exe (Worm.Magania) -> Quarantined and deleted successfully.
h:\33r.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\3dcs9.exe (Trojan.Agent) -> Quarantined and deleted successfully.
h:\62.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\affi8l.exe (Worm.Taterf) -> Quarantined and deleted successfully.
h:\awb3ryk.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\b9v.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\ba.exe (Worm.Taterf) -> Quarantined and deleted successfully.
h:\biriprg.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\bu8.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\ca.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\cbbw88s.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\cgaqyi.exe (Trojan.PWS) -> Quarantined and deleted successfully.
h:\chxnxyx.exe (Worm.Taterf) -> Quarantined and deleted successfully.
h:\dqm.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\dwh.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\et3ypes.exe (Spyware.PWS) -> Quarantined and deleted successfully.
h:\eyruu.exe (Worm.Magania) -> Quarantined and deleted successfully.
h:\fk.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\g6jk.exe (Worm.Magania) -> Quarantined and deleted successfully.
h:\ggb6w.exe (Trojan.Onlinegames) -> Quarantined and deleted successfully.
h:\hc3hvi0.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\ho0q.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\i8ikdjwt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\krwyrv0d.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\mk28sp.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\n0qls.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\s1.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\tgt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\utcddeq.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\vgyn6ewc.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\wyskq6lt.exe (Worm.Taterf) -> Quarantined and deleted successfully.
h:\x3xh.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\xcr.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\y6cqb2is.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\ysyjq1bs.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
h:\downloads\rapiddownloads\61x_popcap_games\61x popcap games\!CRACK\UniCrack.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
h:\downloads\rapiddownloads\61x_popcap_games\61x popcap games\Atomica\keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
h:\Gry\Counter\platform\Admin\adminserver.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
h:\system volume information\_restore{e27e93a5-43ee-427c-a7e9-3c0ef086dd36}\RP47\A0016278.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
d:\program files\mywebsearch\bar\1.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
d:\program files\mywebsearch\bar\History\search3 (Adware.MyWebSearch) -> Quarantined and deleted successfully.[/log]

Jak włączyłem Dr.Weba wykonał szybki skan, i nic już nie wykrył. loga nie mam. Zostawiłem na noc na pełny skan ale chyba w nocy prądu nie było :/
Także zostawie to na koniec.

Tomek01
komentarz
komentarz

Mbam wykonał dobrą robotę, wyrył również ślady Vundo w rejestrze, ale usunął.

Czekam na zestaw logów, o które prosiłem.

hot123
komentarz
komentarz (edytowane)

A to chyba potwierdzenie tej roboty :)

[log]All processes killed
========== PROCESSES ==========
Process Explorer.exe killed successfully!
========== OTL ==========
No active process named MWSOEMON.EXE was found!
Error: No service named MyWebSearchService was found to stop!
Service\Driver key MyWebSearchService not found.
File D:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE not found.
Registry value HKEY_USERS\S-1-5-21-2052111302-515967899-839522115-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00A6FAF6-072E-44cf-8957-5838F569A31D} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\ not found.
File D:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL not found.
Prefs.js: m3ffxtbr@mywebsearch.com:1.1 removed from extensions.enabledItems
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com not found.
File D:\Program Files\MyWebSearch\bar\1.bin not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}\ not found.
File D:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\ not found.
File D:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ not found.
File HKLM..\Run: [My Web Search Bar Search Scope Monitor] D:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Email Plugin not found.
File D:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE not found.
Folder move failed. C:\autorun.inf scheduled to be moved on reboot.
D:\autorun.inf folder moved successfully.
Folder move failed. E:\autorun.inf scheduled to be moved on reboot.
Folder move failed. F:\autorun.inf scheduled to be moved on reboot.
Folder move failed. G:\autorun.inf scheduled to be moved on reboot.
Folder move failed. H:\autorun.inf scheduled to be moved on reboot.
File not found.
File I:\AUTORUN.INF not found.
========== FILES ==========
File\Folder D:\Program Files\MyWebSearch not found.
File\Folder D:\Program Files\FunWebProducts not found.
File\Folder D:\WINDOWS\System32\arking.exe not found.
File\Folder D:\WINDOWS\System32\arking0.dll not found.
File\Folder D:\WINDOWS\System32\mgking0.dll not found.
File\Folder D:\WINDOWS\System32\arking1.dll not found.
File\Folder D:\WINDOWS\System32\mgking.exe not found.
File\Folder D:\WINDOWS\System32\mgking1.dll not found.
File\Folder D:\autorun.inf not found.
File\Folder D:\i00dvoym.exe not found.
File\Folder D:\et3ypes.exe not found.
File\Folder D:\bud3mkqr.exe not found.
File\Folder D:\cbbw88s.exe not found.
File\Folder D:\dwh.exe not found.
File\Folder D:\b9v.exe not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\My Web Search Bar Search Scope Monitor not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Email Plugin not found.
========== SERVICES/DRIVERS ==========
Error: No service named MyWebSearchService was found to stop!
Service\Driver key MyWebSearchService not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Żuczek
->Temp folder emptied: 516217968 bytes
->Temporary Internet Files folder emptied: 170782249 bytes
->Java cache emptied: 455607 bytes
->FireFox cache emptied: 81474147 bytes
->Flash cache emptied: 87038 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2334857 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1005773 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 737,00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 12192010_214821

Files\Folders moved on Reboot...
Folder move failed. C:\autorun.inf scheduled to be moved on reboot.
Folder move failed. E:\autorun.inf scheduled to be moved on reboot.
Folder move failed. F:\autorun.inf scheduled to be moved on reboot.
Folder move failed. G:\autorun.inf scheduled to be moved on reboot.
Folder move failed. H:\autorun.inf scheduled to be moved on reboot.

Registry entries deleted on Reboot...[/log]

[b]log OTL[/b]
[log]OTL logfile created on: 2010-12-19 21:56:06 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = D:\Documents and Settings\Żuczek\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 70,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): D:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 29,29 Gb Total Space | 4,18 Gb Free Space | 14,28% Space Free | Partition Type: NTFS
Drive D: | 97,25 Gb Total Space | 85,58 Gb Free Space | 88,00% Space Free | Partition Type: NTFS
Drive E: | 400,01 Gb Total Space | 391,63 Gb Free Space | 97,91% Space Free | Partition Type: NTFS
Drive F: | 119,75 Gb Total Space | 0,97 Gb Free Space | 0,81% Space Free | Partition Type: NTFS
Drive G: | 500,00 Gb Total Space | 499,64 Gb Free Space | 99,93% Space Free | Partition Type: NTFS
Drive H: | 400,00 Gb Total Space | 25,98 Gb Free Space | 6,50% Space Free | Partition Type: NTFS
Drive I: | 1,52 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive J: | 7,45 Gb Total Space | 7,45 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

Computer Name: ZCK | User Name: Żuczek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-12-18 00:55:05 | 000,575,488 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Żuczek\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2010-12-17 21:17:27 | 000,064,016 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\ORSP Client\fsorsp.exe
PRC - [2010-12-17 21:05:43 | 000,365,248 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\Anti-Virus\fsav32.exe
PRC - [2010-12-17 21:04:04 | 000,783,016 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\Anti-Virus\fssm32.exe
PRC - [2010-12-17 21:04:04 | 000,492,200 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\Anti-Virus\fsgk32.exe
PRC - [2010-12-11 02:50:46 | 000,016,856 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-12-11 02:50:45 | 000,912,344 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-11-09 17:39:09 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\spoolsv.exe
PRC - [2010-06-14 16:10:32 | 000,153,672 | ---- | M] (Logitech Inc.) -- D:\Program Files\Logitech\Gaming Software\LWEMon.exe
PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-01-15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- D:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009-08-05 16:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\Common\FSMA32.EXE
PRC - [2009-08-05 16:58:50 | 000,199,264 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\Common\FSM32.EXE
PRC - [2009-08-05 16:58:50 | 000,088,672 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\Common\FSHDLL32.EXE
PRC - [2009-08-05 16:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\FWES\program\fsdfwd.exe
PRC - [2009-08-05 16:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) -- D:\Program Files\mmp\multisaver\Anti-Virus\fsgk32st.exe
PRC - [2009-07-14 13:34:58 | 000,168,004 | ---- | M] (NVIDIA Corporation) -- D:\WINDOWS\system32\nvsvc32.exe
PRC - [2009-06-30 18:11:10 | 001,678,848 | ---- | M] () -- D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
PRC - [2009-05-21 07:01:02 | 017,881,600 | ---- | M] (Realtek Semiconductor Corp.) -- D:\WINDOWS\RTHDCPL.EXE
PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\services.exe
PRC - [2009-02-06 11:10:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2008-10-06 11:51:46 | 000,151,552 | ---- | M] (ROCCAT) -- D:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE
PRC - [2008-10-06 11:40:32 | 000,458,752 | ---- | M] (ROCCAT) -- D:\Program Files\ROCCAT\Kone Mouse\OSD.exe
PRC - [2008-04-14 18:21:49 | 000,126,464 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 18:21:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 18:21:42 | 000,050,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 18:21:38 | 000,033,280 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 18:21:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2008-04-14 18:21:10 | 000,006,144 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 18:21:02 | 000,044,544 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\alg.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-12-18 00:55:05 | 000,575,488 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Żuczek\Moje dokumenty\Pobieranie\OTL.exe
MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010-08-16 09:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\rpcrt4.dll
MOD - [2010-07-27 07:30:33 | 008,491,008 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shell32.dll
MOD - [2010-07-16 13:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ole32.dll
MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\shlwapi.dll
MOD - [2009-08-05 16:58:30 | 000,330,336 | ---- | M] () -- \\?\d:\program files\mmp\multisaver\hips\fshook32.dll
MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\secur32.dll
MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 11:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 18:21:56 | 000,146,432 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 18:20:57 | 000,018,944 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\version.dll
MOD - [2008-04-14 18:20:56 | 000,580,096 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 18:20:56 | 000,219,648 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 18:20:56 | 000,067,584 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 18:20:44 | 000,551,936 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 18:20:44 | 000,084,992 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 18:20:44 | 000,023,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 18:20:39 | 000,343,040 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 18:20:35 | 000,586,240 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\mlang.dll
MOD - [2008-04-14 18:20:32 | 000,110,080 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 18:20:31 | 000,185,344 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 18:20:14 | 000,822,272 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comres.dll
MOD - [2008-04-14 18:20:13 | 000,280,064 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 18:20:11 | 000,498,688 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-14 18:16:32 | 000,110,592 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-14 18:12:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msctfime.ime


