Human utworzono 4 sierpnia 2011 utworzono 4 sierpnia 2011 (edytowane) Cześć! Zainstalowałem system, podłączyłem Pendrive'a, skopiowałem sterowniki, zainstalowałem i uruchomiłem ponownie komputer i od tego czasu po każdym włączeniu komputera włączają się Moje Dokumenty, wcześniej dwa razy teraz już tylko raz. Antyvirus znalazł wirusa w EXPLORER.exe i gdzieś tam jeszcze. Dodaje logi z OTL. System to Windows XP Professional OTL.Txt [log]OTL logfile created on: 2011-08-04 19:18:12 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Aleksander\Moje dokumenty\Downloads Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 758,98 Mb Total Physical Memory | 386,86 Mb Available Physical Memory | 50,97% Memory free 1,81 Gb Paging File | 1,53 Gb Available in Paging File | 84,08% Paging File free Paging file location(s): C:\pagefile.sys 1140 2280 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 76,68 Gb Total Space | 72,21 Gb Free Space | 94,17% Space Free | Partition Type: NTFS Drive E: | 0,06 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: DR-FE56AE8FB515 | User Name: Aleksander | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-08-04 19:14:45 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Aleksander\Moje dokumenty\Downloads\OTL.exe PRC - [2011-07-27 10:03:22 | 001,017,912 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Aleksander\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe PRC - [2011-07-04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2004-11-02 09:03:44 | 000,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe PRC - [2004-11-02 08:59:42 | 000,126,976 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe PRC - [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2004-08-04 00:44:30 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2004-08-04 00:44:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2004-08-04 00:44:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2004-08-04 00:44:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2004-08-04 00:44:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2004-08-04 00:44:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-04 00:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004-08-04 00:44:20 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2004-08-04 00:44:18 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-08-04 19:14:45 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Aleksander\Moje dokumenty\Downloads\OTL.exe MOD - [2011-07-04 13:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll MOD - [2004-08-04 00:44:32 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2004-08-04 00:44:16 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2004-08-04 00:44:14 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2004-08-04 00:44:14 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2004-08-04 00:44:14 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2004-08-04 00:44:12 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2004-08-04 00:44:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-04 00:44:10 | 008,412,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2004-08-04 00:44:10 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2004-08-04 00:44:10 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2004-08-04 00:44:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2004-08-04 00:44:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2004-08-04 00:44:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-04 00:44:08 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2004-08-04 00:44:08 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2004-08-04 00:44:08 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2004-08-04 00:44:08 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-04 00:44:06 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-04 00:44:02 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2004-08-04 00:44:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2004-08-04 00:43:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2004-08-04 00:43:56 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2004-08-04 00:43:56 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-04 00:43:54 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2004-08-04 00:43:52 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2004-08-04 00:43:48 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2004-08-04 00:42:34 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-08-03 19:06:39 | 001,512,960 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmudax3.sys -- (cmuda3) DRV - [2011-07-04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011-07-04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011-07-04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011-07-04 13:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2011-07-04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011-07-04 13:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2011-07-04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2004-08-22 16:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\d347prt.sys -- (d347prt) DRV - [2004-08-22 16:31:10 | 000,155,136 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\d347bus.sys -- (d347bus) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-329068152-1214440339-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Aleksander\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Aleksander\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) O1 HOSTS File: ([2001-10-26 15:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [CmPCIaudio] File not found O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-329068152-1214440339-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (EXPLORER.EXE) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-08-03 16:48:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - Services: "gupdate" MsConfig - Services: "gupdatem" MsConfig - StartUpReg: [b]CTFMON.EXE[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]EXPLORER.EXE[/b] - hkey= - key= - C:\WINDOWS\explorer.