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-12-17 21:17:27 | 000,064,016 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- D:\Program Files\mmp\multisaver\ORSP Client\fsorsp.exe -- (FSORSPClient)
SRV - [2010-11-17 14:22:27 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- D:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010-01-15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- D:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009-08-05 16:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) [Auto | Running] -- D:\Program Files\mmp\multisaver\Common\FSMA32.EXE -- (FSMA)
SRV - [2009-08-05 16:57:20 | 000,522,848 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- D:\Program Files\mmp\multisaver\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2009-08-05 16:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- D:\Program Files\mmp\multisaver\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-12-17 21:06:05 | 000,042,664 | ---- | M] () [Kernel | Boot | Running] -- D:\WINDOWS\system32\Drivers\fsbts.sys -- (fsbts)
DRV - [2010-12-17 21:04:59 | 000,130,728 | ---- | M] () [Kernel | On_Demand | Running] -- D:\Program Files\mmp\multisaver\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2010-04-27 16:57:28 | 000,066,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2010-04-27 16:57:28 | 000,015,048 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2010-04-27 16:57:22 | 000,022,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2010-04-27 14:01:26 | 000,037,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2009-08-05 16:58:30 | 000,068,064 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- D:\Program Files\mmp\multisaver\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2009-08-05 16:57:20 | 000,080,000 | ---- | M] (F-Secure Corporation) [Kernel | Boot | Running] -- D:\WINDOWS\System32\drivers\fsdfw.sys -- (FSFW)
DRV - [2009-08-05 16:56:14 | 000,039,776 | ---- | M] () [Kernel | Disabled | Stopped] -- D:\Program Files\mmp\multisaver\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter)
DRV - [2009-08-05 16:56:14 | 000,025,184 | ---- | M] () [Kernel | Disabled | Stopped] -- D:\Program Files\mmp\multisaver\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer)
DRV - [2009-07-14 19:54:00 | 007,741,664 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009-05-22 16:37:50 | 005,082,624 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-09-22 09:09:12 | 000,012,672 | ---- | M] (ROCCAT Ltd) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\Kone.sys -- (KoneFltr)
DRV - [2008-08-05 13:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008-04-13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006-01-04 08:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2004-08-13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2052111302-515967899-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2052111302-515967899-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=;

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.5
FF - prefs.js..extensions.enabledItems: support@real-hide-ip.com:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010-12-11 02:50:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010-12-11 02:50:51 | 000,000,000 | ---D | M]

[2010-11-09 10:46:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla\Extensions
[2010-12-19 16:52:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla\Firefox\Profiles\dolhcyuq.default\extensions
[2010-11-19 15:14:25 | 000,000,000 | ---D | M] (FlashGot) -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla\Firefox\Profiles\dolhcyuq.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010-11-16 19:06:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla\Firefox\Profiles\dolhcyuq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-11-09 15:19:05 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla\Firefox\Profiles\dolhcyuq.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010-12-17 20:35:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla\Firefox\Profiles\dolhcyuq.default\extensions\support@real-hide-ip.com
[2010-12-19 16:52:40 | 000,000,000 | ---D | M] -- D:\Program Files\Mozilla Firefox\extensions
[2010-11-09 17:39:25 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010-11-09 17:39:09 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-10-27 06:37:26 | 000,002,767 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-10-27 06:37:26 | 000,001,406 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-10-27 06:37:26 | 000,000,917 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-10-27 06:37:26 | 000,000,858 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-10-27 06:37:26 | 000,001,183 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-10-27 06:37:26 | 000,001,683 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-12-18 00:33:07 | 000,000,355 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O4 - HKLM..\Run: [F-Secure Manager] D:\Program Files\mmp\multisaver\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] D:\Program Files\mmp\multisaver\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [Kone] D:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE (ROCCAT)
O4 - HKLM..\Run: [NvCplDaemon] D:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] D:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] D:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [Start WingMan Profiler] D:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - Startup: D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk = D:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: D:\Documents and Settings\Żuczek\Menu Start\Programy\Autostart\GIGABYTE Gamer HUD Lite.lnk = D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2052111302-515967899-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2052111302-515967899-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-2052111302-515967899-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\Program Files\mmp\multisaver\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\Program Files\mmp\multisaver\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\Program Files\mmp\multisaver\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - D:\Program Files\mmp\multisaver\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-02-02 19:01:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-12-19 21:46:45 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-12-19 21:46:45 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-12-19 21:46:46 | 000,000,000 | RHSD | M] - F:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-12-19 21:46:46 | 000,000,000 | RHSD | M] - G:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-12-19 21:46:46 | 000,000,000 | RHSD | M] - H:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-12-18 00:41:08 | 000,000,000 | RHSD | M] - J:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-12-19 21:48:21 | 000,000,000 | ---D | C] -- D:\_OTL
[2010-12-19 20:40:32 | 000,000,000 | ---D | C] -- D:\Program Files\USB Drum
[2010-12-19 06:59:36 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\DoctorWeb
[2010-12-19 03:21:19 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\KB905474
[2010-12-19 00:09:49 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Malwarebytes
[2010-12-19 00:09:43 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-12-19 00:09:42 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2010-12-19 00:09:39 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbam.sys
[2010-12-19 00:09:38 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes' Anti-Malware
[2010-12-18 01:13:25 | 000,000,000 | ---D | C] -- D:\Program Files\trend micro
[2010-12-18 01:13:25 | 000,000,000 | ---D | C] -- D:\rsit
[2010-12-17 21:34:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\F-Secure
[2010-12-17 21:00:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\F-Secure
[2010-12-17 21:00:21 | 000,080,000 | ---- | C] (F-Secure Corporation) -- D:\WINDOWS\System32\drivers\fsdfw.sys
[2010-12-17 20:59:20 | 000,000,000 | ---D | C] -- D:\Program Files\mmp
[2010-12-17 20:58:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\fssg
[2010-12-17 20:56:41 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\f-secure
[2010-12-17 03:08:29 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\RealHideIP
[2010-12-17 03:08:29 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\RealHideIP
[2010-12-17 03:08:04 | 000,000,000 | ---D | C] -- D:\Program Files\RealHideIP
[2010-12-15 22:06:35 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- D:\WINDOWS\System32\npptNT2.sys
[2010-12-02 15:19:14 | 000,000,000 | ---D | C] -- D:\WINDOWS\Minidump
[2010-12-01 09:24:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\YoudaGames
[2010-12-01 09:23:56 | 000,000,000 | ---D | C] -- D:\Program Files\Governor of Poker 2 Premium Edition
[2010-11-29 20:31:30 | 000,000,000 | ---D | C] -- D:\WINDOWS\Sun
[2010-11-23 01:22:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Focus Home Interactive
[2010-11-22 17:40:50 | 000,000,000 | ---D | C] -- D:\Program Files\PlayReady
[2010-11-21 17:25:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Dane aplikacji\McAfee
[2010-11-18 16:29:01 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Adobe
[2010-11-18 16:28:08 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Adobe
[2010-11-18 16:28:04 | 000,000,000 | ---D | C] -- D:\Program Files\Adobe
[2010-11-18 16:28:03 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Adobe AIR
[2010-11-18 16:26:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\McAfee Security Scan
[2010-11-18 16:26:45 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\McAfee
[2010-11-18 16:26:39 | 000,000,000 | ---D | C] -- D:\Program Files\McAfee Security Scan
[2010-11-18 16:26:35 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Adobe
[2010-11-18 12:40:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Moje dokumenty\My Downloads
[2010-11-18 12:40:03 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\IGN_DLM
[2010-11-18 12:38:39 | 000,000,000 | ---D | C] -- D:\Program Files\Download Manager
[2010-11-16 19:22:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Treyarch
[2010-11-16 13:52:13 | 000,000,000 | ---D | C] -- D:\Program Files\NAPI-PROJEKT
[2010-11-10 20:56:02 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Activision
[2010-11-10 20:20:03 | 000,000,000 | ---D | C] -- D:\WINDOWS\Logs
[2010-11-10 20:06:19 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Steam
[2010-11-09 17:39:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Sun
[2010-11-09 17:39:38 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Java
[2010-11-09 17:39:06 | 000,000,000 | ---D | C] -- D:\Program Files\Java
[2010-11-09 17:38:17 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Sun
[2010-11-09 15:11:36 | 000,000,000 | ---D | C] -- D:\WINDOWS\Prefetch
[2010-11-09 15:03:18 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\pl
[2010-11-09 15:03:18 | 000,000,000 | ---D | C] -- D:\WINDOWS\l2schemas
[2010-11-09 15:03:18 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\bits
[2010-11-09 14:58:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\network diagnostic
[2010-11-09 14:55:02 | 000,000,000 | -H-D | C] -- D:\WINDOWS\$NtServicePackUninstall$
[2010-11-09 14:47:03 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\XPSViewer
[2010-11-09 14:47:01 | 000,000,000 | ---D | C] -- D:\Program Files\MSBuild
[2010-11-09 14:45:18 | 000,000,000 | ---D | C] -- D:\Program Files\MSXML 6.0
[2010-11-09 14:38:15 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Żuczek\IETldCache
[2010-11-09 14:35:02 | 000,000,000 | ---D | C] -- D:\WINDOWS\ie8updates
[2010-11-09 14:34:49 | 000,000,000 | ---D | C] -- D:\WINDOWS\WBEM
[2010-11-09 14:33:49 | 000,000,000 | -H-D | C] -- D:\WINDOWS\ie8
[2010-11-09 14:33:49 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\pl-PL
[2010-11-09 14:17:39 | 000,000,000 | ---D | C] -- D:\WINDOWS\ServicePackFiles
[2010-11-09 13:32:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Media Player Classic
[2010-11-09 13:29:56 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\PreInstall
[2010-11-09 13:29:54 | 000,000,000 | -H-D | C] -- D:\WINDOWS\$hf_mig$
[2010-11-09 13:08:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\WinRAR
[2010-11-09 12:41:09 | 000,000,000 | -HSD | C] -- D:\RECYCLER
[2010-11-09 12:35:17 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\ipla
[2010-11-09 12:35:17 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-11-09 12:35:10 | 000,000,000 | ---D | C] -- D:\Program Files\ipla
[2010-11-09 12:34:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Gadu-Gadu 10
[2010-11-09 12:34:53 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-11-09 12:34:38 | 000,000,000 | ---D | C] -- D:\Program Files\Gadu-Gadu 10
[2010-11-09 12:33:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Moje dokumenty\Pobieranie
[2010-11-09 12:33:33 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Macromedia
[2010-11-09 12:33:33 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Adobe
[2010-11-09 12:27:09 | 000,000,000 | ---D | C] -- D:\Program Files\Mozilla Firefox
[2010-11-09 12:05:51 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Ventrilo
[2010-11-09 12:05:37 | 000,000,000 | ---D | C] -- D:\Program Files\Ventrilo
[2010-11-09 11:33:29 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Deployment
[2010-11-09 11:32:26 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\en-US
[2010-11-09 11:32:21 | 000,000,000 | ---D | C] -- D:\Program Files\Reference Assemblies
[2010-11-09 11:31:41 | 000,000,000 | R-SD | C] -- D:\WINDOWS\assembly
[2010-11-09 11:31:27 | 000,000,000 | ---D | C] -- D:\WINDOWS\Microsoft.NET
[2010-11-09 11:30:49 | 000,000,000 | RH-D | C] -- D:\AHCache
[2010-11-09 11:28:19 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\ROCCAT
[2010-11-09 11:27:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\ROCCAT
[2010-11-09 11:27:06 | 000,000,000 | ---D | C] -- D:\Program Files\DIFX
[2010-11-09 11:26:56 | 000,012,672 | ---- | C] (ROCCAT Ltd) -- D:\WINDOWS\System32\drivers\Kone.sys
[2010-11-09 11:26:56 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\DRVSTORE
[2010-11-09 11:26:49 | 000,000,000 | ---D | C] -- D:\Program Files\ROCCAT
[2010-11-09 11:22:30 | 000,000,000 | ---D | C] -- D:\Program Files\Logitech
[2010-11-09 11:22:30 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Logitech
[2010-11-09 11:21:17 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- D:\WINDOWS\System32\lameACM.acm
[2010-11-09 11:21:16 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- D:\WINDOWS\System32\yv12vfw.dll
[2010-11-09 11:21:16 | 000,151,552 | ---- | C] (fccHandler) -- D:\WINDOWS\System32\ac3acm.acm
[2010-11-09 11:21:14 | 000,000,000 | ---D | C] -- D:\Program Files\K-Lite Codec Pack
[2010-11-09 11:19:39 | 000,000,000 | ---D | C] -- D:\Program Files\WinRAR
[2010-11-09 11:15:54 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Moje dokumenty\temp
[2010-11-09 11:13:15 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ReinstallBackups