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]Google Update[/b] - hkey= - key= - C:\Documents and Settings\Aleksander\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe (Google Inc.) MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]wsctf.exe[/b] - hkey= - key= - File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 2 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-08-04 11:26:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Temp [2011-08-03 21:53:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2011-08-03 20:06:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleksander\Ustawienia lokalne\Dane aplikacji\Identities [2011-08-03 19:31:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleksander\Dane aplikacji\Gadu-Gadu 10 [2011-08-03 19:31:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2011-08-03 19:30:55 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10 [2011-08-03 19:21:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\OJP Enhanced [2011-08-03 19:11:05 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2011-08-03 19:08:54 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2011-08-03 19:07:59 | 007,700,480 | ---- | C] (C-Media Corporation) -- C:\WINDOWS\System\CMICNFG3.cpl [2011-08-03 19:07:59 | 000,270,336 | ---- | C] (C-Media Corporation) -- C:\WINDOWS\System32\CMRMDRV3.exe [2011-08-03 19:07:10 | 000,278,528 | ---- | C] (C-Media Corporation) -- C:\WINDOWS\CmiPCIUninstall.exe [2011-08-03 19:07:03 | 001,512,960 | ---- | C] (C-Media Inc) -- C:\WINDOWS\System32\drivers\cmudax3.sys [2011-08-03 19:07:03 | 000,036,864 | ---- | C] (C-Media Electronics Ins.) -- C:\WINDOWS\System32\cmudax3.DLL [2011-08-03 19:07:03 | 000,000,000 | ---D | C] -- C:\Program Files\C-Media PCI Audio Device [2011-08-03 19:02:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Xfire [2011-08-03 19:02:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleksander\Dane aplikacji\Xfire [2011-08-03 19:02:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Xfire [2011-08-03 19:01:59 | 000,000,000 | ---D | C] -- C:\Program Files\Xfire [2011-08-03 18:53:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\LucasArts [2011-08-03 18:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\LucasArts [2011-08-03 18:41:22 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer [2011-08-03 18:41:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC [2011-08-03 18:41:19 | 000,000,000 | R--D | C] -- C:\Program Files [2011-08-03 18:41:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines [2011-08-03 18:41:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared [2011-08-03 18:41:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files [2011-08-03 18:41:09 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll [2011-08-03 18:41:09 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll [2011-08-03 18:41:09 | 000,085,532 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll [2011-08-03 18:41:09 | 000,085,532 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll [2011-08-03 18:41:09 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll [2011-08-03 18:41:09 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll [2011-08-03 18:41:08 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll [2011-08-03 18:41:08 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll [2011-08-03 18:40:58 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start [2011-08-03 18:40:58 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty [2011-08-03 18:40:58 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart [2011-08-03 18:40:58 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony [2011-08-03 18:40:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione [2011-08-03 18:40:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit [2011-08-03 18:40:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2 [2011-08-03 18:40:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot [2011-08-03 18:40:42 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft [2011-08-03 18:40:42 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji [2011-08-03 18:40:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings [2011-08-03 18:40:27 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2011-08-03 18:35:48 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts [2011-08-03 18:35:48 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache [2011-08-03 18:35:48 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web [2011-08-03 18:35:48 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32 [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32 [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\system [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\security [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\java [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076 [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052 [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054 [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1045 [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042 [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041 [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037 [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033 [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031 [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028 [2011-08-03 18:35:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025 [2011-08-03 18:32:18 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys [2011-08-03 18:32:18 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys [2011-08-03 18:32:17 | 000,000,000 | ---D | C] -- C:\Program Files\D-Tools [2011-08-03 18:32:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations [2011-08-03 18:29:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleksander\Moje dokumenty\Downloads [2011-08-03 18:29:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleksander\Dane aplikacji\Macromedia [2011-08-03 18:29:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleksander\Dane aplikacji\Adobe [2011-08-03 18:28:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleksander\Menu Start\Programy\Google Chrome [2011-08-03 18:24:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleksander\Ustawienia lokalne\Dane aplikacji\Temp [2011-08-03 18:24:34 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Aleksander\UserData [2011-08-03 18:04:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google [2011-08-03 18:01:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google [2011-08-03 18:01:28 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2011-08-03 18:01:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleksander\Ustawienia lokalne\Dane aplikacji\Google [2011-08-03 18:01:27 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2011-08-03 18:01:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\avast! Free Antivirus [2011-08-03 18:01:26 | 000,309,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2011-08-03 18:01:25 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2011-08-03 18:01:25 | 000,043,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2011-08-03 18:01:25 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2011-08-03 18:01:24 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2011-08-03 18:01:24 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2011-08-03 18:01:24 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2011-08-03 18:01:14 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2011-08-03 18:01:13 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2011-08-03 18:00:59 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2011-08-03 18:00:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2011-08-03 17:02:01 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2011-08-03 17:01:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups [2011-08-03 17:01:40 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2011-08-03 17:01:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2011-08-03 17:00:12 | 000,167,936 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll [2011-08-03 16:55:04 | 000,000,000 | ---D | C] -- C:\IBMTOOLS [2011-08-03 16:53:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleksander\Dane aplikacji\Identities [2011-08-03 16:53:15 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information [2011-08-03 16:53:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Aleksander\Moje dokumenty\Moje obrazy [2011-08-03 16:53:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Aleksander\Moje dokumenty\Moja muzyka [2011-08-03 16:53:09 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Aleksander\Dane aplikacji\Microsoft [2011-08-03 16:53:09 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Aleksander\Cookies [2011-08-03 16:53:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Aleksander\SendTo [2011-08-03 16:53:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Aleksander\Recent [2011-08-03 16:53:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Aleksander\Dane aplikacji [2011-08-03 16:53:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Aleksander\Ulubione [2011-08-03 16:53:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Aleksander\Moje dokumenty [2011-08-03 16:53:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Aleksander\Menu Start [2011-08-03 16:53:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Aleksander\Menu Start\Programy\Autostart [2011-08-03 16:53:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Aleksander\Menu Start\Programy\Akcesoria [2011-08-03 16:53:09 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Aleksander\Ustawienia lokalne [2011-08-03 16:53:09 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Aleksander\Szablony [2011-08-03 16:53:09 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Aleksander\PrintHood [2011-08-03 16:53:09 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Aleksander\NetHood [2011-08-03 16:53:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleksander\Pulpit [2011-08-03 16:53:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleksander\Ustawienia lokalne\Dane aplikacji\Microsoft [2011-08-03 16:52:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution [2011-08-03 16:52:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2011-08-03 16:52:40 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft [2011-08-03 16:52:40 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2011-08-03 16:52:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2011-08-03 16:52:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2011-08-03 16:52:22 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2011-08-03 16:50:31 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll [2011-08-03 16:50:31 | 000,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll [2011-08-03 16:50:30 | 000,026,624 | ---- | C] (RICOH Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll [2011-08-03 16:49:40 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll [2011-08-03 16:49:40 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll [2011-08-03 16:49:39 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll [2011-08-03 16:49:30 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2011-08-03 16:49:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom [2011-08-03 16:49:02 | 000,000,000 | ---D | C] -- C:\Program Files\xerox [2011-08-03 16:49:02 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage [2011-08-03 16:47:47 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM [2011-08-03 16:47:39 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files [2011-08-03 16:47:39 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages [2011-08-03 16:47:29 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate [2011-08-03 16:47:26 | 000,000,000 | ---D | C] -- C:\Program Files\Usługi online [2011-08-03 16:47:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX [2011-08-03 16:46:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services [2011-08-03 16:46:49 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks [2011-08-03 16:46:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap [2011-08-03 16:46:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst [2011-08-03 16:46:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed [2011-08-03 16:46:39 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker [2011-08-03 16:46:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore [2011-08-03 16:46:33 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll [2011-08-03 16:46:33 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll [2011-08-03 16:46:31 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting [2011-08-03 16:46:29 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express [2011-08-03 16:46:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System [2011-08-03 16:46:24 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer [2011-08-03 16:46:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy [2011-08-03 16:45:58 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Gry [2011-08-03 16:45:48 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications [2011-08-03 16:45:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration [2011-08-03 16:45:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Narzędzia administracyjne [2011-08-03 16:45:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka [2011-08-03 16:45:37 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player [2011-08-03 16:45:32 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger [2011-08-03 16:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone [2011-08-03 16:45:22 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll [2011-08-03 16:45:22 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll [2011-08-03 16:45:10 | 000,283,136 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe [2011-08-03 16:45:09 | 000,349,696 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll [2011-08-03 16:45:09 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT [2011-08-03 16:45:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc [2011-08-03 16:45:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com [2011-08-03 16:44:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo [2011-08-03 16:44:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-08-04 19:10:19 | 000,001,040 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011-08-04 19:10:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-08-04 18:34:00 | 000,001,152 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-329068152-1214440339-839522115-1003UA.job [2011-08-04 18:31:00 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011-08-04 18:01:49 | 000,000,549 | ---- | M] () -- C:\WINDOWS\System\Cmicnfg3.ini [2011-08-04 11:57:55 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2011-08-04 11:34:03 | 000,001,100 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-329068152-1214440339-839522115-1003Core.job [2011-08-03 19:31:22 | 000,000,791 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk [2011-08-03 19:31:22 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk [2011-08-03 19:11:05 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2011-08-03 19:07:59 | 000,000,066 | ---- | M] () -- C:\WINDOWS\Cmicnfg3.ini.cfl [2011-08-03 19:06:41 | 000,278,528 | ---- | M] (C-Media Corporation) -- C:\WINDOWS\CmiPCIUninstall.exe [2011-08-03 19:06:41 | 000,001,480 | ---- | M] () -- C:\WINDOWS\Cmicnfg3.ini.cfg [2011-08-03 19:06:39 | 001,512,960 | ---- | M] (C-Media Inc) -- C:\WINDOWS\System32\drivers\cmudax3.sys [2011-08-03 19:06:39 | 000,036,864 | ---- | M] (C-Media Electronics Ins.) -- C:\WINDOWS\System32\cmudax3.DLL [2011-08-03 19:06:39 | 000,002,421 | ---- | M] () -- C:\WINDOWS\cmudax3.ini [2011-08-03 19:06:38 | 007,700,480 | ---- | M] (C-Media Corporation) -- C:\WINDOWS\System\CMICNFG3.cpl [2011-08-03 19:06:38 | 000,270,336 | ---- | M] (C-Media Corporation) -- C:\WINDOWS\System32\CMRMDRV3.exe [2011-08-03 19:02:02 | 000,000,638 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Xfire.lnk [2011-08-03 18:32:17 | 000,000,685 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools.lnk [2011-08-03 18:28:53 | 000,002,341 | ---- | M] () -- C:\Documents and Settings\Aleksander\Pulpit\Google Chrome.lnk [2011-08-03 18:01:27 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk [2011-08-03 18:01:25 | 000,002,644 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2011-08-03 18:01:12 | 000,355,830 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-08-03 18:01:11 | 000,311,740 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-08-03 18:01:11 | 000,049,712 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-08-03 18:01:11 | 000,040,128 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-08-03 16:53:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-08-03 16:52:25 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD [2011-08-03 16:52:17 | 000,093,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-08-03 16:51:02 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2011-08-03 