[2010-11-09 11:13:12 | 000,061,440 | ---- | C] (Khronos Group) -- D:\WINDOWS\System32\OpenCL.dll
[2010-11-09 11:12:09 | 000,000,000 | ---D | C] -- D:\NVIDIA
[2010-11-09 11:11:11 | 000,000,000 | ---D | C] -- D:\Program Files\GIGABYTE
[2010-11-09 11:05:00 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Lang
[2010-11-09 11:02:17 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Wise Installation Wizard
[2010-11-09 11:02:01 | 000,000,000 | -H-D | C] -- D:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2010-11-09 11:01:44 | 000,000,000 | ---D | C] -- D:\Program Files\NVIDIA Corporation
[2010-11-09 11:01:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation
[2010-11-09 10:54:46 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\RTCOM
[2010-11-09 10:54:14 | 000,290,816 | ---- | C] (Realtek Semiconductor Crop.) -- D:\WINDOWS\vncutil.exe
[2010-11-09 10:54:14 | 000,122,880 | ---- | C] (Realtek Semiconductor) -- D:\WINDOWS\RtkAudioService.exe
[2010-11-09 10:54:05 | 002,808,832 | ---- | C] (RealTek Semicoductor Corp.) -- D:\WINDOWS\ALCWZRD.EXE
[2010-11-09 10:54:05 | 001,684,736 | ---- | C] (Creative) -- D:\WINDOWS\System32\drivers\Ambfilt.sys
[2010-11-09 10:54:04 | 000,000,000 | -H-D | C] -- D:\Program Files\InstallShield Installation Information
[2010-11-09 10:54:04 | 000,000,000 | ---D | C] -- D:\Program Files\Realtek
[2010-11-09 10:53:55 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\InstallShield
[2010-11-09 10:46:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Mozilla
[2010-11-09 10:46:39 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Mozilla
[2010-11-09 10:20:36 | 000,000,000 | -HSD | C] -- D:\WINDOWS\Installer
[2010-11-09 10:20:35 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\ODBC
[2010-11-09 10:20:32 | 000,000,000 | R--D | C] -- D:\Program Files
[2010-11-09 10:20:32 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\SpeechEngines
[2010-11-09 10:20:32 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Microsoft Shared
[2010-11-09 10:20:32 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files
[2010-11-09 10:20:04 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Menu Start
[2010-11-09 10:20:04 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty
[2010-11-09 10:20:04 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\All Users\Szablony
[2010-11-09 10:20:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Ulubione
[2010-11-09 10:20:04 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Pulpit
[2010-11-09 10:18:14 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\CatRoot2
[2010-11-09 10:18:14 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\CatRoot
[2010-11-09 10:18:08 | 000,000,000 | --SD | C] -- D:\Documents and Settings\All Users\Dane aplikacji\Microsoft
[2010-11-09 10:18:08 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\All Users\Dane aplikacji
[2010-11-09 10:17:49 | 000,000,000 | -HSD | C] -- D:\System Volume Information
[2010-11-09 10:17:49 | 000,000,000 | ---D | C] -- D:\Documents and Settings
[2010-11-09 10:12:20 | 000,000,000 | R-SD | C] -- D:\WINDOWS\Fonts
[2010-11-09 10:12:20 | 000,000,000 | RHSD | C] -- D:\WINDOWS\System32\dllcache
[2010-11-09 10:12:20 | 000,000,000 | R--D | C] -- D:\WINDOWS\Web
[2010-11-09 10:12:20 | 000,000,000 | -H-D | C] -- D:\WINDOWS\inf
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\WinSxS
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\wins
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\wbem
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\usmt
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\twain_32
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Temp
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\system32
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\system
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\spool
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ShellExt
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Setup
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\security
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Resources
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\repair
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ras
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Provisioning
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\PeerNet
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\pchealth
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\oobe
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\npp
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\mui
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\mui
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\msapps
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\msagent
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Media
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\java
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\inetsrv
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\IME
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\ime
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\icsxml
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\ias
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Help
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\export
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\etc
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\ehome
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Driver Cache
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\drivers\disdn
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\dhcp
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Debug
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Cursors
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Connection Wizard
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\config
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\Config
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\AppPatch
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\addins
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\3com_dmi
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\3076
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\2052
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1054
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1045
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1042
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1041
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1037
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1033
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1031
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1028
[2010-11-09 10:12:20 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\1025
[2010-11-09 10:11:06 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Identities
[2010-11-09 10:11:05 | 000,000,000 | -H-D | C] -- D:\Program Files\Uninstall Information
[2010-11-09 10:11:04 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Żuczek\Moje dokumenty\Moje obrazy
[2010-11-09 10:11:04 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Żuczek\Moje dokumenty\Moja muzyka
[2010-11-09 10:10:56 | 000,000,000 | --SD | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Microsoft
[2010-11-09 10:10:56 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Żuczek\SendTo
[2010-11-09 10:10:56 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Żuczek\Recent
[2010-11-09 10:10:56 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Żuczek\Dane aplikacji
[2010-11-09 10:10:56 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Żuczek\Ulubione
[2010-11-09 10:10:56 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Żuczek\Moje dokumenty
[2010-11-09 10:10:56 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Żuczek\Menu Start
[2010-11-09 10:10:56 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\Żuczek\Cookies
[2010-11-09 10:10:56 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne
[2010-11-09 10:10:56 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Żuczek\Szablony
[2010-11-09 10:10:56 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Żuczek\PrintHood
[2010-11-09 10:10:56 | 000,000,000 | -H-D | C] -- D:\Documents and Settings\Żuczek\NetHood
[2010-11-09 10:10:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Pulpit
[2010-11-09 10:10:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-11-09 10:09:28 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\SoftwareDistribution
[2010-11-09 10:05:04 | 000,000,000 | ---D | C] -- D:\WINDOWS\SoftwareDistribution
[2010-11-09 10:05:01 | 000,000,000 | --SD | C] -- D:\WINDOWS\System32\Microsoft
[2010-11-09 10:05:01 | 000,000,000 | --SD | C] -- D:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2010-11-09 10:05:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-11-09 10:04:41 | 000,000,000 | --SD | C] -- D:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2010-11-09 10:04:41 | 000,000,000 | ---D | C] -- D:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-11-09 10:03:20 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia330.dll
[2010-11-09 10:03:20 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia001.dll
[2010-11-09 10:02:38 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- D:\WINDOWS\System32\dllcache\cap7146.sys
[2010-11-09 10:02:19 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\xircom
[2010-11-09 10:02:19 | 000,000,000 | ---D | C] -- D:\Program Files\xerox
[2010-11-09 10:02:19 | 000,000,000 | ---D | C] -- D:\Program Files\microsoft frontpage
[2010-11-09 10:00:55 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\All Users\DRM
[2010-11-09 10:00:47 | 000,000,000 | --SD | C] -- D:\WINDOWS\Downloaded Program Files
[2010-11-09 10:00:47 | 000,000,000 | R--D | C] -- D:\WINDOWS\Offline Web Pages
[2010-11-09 10:00:38 | 000,000,000 | -H-D | C] -- D:\Program Files\WindowsUpdate
[2010-11-09 10:00:33 | 000,000,000 | ---D | C] -- D:\Program Files\Usługi online
[2010-11-09 10:00:18 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\DirectX
[2010-11-09 09:59:49 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Services
[2010-11-09 09:59:46 | 000,000,000 | --SD | C] -- D:\WINDOWS\Tasks
[2010-11-09 09:59:46 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\MSSoap
[2010-11-09 09:59:42 | 000,000,000 | ---D | C] -- D:\WINDOWS\srchasst
[2010-11-09 09:59:41 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Macromed
[2010-11-09 09:59:34 | 000,000,000 | ---D | C] -- D:\Program Files\Movie Maker
[2010-11-09 09:59:27 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Restore
[2010-11-09 09:59:23 | 000,000,000 | ---D | C] -- D:\Program Files\NetMeeting
[2010-11-09 09:59:21 | 000,000,000 | ---D | C] -- D:\Program Files\Outlook Express
[2010-11-09 09:59:15 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\System
[2010-11-09 09:59:11 | 000,000,000 | ---D | C] -- D:\Program Files\Internet Explorer
[2010-11-09 09:59:10 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty\Moje obrazy
[2010-11-09 09:58:33 | 000,000,000 | ---D | C] -- D:\Program Files\ComPlus Applications
[2010-11-09 09:58:24 | 000,000,000 | ---D | C] -- D:\WINDOWS\Registration
[2010-11-09 09:58:14 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty\Moja muzyka
[2010-11-09 09:58:14 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Media Player
[2010-11-09 09:58:08 | 000,000,000 | ---D | C] -- D:\Program Files\Messenger
[2010-11-09 09:58:04 | 000,000,000 | ---D | C] -- D:\Program Files\MSN Gaming Zone
[2010-11-09 09:57:39 | 000,000,000 | ---D | C] -- D:\Program Files\Windows NT
[2010-11-09 09:57:37 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\MsDtc
[2010-11-09 09:57:35 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Com
[2010-11-09 09:57:21 | 000,000,000 | R--D | C] -- D:\Documents and Settings\All Users\Dokumenty\Moje wideo

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-12-19 21:50:45 | 000,243,457 | ---- | M] () -- D:\WINDOWS\System32\NvApps.xml
[2010-12-19 21:50:28 | 000,000,260 | ---- | M] () -- D:\WINDOWS\tasks\WGASetup.job
[2010-12-19 21:49:50 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2010-12-19 20:40:33 | 000,000,658 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\USB Drum.lnk
[2010-12-19 19:03:20 | 000,096,768 | ---- | M] () -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-12-19 05:14:56 | 000,098,256 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2010-12-19 03:19:42 | 000,001,393 | ---- | M] () -- D:\WINDOWS\imsins.BAK
[2010-12-19 00:09:43 | 000,000,784 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-12-18 00:33:07 | 000,000,355 | ---- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts
[2010-12-18 00:32:20 | 000,132,597 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\Flash_Disinfector.exe
[2010-12-17 21:06:05 | 000,042,664 | ---- | M] () -- D:\WINDOWS\System32\drivers\fsbts.sys
[2010-12-17 21:02:47 | 000,001,944 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\multiSAVER.lnk
[2010-12-17 21:00:24 | 000,496,774 | ---- | M] () -- D:\WINDOWS\System32\perfh015.dat
[2010-12-17 21:00:24 | 000,438,638 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2010-12-17 21:00:24 | 000,086,784 | ---- | M] () -- D:\WINDOWS\System32\perfc015.dat
[2010-12-17 21:00:24 | 000,070,352 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2010-12-17 03:08:26 | 000,000,706 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Real Hide IP.lnk
[2010-12-17 01:01:01 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2010-12-12 18:44:21 | 000,000,000 | ---- | M] () -- D:\WINDOWS\System32\94332.lic
[2010-12-02 15:44:15 | 000,000,664 | ---- | M] () -- D:\WINDOWS\System32\d3d9caps.dat
[2010-12-01 09:24:10 | 000,000,926 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Governor of Poker 2 Premium Edition.lnk
[2010-11-29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-11-29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbam.sys
[2010-11-28 02:17:51 | 000,000,584 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\Skrót do l2.lnk
[2010-11-21 17:24:44 | 000,001,619 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\McAfee Security Scan Plus.lnk
[2010-11-21 17:24:44 | 000,001,611 | ---- | M] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk
[2010-11-19 15:13:39 | 000,001,729 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-11-18 12:38:39 | 000,000,707 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Download Manager.lnk
[2010-11-15 13:52:38 | 000,000,650 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\Skrót do JDownloader.lnk
[2010-11-10 20:41:43 | 000,000,205 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\Call of Duty Black Ops.url
[2010-11-10 20:41:43 | 000,000,205 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\Call of Duty Black Ops - Multiplayer.url
[2010-11-10 20:06:20 | 000,000,521 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Steam.lnk
[2010-11-09 15:34:35 | 000,000,574 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\MuOnline.lnk
[2010-11-09 15:12:10 | 000,316,640 | ---- | M] () -- D:\WINDOWS\WMSysPr9.prx
[2010-11-09 12:47:33 | 000,000,825 | ---- | M] () -- D:\Documents and Settings\Żuczek\Pulpit\MUAutoClicker.lnk
[2010-11-09 12:35:15 | 000,000,626 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\ipla.lnk
[2010-11-09 12:34:53 | 000,000,762 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2010-11-09 12:27:15 | 000,001,602 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2010-11-09 11:26:22 | 000,021,504 | ---- | M] () -- D:\WINDOWS\jestertb.dll
[2010-11-09 11:13:50 | 000,240,592 | ---- | M] () -- D:\WINDOWS\System32\nvdrsdb0.bin
[2010-11-09 11:13:50 | 000,000,001 | ---- | M] () -- D:\WINDOWS\System32\nvdrssel.bin
[2010-11-09 11:13:48 | 000,240,592 | ---- | M] () -- D:\WINDOWS\System32\nvdrsdb1.bin
[2010-11-09 11:13:48 | 000,000,000 | ---- | M] () -- D:\WINDOWS\System32\nvdrswr.lk
[2010-11-09 11:11:13 | 000,001,834 | ---- | M] () -- D:\Documents and Settings\Żuczek\Menu Start\Programy\Autostart\GIGABYTE Gamer HUD Lite.lnk
[2010-11-09 11:05:02 | 000,940,794 | ---- | M] () -- D:\WINDOWS\System32\LoopyMusic.wav
[2010-11-09 11:05:02 | 000,146,650 | ---- | M] () -- D:\WINDOWS\System32\BuzzingBee.wav
[2010-11-09 10:53:29 | 000,021,891 | ---- | M] () -- D:\WINDOWS\Ascd_tmp.ini
[2010-11-09 10:53:19 | 000,001,769 | ---- | M] () -- D:\WINDOWS\Language_trs.ini
[2010-11-09 10:46:44 | 000,000,000 | ---- | M] () -- D:\WINDOWS\nsreg.dat
[2010-11-09 10:04:44 | 000,008,192 | ---- | M] () -- D:\WINDOWS\REGLOCS.OLD
[2010-11-09 10:03:36 | 000,000,261 | ---- | M] () -- D:\WINDOWS\System32\$winnt$.inf
[2010-11-09 10:01:55 | 000,002,596 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT
[2010-11-09 10:01:52 | 000,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb
[2010-11-09 10:01:52 | 000,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb
[2010-11-09 10:01:41 | 000,004,293 | ---- | M] () -- D:\WINDOWS\ODBCINST.INI
[2010-11-09 09:58:51 | 000,021,856 | ---- | M] () -- D:\WINDOWS\System32\emptyregdb.dat
[2010-10-22 07:23:30 | 000,061,440 | ---- | M] (Khronos Group) -- D:\WINDOWS\System32\OpenCL.dll
[2010-10-22 07:23:29 | 000,003,739 | ---- | M] () -- D:\WINDOWS\System32\nvinfo.pb