16:48:42 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2011-08-03 16:48:42 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2011-08-03 16:48:42 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2011-08-03 16:48:42 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2011-08-03 16:48:34 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2011-08-03 16:48:34 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2011-08-03 16:48:34 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2011-08-03 16:48:25 | 000,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2011-08-03 16:45:56 | 000,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2011-07-04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2011-07-04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2011-07-04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2011-07-04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2011-07-04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2011-07-04 13:35:12 | 000,102,616 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2011-07-04 13:35:09 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2011-07-04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2011-07-04 13:32:13 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2011-07-04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2011-06-24 20:51:18 | 000,036,352 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-08-03 19:31:22 | 000,000,791 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk [2011-08-03 19:31:22 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk [2011-08-03 19:31:03 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Gadu-Gadu 10.lnk [2011-08-03 19:07:59 | 000,000,549 | ---- | C] () -- C:\WINDOWS\System\Cmicnfg3.ini [2011-08-03 19:07:59 | 000,000,066 | ---- | C] () -- C:\WINDOWS\Cmicnfg3.ini.cfl [2011-08-03 19:07:12 | 000,001,480 | ---- | C] () -- C:\WINDOWS\Cmicnfg3.ini.cfg [2011-08-03 19:07:07 | 000,002,421 | ---- | C] () -- C:\WINDOWS\cmudax3.ini [2011-08-03 19:02:02 | 000,000,638 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Xfire.lnk [2011-08-03 18:41:22 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011-08-03 18:41:20 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd [2011-08-03 18:41:20 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa [2011-08-03 18:41:20 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf [2011-08-03 18:41:19 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa [2011-08-03 18:41:07 | 000,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT [2011-08-03 18:40:58 | 000,808,524 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2011-08-03 18:40:58 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2011-08-03 18:40:58 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat [2011-08-03 18:40:58 | 000,102,826 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat [2011-08-03 18:40:58 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2011-08-03 18:40:58 | 000,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat [2011-08-03 18:40:58 | 000,030,983 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT [2011-08-03 18:40:58 | 000,014,043 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT [2011-08-03 18:40:58 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2011-08-03 18:40:58 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT [2011-08-03 18:40:58 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2011-08-03 18:40:58 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2011-08-03 18:40:58 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat [2011-08-03 18:40:58 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT [2011-08-03 18:40:57 | 001,896,400 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT [2011-08-03 18:40:57 | 001,014,483 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT [2011-08-03 18:40:57 | 000,620,500 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT [2011-08-03 18:40:27 | 000,093,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-08-03 18:39:07 | 000,000,211 | -HS- | C] () -- C:\boot.ini [2011-08-03 18:39:05 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf [2011-08-03 18:32:17 | 000,000,685 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools.lnk [2011-08-03 18:28:53 | 000,002,341 | ---- | C] () -- C:\Documents and Settings\Aleksander\Pulpit\Google Chrome.lnk [2011-08-03 18:24:43 | 000,001,152 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-329068152-1214440339-839522115-1003UA.job [2011-08-03 18:24:42 | 000,001,100 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-329068152-1214440339-839522115-1003Core.job [2011-08-03 18:01:33 | 000,001,044 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011-08-03 18:01:32 | 000,001,040 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011-08-03 18:01:27 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk [2011-08-03 16:53:17 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Aleksander\Menu Start\Programy\Outlook Express.lnk [2011-08-03 16:53:15 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Aleksander\Menu Start\Programy\Internet Explorer.lnk [2011-08-03 16:53:09 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Aleksander\Menu Start\Programy\Pomoc zdalna.lnk [2011-08-03 16:53:09 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Aleksander\Menu Start\Programy\Windows Media Player.lnk [2011-08-03 16:52:25 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD [2011-08-03 16:51:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011-08-03 16:50:25 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll [2011-08-03 16:50:08 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex [2011-08-03 16:50:01 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2011-08-03 16:50:00 