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-12-19 20:40:33 | 000,000,658 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\USB Drum.lnk
[2010-12-19 03:21:19 | 000,000,260 | ---- | C] () -- D:\WINDOWS\tasks\WGASetup.job
[2010-12-19 00:09:43 | 000,000,784 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-12-18 00:33:07 | 000,000,355 | ---- | C] () -- D:\WINDOWS\System32\drivers\etc\hosts
[2010-12-18 00:32:19 | 000,132,597 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\Flash_Disinfector.exe
[2010-12-17 21:02:47 | 000,001,944 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\multiSAVER.lnk
[2010-12-17 21:00:38 | 000,042,664 | ---- | C] () -- D:\WINDOWS\System32\drivers\fsbts.sys
[2010-12-17 03:08:26 | 000,000,706 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Real Hide IP.lnk
[2010-12-15 22:06:35 | 000,005,174 | ---- | C] () -- D:\WINDOWS\System32\nppt9x.vxd
[2010-12-12 18:44:21 | 000,000,000 | ---- | C] () -- D:\WINDOWS\System32\94332.lic
[2010-12-12 14:29:31 | 000,206,038 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\Zdjęcia-0011.jpg
[2010-12-02 15:19:31 | 000,000,664 | ---- | C] () -- D:\WINDOWS\System32\d3d9caps.dat
[2010-12-01 09:24:10 | 000,000,926 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Governor of Poker 2 Premium Edition.lnk
[2010-11-28 02:17:51 | 000,000,584 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\Skrót do l2.lnk
[2010-11-18 16:29:20 | 000,001,729 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-11-18 16:26:40 | 000,001,619 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\McAfee Security Scan Plus.lnk
[2010-11-18 16:26:40 | 000,001,611 | ---- | C] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk
[2010-11-18 12:38:39 | 000,000,707 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Download Manager.lnk
[2010-11-15 13:52:38 | 000,000,650 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\Skrót do JDownloader.lnk
[2010-11-10 20:41:43 | 000,000,205 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\Call of Duty Black Ops.url
[2010-11-10 20:41:43 | 000,000,205 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\Call of Duty Black Ops - Multiplayer.url
[2010-11-10 20:06:20 | 000,000,521 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Steam.lnk
[2010-11-09 15:34:35 | 000,000,574 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\MuOnline.lnk
[2010-11-09 13:49:15 | 000,693,932 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmplayer.chm
[2010-11-09 13:49:15 | 000,354,468 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud1.wav
[2010-11-09 13:49:15 | 000,343,204 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud7.wav
[2010-11-09 13:49:15 | 000,343,204 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud6.wav
[2010-11-09 13:49:15 | 000,172,196 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud9.wav
[2010-11-09 13:49:15 | 000,172,196 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud8.wav
[2010-11-09 13:49:15 | 000,172,196 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud3.wav
[2010-11-09 13:49:15 | 000,086,196 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud5.wav
[2010-11-09 13:49:15 | 000,086,180 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud4.wav
[2010-11-09 13:49:15 | 000,086,180 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud2.wav
[2010-11-09 13:49:15 | 000,071,460 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmplayer.adm
[2010-11-09 13:49:15 | 000,034,548 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmdm.inf
[2010-11-09 13:49:15 | 000,027,965 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmplay.chm
[2010-11-09 13:49:15 | 000,023,829 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tourbg.gif
[2010-11-09 13:49:15 | 000,017,489 | ---- | C] () -- D:\WINDOWS\System32\dllcache\videobg.gif
[2010-11-09 13:49:15 | 000,013,540 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmfsdk.inf
[2010-11-09 13:49:15 | 000,008,677 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm7.gif
[2010-11-09 13:49:15 | 000,007,892 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm9.gif
[2010-11-09 13:49:15 | 000,007,636 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm2.gif
[2010-11-09 13:49:15 | 000,007,369 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm4.gif
[2010-11-09 13:49:15 | 000,006,241 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm3.gif
[2010-11-09 13:49:15 | 000,006,060 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm6.gif
[2010-11-09 13:49:15 | 000,005,789 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm1.gif
[2010-11-09 13:49:15 | 000,005,290 | ---- | C] () -- D:\WINDOWS\System32\dllcache\vidsamp.gif
[2010-11-09 13:49:15 | 000,004,193 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm8.gif
[2010-11-09 13:49:15 | 000,003,187 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tour.js
[2010-11-09 13:49:15 | 000,002,477 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm5.gif
[2010-11-09 13:49:15 | 000,002,469 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tplay.gif
[2010-11-09 13:49:15 | 000,002,450 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tpause.gif
[2010-11-09 13:49:15 | 000,002,375 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tplayh.gif
[2010-11-09 13:49:15 | 000,002,371 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tpauseh.gif
[2010-11-09 13:49:15 | 000,001,771 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmptour.css
[2010-11-09 13:49:15 | 000,001,714 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpocm.inf
[2010-11-09 13:49:15 | 000,001,398 | ---- | C] () -- D:\WINDOWS\System32\dllcache\taon.gif
[2010-11-09 13:49:15 | 000,001,380 | ---- | C] () -- D:\WINDOWS\System32\dllcache\taonh.gif
[2010-11-09 13:49:15 | 000,001,380 | ---- | C] () -- D:\WINDOWS\System32\dllcache\taoff.gif
[2010-11-09 13:49:15 | 000,001,367 | ---- | C] () -- D:\WINDOWS\System32\dllcache\taoffh.gif
[2010-11-09 13:49:11 | 000,066,160 | ---- | C] () -- D:\WINDOWS\System32\dllcache\revert.wmz
[2010-11-09 13:49:11 | 000,001,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\skins.inf
[2010-11-09 13:49:11 | 000,001,148 | ---- | C] () -- D:\WINDOWS\System32\dllcache\snd.htm
[2010-11-09 13:49:10 | 000,089,253 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plyr_err.chm
[2010-11-09 13:49:10 | 000,022,060 | ---- | C] () -- D:\WINDOWS\System32\dllcache\npds.zip
[2010-11-09 13:49:10 | 000,000,403 | ---- | C] () -- D:\WINDOWS\System32\dllcache\npdrmv2.zip
[2010-11-09 13:49:09 | 000,067,866 | ---- | C] () -- D:\WINDOWS\System32\drivers\netwlan5.img
[2010-11-09 13:49:09 | 000,036,644 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplayer2.inf
[2010-11-09 13:49:09 | 000,002,778 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplogoh.gif
[2010-11-09 13:49:09 | 000,002,545 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplogo.gif
[2010-11-09 13:49:06 | 000,005,971 | ---- | C] () -- D:\WINDOWS\System32\dllcache\events.js
[2010-11-09 13:49:03 | 000,184,137 | ---- | C] () -- D:\WINDOWS\System32\dllcache\compact.wmz
[2010-11-09 13:49:03 | 000,129,045 | ---- | C] () -- D:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010-11-09 13:49:03 | 000,009,585 | ---- | C] () -- D:\WINDOWS\System32\dllcache\controls.css
[2010-11-09 13:49:03 | 000,000,999 | ---- | C] () -- D:\WINDOWS\System32\dllcache\bktrh.gif
[2010-11-09 13:49:03 | 000,000,773 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cnth.gif
[2010-11-09 13:49:03 | 000,000,773 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cnt.gif
[2010-11-09 13:49:03 | 000,000,772 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cntd.gif
[2010-11-09 13:49:03 | 000,000,760 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cloapph.gif
[2010-11-09 13:49:03 | 000,000,717 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cloapp.gif
[2010-11-09 13:48:11 | 000,064,352 | ---- | C] () -- D:\WINDOWS\System32\drivers\ativmc20.cod
[2010-11-09 13:05:03 | 000,096,768 | ---- | C] () -- D:\Documents and Settings\Żuczek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-11-09 12:47:33 | 000,000,825 | ---- | C] () -- D:\Documents and Settings\Żuczek\Pulpit\MUAutoClicker.lnk
[2010-11-09 12:35:15 | 000,000,626 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\ipla.lnk
[2010-11-09 12:34:53 | 000,000,762 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2010-11-09 12:27:15 | 000,001,602 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2010-11-09 11:26:22 | 000,021,504 | ---- | C] () -- D:\WINDOWS\jestertb.dll
[2010-11-09 11:21:18 | 000,165,376 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll
[2010-11-09 11:21:18 | 000,000,038 | ---- | C] () -- D:\WINDOWS\avisplitter.ini
[2010-11-09 11:21:17 | 000,000,414 | ---- | C] () -- D:\WINDOWS\System32\lame_acm.xml
[2010-11-09 11:21:16 | 000,790,528 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll
[2010-11-09 11:21:16 | 000,134,144 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll
[2010-11-09 11:21:16 | 000,108,032 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll
[2010-11-09 11:13:50 | 000,240,592 | ---- | C] () -- D:\WINDOWS\System32\nvdrsdb0.bin
[2010-11-09 11:13:48 | 000,240,592 | ---- | C] () -- D:\WINDOWS\System32\nvdrsdb1.bin
[2010-11-09 11:13:48 | 000,000,001 | ---- | C] () -- D:\WINDOWS\System32\nvdrssel.bin
[2010-11-09 11:13:48 | 000,000,000 | ---- | C] () -- D:\WINDOWS\System32\nvdrswr.lk
[2010-11-09 11:13:11 | 000,003,739 | ---- | C] () -- D:\WINDOWS\System32\nvinfo.pb
[2010-11-09 11:11:13 | 000,001,834 | ---- | C] () -- D:\Documents and Settings\Żuczek\Menu Start\Programy\Autostart\GIGABYTE Gamer HUD Lite.lnk
[2010-11-09 11:05:02 | 000,940,794 | ---- | C] () -- D:\WINDOWS\System32\LoopyMusic.wav
[2010-11-09 11:05:02 | 000,146,650 | ---- | C] () -- D:\WINDOWS\System32\BuzzingBee.wav
[2010-11-09 11:01:16 | 000,019,495 | ---- | C] () -- D:\WINDOWS\System32\nvdisp.nvu
[2010-11-09 10:53:22 | 000,005,810 | R--- | C] () -- D:\WINDOWS\System32\drivers\ASACPI.sys
[2010-11-09 10:53:19 | 000,001,769 | ---- | C] () -- D:\WINDOWS\Language_trs.ini
[2010-11-09 10:53:08 | 000,021,891 | ---- | C] () -- D:\WINDOWS\Ascd_tmp.ini
[2010-11-09 10:53:08 | 000,010,296 | ---- | C] () -- D:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010-11-09 10:46:44 | 000,000,000 | ---- | C] () -- D:\WINDOWS\nsreg.dat
[2010-11-09 10:20:39 | 000,001,393 | ---- | C] () -- D:\WINDOWS\imsins.BAK
[2010-11-09 10:20:35 | 000,004,293 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2010-11-09 10:20:33 | 001,685,606 | ---- | C] () -- D:\WINDOWS\System32\dllcache\sam.spd
[2010-11-09 10:20:33 | 000,643,717 | ---- | C] () -- D:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010-11-09 10:20:33 | 000,605,050 | ---- | C] () -- D:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010-11-09 10:20:33 | 000,000,888 | ---- | C] () -- D:\WINDOWS\System32\dllcache\sam.sdf
[2010-11-09 10:20:17 | 000,001,734 | ---- | C] () -- D:\WINDOWS\System32\AUTOEXEC.NT
[2010-11-09 10:18:25 | 000,808,524 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010-11-09 10:18:25 | 000,399,670 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010-11-09 10:18:25 | 000,037,509 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MW770.CAT
[2010-11-09 10:18:25 | 000,013,497 | ---- | C] () -- D:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010-11-09 10:18:25 | 000,008,599 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010-11-09 10:18:25 | 000,007,382 | ---- | C] () -- D:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010-11-09 10:18:25 | 000,007,334 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010-11-09 10:18:24 | 001,014,483 | ---- | C] () -- D:\WINDOWS\System32\dllcache\SP2.CAT
[2010-11-09 10:17:48 | 000,098,256 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2010-11-09 10:16:39 | 000,000,261 | ---- | C] () -- D:\WINDOWS\System32\$winnt$.inf
[2010-11-09 10:04:44 | 000,008,192 | ---- | C] () -- D:\WINDOWS\REGLOCS.OLD
[2010-11-09 10:03:36 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2010-11-09 10:03:17 | 000,175,104 | ---- | C] () -- D:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010-11-09 10:03:08 | 001,158,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010-11-09 10:03:04 | 000,196,665 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imjpinst.exe
[2010-11-09 10:03:04 | 000,059,392 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imscinst.exe
[2010-11-09 10:03:02 | 000,134,339 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imekr.lex
[2010-11-09 10:02:52 | 013,463,552 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010-11-09 10:02:48 | 000,108,827 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hanja.lex
[2010-11-09 10:02:40 | 000,173,568 | ---- | C] () -- D:\WINDOWS\System32\dllcache\chtskf.dll
[2010-11-09 10:01:55 | 000,002,596 | ---- | C] () -- D:\WINDOWS\System32\CONFIG.NT
[2010-11-09 10:01:52 | 000,023,392 | ---- | C] () -- D:\WINDOWS\System32\nscompat.tlb
[2010-11-09 10:01:52 | 000,016,832 | ---- | C] () -- D:\WINDOWS\System32\amcompat.tlb
[2010-11-09 10:01:51 | 000,316,640 | ---- | C] () -- D:\WINDOWS\WMSysPr9.prx
[2010-11-09 10:00:24 | 004,399,505 | ---- | C] () -- D:\WINDOWS\System32\dllcache\nls302en.lex
[2010-11-09 09:59:57 | 000,048,680 | -HS- | C] () -- D:\WINDOWS\winnt256.bmp
[2010-11-09 09:59:57 | 000,048,680 | -HS- | C] () -- D:\WINDOWS\winnt.bmp
[2010-11-09 09:59:51 | 000,000,984 | ---- | C] () -- D:\WINDOWS\System32\dllcache\srframe.mmf
[2010-11-09 09:58:51 | 000,021,856 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2010-11-09 09:57:52 | 000,065,832 | ---- | C] () -- D:\WINDOWS\Stiuk z Santa Fe.bmp
[2010-11-09 09:57:52 | 000,026,680 | ---- | C] () -- D:\WINDOWS\Wachlarze.bmp
[2010-11-09 09:57:52 | 000,017,362 | ---- | C] () -- D:\WINDOWS\Rododendron.bmp
[2010-11-09 09:57:52 | 000,009,522 | ---- | C] () -- D:\WINDOWS\Indiański pled.bmp
[2010-11-09 09:57:51 | 000,065,978 | ---- | C] () -- D:\WINDOWS\Bąbelki.bmp
[2010-11-09 09:57:51 | 000,065,954 | ---- | C] () -- D:\WINDOWS\Pod mikroskopem.bmp
[2010-11-09 09:57:51 | 000,026,582 | ---- | C] () -- D:\WINDOWS\Nefryt.bmp
[2010-11-09 09:57:51 | 000,017,336 | ---- | C] () -- D:\WINDOWS\Na rybkach.bmp
[2010-11-09 09:57:51 | 000,017,062 | ---- | C] () -- D:\WINDOWS\Kawa.bmp
[2010-11-09 09:57:51 | 000,016,730 | ---- | C] () -- D:\WINDOWS\Puch.bmp
[2010-11-09 09:57:51 | 000,001,272 | ---- | C] () -- D:\WINDOWS\Niebieska koronka 16.bmp
[2010-11-09 09:57:48 | 000,003,286 | ---- | C] () -- D:\WINDOWS\System32\tslabels.h
[2010-11-09 09:57:48 | 000,001,225 | ---- | C] () -- D:\WINDOWS\System32\usrlogon.cmd
[2010-11-09 09:57:47 | 000,000,768 | ---- | C] () -- D:\WINDOWS\System32\msdtcprf.h
[2010-11-09 09:57:41 | 000,063,488 | ---- | C] () -- D:\WINDOWS\System32\wmimgmt.msc