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe [2011-08-03 16:49:59 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex [2011-08-03 16:49:50 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll [2011-08-03 16:49:46 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex [2011-08-03 16:49:42 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll [2011-08-03 16:49:32 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2011-08-03 16:48:42 | 000,002,644 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT [2011-08-03 16:48:42 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2011-08-03 16:48:42 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2011-08-03 16:48:42 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS [2011-08-03 16:48:42 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT [2011-08-03 16:48:34 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb [2011-08-03 16:48:34 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb [2011-08-03 16:48:32 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx [2011-08-03 16:47:28 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Movie Maker.lnk [2011-08-03 16:47:19 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex [2011-08-03 16:46:57 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp [2011-08-03 16:46:57 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp [2011-08-03 16:46:53 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf [2011-08-03 16:46:44 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe [2011-08-03 16:46:35 | 000,379,904 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll [2011-08-03 16:45:58 | 000,000,643 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Messenger.lnk [2011-08-03 16:45:57 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2011-08-03 16:45:18 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Bąbelki.bmp [2011-08-03 16:45:18 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Pod mikroskopem.bmp [2011-08-03 16:45:18 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Stiuk z Santa Fe.bmp [2011-08-03 16:45:18 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Wachlarze.bmp [2011-08-03 16:45:18 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Nefryt.bmp [2011-08-03 16:45:18 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp [2011-08-03 16:45:18 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybkach.bmp [2011-08-03 16:45:18 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kawa.bmp [2011-08-03 16:45:18 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Puch.bmp [2011-08-03 16:45:18 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Indiański pled.bmp [2011-08-03 16:45:18 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Niebieska koronka 16.bmp [2011-08-03 16:45:16 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h [2011-08-03 16:45:16 | 000,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd [2011-08-03 16:45:15 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h [2011-08-03 16:45:10 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc [2011-06-24 20:51:18 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll [2004-08-22 17:04:56 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll [2004-08-04 00:56:48 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2004-08-04 00:44:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2004-08-02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004-07-17 11:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2003-02-03 05:26:18 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll [2001-10-26 16:15:16 | 000,355,830 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2001-10-26 16:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2001-10-26 16:15:16 | 000,049,712 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2001-10-26 16:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2001-08-23 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001-08-23 13:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001-08-17 21:30:24 | 000,311,740 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001-08-17 21:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001-08-17 21:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001-08-17 21:30:22 | 000,040,128 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001-08-17 21:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001-07-21 22:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001-07-21 22:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2001-07-21 22:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [color=#E56717]========== LOP Check ==========[/color] [2011-08-03 19:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aleksander\Dane aplikacji\Gadu-Gadu 10 [2011-08-03 18:00:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2011-08-03 19:31:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2011-08-03 16:48:42 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2011-08-04 11:57:55 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2001-07-21 22:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2011-08-03 16:48:42 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2011-08-03 16:48:42 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2011-08-03 16:48:42 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004-08-03 22:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2004-08-03 22:59:54 | 000,250,624 | RHS- | M] () -- C:\ntldr [2011-08-04 19:10:06 | 1195,376,640 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004-08-04 00:54:52 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2004-08-03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2004-08-04 00:43:58 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys [2004-08-03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2004-08-04 00:44:30 