[color=#E56717]========== LOP Check ==========[/color]

[2010-12-17 20:59:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\f-secure
[2010-12-17 20:58:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\fssg
[2010-11-09 12:34:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-11-22 17:40:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-11-09 11:27:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Dane aplikacji\ROCCAT
[2010-12-17 21:34:02 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\F-Secure
[2010-11-09 12:34:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\Gadu-Gadu 10
[2010-12-16 17:39:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\ipla
[2010-11-09 11:28:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\ROCCAT
[2010-12-01 09:24:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Żuczek\Dane aplikacji\YoudaGames
[2010-12-19 21:50:28 | 000,000,260 | ---- | M] () -- D:\WINDOWS\Tasks\WGASetup.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-12-19 21:49:47 | 2145,386,496 | -HS- | M] () -- D:\pagefile.sys


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2010-11-09 14:55:01 | 023,908,281 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2010-11-09 14:55:01 | 023,908,281 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- D:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- D:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010-11-09 14:55:01 | 023,908,281 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010-11-09 14:55:01 | 023,908,281 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- D:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- D:\WINDOWS\system32\drivers\atapi.sys
[2004-08-03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\$NtServicePackUninstall$\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 20:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- D:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 20:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- D:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-03 23:54:52 | 018,789,127 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2010-11-09 14:55:01 | 023,908,281 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2010-11-09 14:55:01 | 023,908,281 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- D:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- D:\WINDOWS\system32\drivers\cdrom.sys
[2004-08-03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- D:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-03 23:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- D:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- D:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 18:20:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- D:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- D:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- D:\WINDOWS\system32\drivers\ndis.sys
[2004-08-03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- D:\WINDOWS\$NtServicePackUninstall$\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-03 23:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- D:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- D:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 18:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- D:\WINDOWS\system32\winlogon.exe

< End of report >[/log]

[b]log RSIT[/b]
[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by Żuczek at 2010-12-19 22:03:23
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive D: has 88 GB (88%) free of 100 GB
Total RAM: 2047 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:03:27, on 2010-12-19
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\mmp\multisaver\Anti-Virus\fsgk32st.exe
D:\Program Files\mmp\multisaver\Common\FSMA32.EXE
D:\Program Files\mmp\multisaver\Anti-Virus\FSGK32.EXE
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\mmp\multisaver\Common\FSHDLL32.EXE
D:\Program Files\mmp\multisaver\Anti-Virus\fssm32.exe
D:\Program Files\mmp\multisaver\FWES\Program\fsdfwd.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\Program Files\mmp\multisaver\Anti-Virus\fsav32.exe
D:\WINDOWS\RTHDCPL.EXE
D:\Program Files\Logitech\Gaming Software\LWEMon.exe
D:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\mmp\multisaver\Common\FSM32.EXE
D:\Program Files\ROCCAT\Kone Mouse\osd.exe
D:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Documents and Settings\Żuczek\Moje dokumenty\Pobieranie\RSIT.exe
D:\Program Files\trend micro\Żuczek.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Start WingMan Profiler] D:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [Kone] "D:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [nwiz] D:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [F-Secure Manager] "D:\Program Files\mmp\multisaver\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "D:\Program Files\mmp\multisaver\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "D:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MSI" TRANSFORMS="D:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MST" WISE_SETUP_EXE_PATH="i:\driver\2k_xp\190.38\PhysX_9.09.0428_SystemSoftware.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: GIGABYTE Gamer HUD Lite.lnk = D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - D:\Program Files\mmp\multisaver\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - D:\Program Files\mmp\multisaver\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - D:\Program Files\mmp\multisaver\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - D:\Program Files\mmp\multisaver\ORSP Client\fsorsp.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - D:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 6444 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-09 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2009-05-21 17881600]
"Start WingMan Profiler"=D:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 153672]
"Kone"=D:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE [2008-10-06 151552]
"SunJavaUpdateSched"=D:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"nwiz"=D:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-07-09 1657376]
"NvMediaCenter"=D:\WINDOWS\system32\NvMcTray.dll [2009-07-14 86016]
"NvCplDaemon"=D:\WINDOWS\system32\NvCpl.dll [2009-07-14 13877248]
"F-Secure Manager"=D:\Program Files\mmp\multisaver\Common\FSM32.EXE [2009-08-05 199264]
"F-Secure TNB"=D:\Program Files\mmp\multisaver\FSGUI\TNBUtil.exe [2009-08-05 2349664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WiseStubReboot"=MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I D:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MSI TRANSFORMS=D:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MST WISE_SETUP_EXE_PATH=i:\driver\2k_xp\190.38\PhysX_9.09.0428_SystemSoftware.exe []

D:\Documents and Settings\All Users\Menu Start\Programy\Autostart
McAfee Security Scan Plus.lnk - D:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

D:\Documents and Settings\Żuczek\Menu Start\Programy\Autostart
GIGABYTE Gamer HUD Lite.lnk - D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - D:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=0xFFFFFFFF

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Gadu-Gadu 10\gg.exe"="D:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10"
"D:\Documents and Settings\Żuczek\Ustawienia lokalne\Apps\2.0\NWRZZE6A.YKX\ALAWT2N6.5XZ\curs..tion_eee711038731a406_0004.0000_1829574f2226d088\CurseClient.exe"="D:\Documents and Settings\Żuczek\Ustawienia lokalne\Apps\2.0\NWRZZE6A.YKX\ALAWT2N6.5XZ\curs..tion_eee711038731a406_0004.0000_1829574f2226d088\CurseClient.exe:*:Enabled:Curse Client 4.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\Gry\Steam\Steam.exe"="E:\Gry\Steam\Steam.exe:*:Enabled:Steam"
"D:\Program Files\Java\jre6\bin\javaw.exe"="D:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"E:\Gry\Steam\SteamApps\common\call of duty black ops rcon\BlackOpsRcon.exe"="E:\Gry\Steam\SteamApps\common\call of duty black ops rcon\BlackOpsRcon.exe:*:Enabled:Call of Duty Black Ops - Remote Console"
"E:\Gry\Steam\SteamApps\common\call of duty black ops\BlackOps.exe"="E:\Gry\Steam\SteamApps\common\call of duty black ops\BlackOps.exe:*:Enabled:Call of Duty: Black Ops"
"E:\Gry\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe"="E:\Gry\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe:*:Enabled:Call of Duty: Black Ops - Multiplayer"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="

======List of files/folders created in the last 1 months======

2010-12-19 21:48:21 ----D---- D:\_OTL
2010-12-19 20:40:32 ----D---- D:\Program Files\USB Drum
2010-12-19 03:21:19 ----D---- D:\WINDOWS\system32\KB905474
2010-12-19 03:19:51 ----HDC---- D:\WINDOWS\$NtUninstallKB2296199$
2010-12-19 03:19:37 ----HDC---- D:\WINDOWS\$NtUninstallKB2443105$
2010-12-19 03:17:23 ----HDC---- D:\WINDOWS\$NtUninstallKB2440591$
2010-12-19 03:17:10 ----HDC---- D:\WINDOWS\$NtUninstallKB2443685$
2010-12-19 03:16:57 ----HDC---- D:\WINDOWS\$NtUninstallKB2436673$
2010-12-19 03:16:46 ----HDC---- D:\WINDOWS\$NtUninstallKB2467659$
2010-12-19 03:01:47 ----HDC---- D:\WINDOWS\$NtUninstallKB2423089$
2010-12-19 00:09:49 ----D---- D:\Documents and Settings\Żuczek\Dane aplikacji\Malwarebytes
2010-12-19 00:09:43 ----A---- D:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-12-19 00:09:42 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
2010-12-19 00:09:39 ----A---- D:\WINDOWS\system32\drivers\mbam.sys
2010-12-19 00:09:38 ----D---- D:\Program Files\Malwarebytes' Anti-Malware
2010-12-18 01:13:25 ----D---- D:\rsit
2010-12-18 01:13:25 ----D---- D:\Program Files\trend micro
2010-12-17 21:34:02 ----D---- D:\Documents and Settings\Żuczek\Dane aplikacji\F-Secure
2010-12-17 21:00:38 ----A---- D:\WINDOWS\system32\drivers\fsbts.sys
2010-12-17 21:00:21 ----A---- D:\WINDOWS\system32\drivers\fsdfw.sys
2010-12-17 20:59:20 ----D---- D:\Program Files\mmp
2010-12-17 20:58:57 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\fssg
2010-12-17 20:56:41 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\f-secure
2010-12-17 03:08:29 ----D---- D:\Documents and Settings\Żuczek\Dane aplikacji\RealHideIP
2010-12-17 03:08:29 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\RealHideIP
2010-12-17 03:08:04 ----D---- D:\Program Files\RealHideIP
2010-12-15 22:06:35 ----A---- D:\WINDOWS\system32\npptNT2.sys
2010-12-02 15:19:14 ----D---- D:\WINDOWS\Minidump
2010-12-01 09:24:23 ----D---- D:\Documents and Settings\Żuczek\Dane aplikacji\YoudaGames
2010-12-01 09:23:56 ----D---- D:\Program Files\Governor of Poker 2 Premium Edition
2010-11-29 20:31:30 ----D---- D:\WINDOWS\Sun
2010-11-22 17:40:50 ----D---- D:\Program Files\PlayReady

======List of files/folders modified in the last 1 months======

2010-12-19 21:51:00 ----D---- D:\WINDOWS\Prefetch
2010-12-19 21:50:42 ----D---- D:\WINDOWS\Temp
2010-12-19 21:50:12 ----D---- D:\WINDOWS\system32\CatRoot2
2010-12-19 21:48:45 ----A---- D:\WINDOWS\SchedLgU.Txt
2010-12-19 21:48:34 ----D---- D:\WINDOWS\system32
2010-12-19 21:48:34 ----D---- D:\WINDOWS
2010-12-19 20:41:28 ----HD---- D:\WINDOWS\inf
2010-12-19 20:40:32 ----RD---- D:\Program Files
2010-12-19 05:26:12 ----D---- D:\WINDOWS\system32\drivers
2010-12-19 05:14:35 ----HDC---- D:\WINDOWS\$NtUninstallKB981793$
2010-12-19 03:21:19 ----SD---- D:\WINDOWS\Tasks
2010-12-19 03:19:53 ----RSHDC---- D:\WINDOWS\system32\dllcache
2010-12-19 03:19:42 ----A---- D:\WINDOWS\imsins.BAK
2010-12-19 03:19:17 ----D---- D:\Program Files\Internet Explorer
2010-12-19 03:18:38 ----D---- D:\WINDOWS\ie8updates
2010-12-19 03:17:34 ----HD---- D:\WINDOWS\$hf_mig$
2010-12-19 03:02:52 ----A---- D:\WINDOWS\system32\MRT.exe
2010-12-19 03:01:54 ----D---- D:\Program Files\Outlook Express
2010-12-18 14:14:58 ----D---- D:\WINDOWS\system32\drivers\etc
2010-12-17 21:00:24 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2010-12-17 20:59:07 ----SHD---- D:\WINDOWS\Installer
2010-12-17 01:02:17 ----D---- D:\WINDOWS\system32\inetsrv
2010-12-16 17:39:24 ----D---- D:\Documents and Settings\Żuczek\Dane aplikacji\ipla
2010-12-15 21:58:15 ----HD---- D:\Program Files\InstallShield Installation Information
2010-12-14 21:10:05 ----D---- D:\Documents and Settings\Żuczek\Dane aplikacji\IGN_DLM
2010-12-11 02:50:58 ----D---- D:\Program Files\Mozilla Firefox
2010-12-02 15:46:25 ----D---- D:\WINDOWS\Help
2010-12-02 15:44:27 ----D---- D:\WINDOWS\system32\CatRoot
2010-12-02 15:42:09 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation
2010-12-02 15:36:39 ----D---- D:\Program Files\NVIDIA Corporation
2010-12-02 15:31:52 ----SD---- D:\Documents and Settings\Żuczek\Dane aplikacji\Microsoft
2010-11-28 08:13:30 ----D---- D:\WINDOWS\system32\Restore
2010-11-22 17:40:52 ----D---- D:\Documents and Settings\All Users\Dane aplikacji\ipla
2010-11-22 17:40:49 ----SD---- D:\Documents and Settings\All Users\Dane aplikacji\Microsoft
2010-11-21 17:24:43 ----D---- D:\Program Files\McAfee Security Scan
2010-11-20 23:25:49 ----D---- D:\Program Files\Common Files\Steam

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fsbts;fsbts; D:\WINDOWS\system32\Drivers\fsbts.sys [2010-12-17 42664]
R0 FSFW;F-Secure Firewall Driver; D:\WINDOWS\System32\drivers\fsdfw.sys [2009-08-05 80000]
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\D:\Program Files\mmp\multisaver\HIPS\drivers\fshs.sys []
R1 intelppm;Sterownik procesora Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 kbdhid;Sterownik klawiatury HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\D:\Program Files\mmp\multisaver\Anti-Virus\minifilter\fsgk.sys []
R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Sterownik Microsoft klasy HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-05-22 5082624]
R3 KoneFltr;ROCCAT Kone; D:\WINDOWS\system32\drivers\Kone.sys [2008-09-22 12672]
R3 mouhid;Sterownik myszy HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; D:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; D:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-07-14 7741664]
R3 rtl8139;Sterownik NT karty Realtek RTL8139(A/B/C)-based PCI Fast Ethernet; D:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Sterownik magazynu masowego USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; D:\WINDOWS\system32\drivers\WmBEnum.sys [2010-04-27 22856]
R3 WmFilter;Logitech Gaming HID Filter Driver; D:\WINDOWS\system32\drivers\WmFilter.sys [2010-04-27 37704]
R3 WmVirHid;Logitech Virtual Hid Device Driver; D:\WINDOWS\system32\drivers\WmVirHid.sys [2010-04-27 15048]
R3 WmXlCore;Logitech Translation Layer Driver; D:\WINDOWS\system32\drivers\WmXlCore.sys [2010-04-27 66632]
S3 Ambfilt;Ambfilt; D:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 Monfilt;Monfilt; D:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S4 F-Secure Filter;F-Secure File System Filter; \??\D:\Program Files\mmp\multisaver\Anti-Virus\Win2K\FSfilter.sys []
S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\D:\Program Files\mmp\multisaver\Anti-Virus\Win2K\FSrec.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 F-Secure Gatekeeper Handler Starter;FSGKHS; D:\Program Files\mmp\multisaver\Anti-Virus\fsgk32st.exe [2009-08-05 215648]
R2 FSMA;F-Secure Management Agent; D:\Program Files\mmp\multisaver\Common\FSMA32.EXE [2009-08-05 186976]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2010-11-09 153376]
R2 nvsvc;NVIDIA Display Driver Service; D:\WINDOWS\system32\nvsvc32.exe [2009-07-14 168004]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; D:\Program Files\mmp\multisaver\FWES\Program\fsdfwd.exe [2009-08-05 522848]
R3 FSORSPClient;F-Secure ORSP Client; D:\Program Files\mmp\multisaver\ORSP Client\fsorsp.exe [2010-12-17 64016]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-30 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; D:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 Steam Client Service;Steam Client Service; D:\Program Files\Common Files\Steam\SteamService.exe [2010-11-17 403240]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------[/log]

Tomek01
komentarz
komentarz

teraz jest ok. W OTL użyj funkcji CleanUp.
Dla pewności jeszcze raz skan Mbam.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.