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\system32\winlogon.exe < End of report > [/log] Extras.Txt [log]OTL Extras logfile created on: 2011-08-04 19:18:12 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Aleksander\Moje dokumenty\Downloads Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 758,98 Mb Total Physical Memory | 386,86 Mb Available Physical Memory | 50,97% Memory free 1,81 Gb Paging File | 1,53 Gb Available in Paging File | 84,08% Paging File free Paging file location(s): C:\pagefile.sys 1140 2280 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 76,68 Gb Total Space | 72,21 Gb Free Space | 94,17% Space Free | Partition Type: NTFS Drive E: | 0,06 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: DR-FE56AE8FB515 | User Name: Aleksander | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [HKEY_USERS\S-1-5-21-329068152-1214440339-839522115-1003\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 4 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Xfire\Xfire.exe" = C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire -- (Xfire Inc.) "C:\Program Files\LucasArts\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe" = C:\Program Files\LucasArts\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe:*:Enabled:Jedi Academy MultiPlayer -- (Activision Inc) "C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}" = Star Wars Jedi Knight Jedi Academy "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}" = DAEMON Tools "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "avast" = avast! Free Antivirus "C-Media PCI Sound" = C-Media PCI Audio Device "Gadu-Gadu 10" = Gadu-Gadu 10 "OJP Enhanced_is1" = OJP Enhanced v0.1.2 "PROSet" = Intel(R) PRO Network Adapters and Drivers "Xfire" = Xfire (remove only) [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-329068152-1214440339-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ System Events ] Error - 2011-08-03 12:20:20 | Computer Name = DR-FE56AE8FB515 | Source = Tcpip | ID = 4199 Description = System wykrył konflikt adresów między adresem IP 172.16.0.4 a komputerem o sieciowym adresie sprzętowym 00:4F:79:90:50:FD. W rezultacie mogą być zakłócone operacje sieciowe na tym komputerze. Error - 2011-08-03 12:21:13 | Computer Name = DR-FE56AE8FB515 | Source = W32Time | ID = 39452689 Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi próbę wyszukania serwera DNS za 15 min. Wystąpił błąd: Próba przeprowadzenia operacji, wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751) Error - 2011-08-03 12:21:13 | Computer Name = DR-FE56AE8FB515 | Source = W32Time | ID = 39452701 Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne. Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego czasu. Error - 2011-08-03 12:22:59 | Computer Name = DR-FE56AE8FB515 | Source = W32Time | ID = 39452689 Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi próbę wyszukania serwera DNS za 15 min. Wystąpił błąd: Próba przeprowadzenia operacji, wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751) Error - 2011-08-03 12:22:59 | Computer Name = DR-FE56AE8FB515 | Source = W32Time | ID = 39452701 Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne. Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego czasu. Error - 2011-08-03 12:23:18 | Computer Name = DR-FE56AE8FB515 | Source = W32Time | ID = 39452689 Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi próbę wyszukania serwera DNS za 15 min. Wystąpił błąd: Próba przeprowadzenia operacji, wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751) Error - 2011-08-03 12:23:18 | Computer Name = DR-FE56AE8FB515 | Source = W32Time | ID = 39452701 Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne. Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego czasu. Error - 2011-08-03 12:24:03 | Computer Name = DR-FE56AE8FB515 | Source = W32Time | ID = 39452689 Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera DNS ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi próbę wyszukania serwera DNS za 15 min. Wystąpił błąd: Próba przeprowadzenia operacji, wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751) Error - 2011-08-03 12:24:03 | Computer Name = DR-FE56AE8FB515 | Source = W32Time | ID = 39452701 Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne. Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego czasu. Error - 2011-08-04 12:31:00 | Computer Name = DR-FE56AE8FB515 | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi gupdate z argumentami „/comsvc” w celu uruchomienia serwera: {4EB61BAC-A3B6-4760-9581-655041EF4D69} < End of report > [/log] Jak podłączę Pendrive'a to czasem nie mogę na niego wejść jak wcisnę prawy przycisk myszki to są same ??? Jak podłącze telefon też tak czasem robi, ale teraz już nie.
Human komentarz 4 sierpnia 2011 Autor komentarz 4 sierpnia 2011 wiec co to byl za wirus w EXPLORER.exe i czyms jeszcze? i co z tymi dokumentami
wirusolog komentarz 4 sierpnia 2011 komentarz 4 sierpnia 2011 [b]1.[/b] Podłącz wszystkie urządzenia przenośne ([b]pendrive / komórki / mp3 / dyski przenośne[/b]) i użyj [url=http://www.hotfix.pl/uzytkowanie-programu-usbfix-a310.htm][b][color=blue][u]USBFix[/url][/b][/color][/u] z opcji [b][color=#FFA500]DELETION[/color][/b]. Pokaż raport z usuwania (wszystko opisane jest w poradniku)!
Human komentarz 5 sierpnia 2011 Autor komentarz 5 sierpnia 2011 Wszystkie telefony pendrivy itp na raz?[log]############################## | UsbFix 7.054 | [Deletion] User: Aleksander (Administrator) # DR-FE56AE8FB515 [ ] Updated 04/08/2011 by El Desaparecido Started at 11:04:29 | 05/08/2011 Website: http://www.teamxscript.org Submit your sample: http://www.teamxscript.org/Upload.php Contact: TeamXscript.ElDesaparecido@gmail.com CPU: Intel(R) Pentium(R) 4 CPU 2.40GHz Microsoft Windows XP Professional (5.1.2600 32-Bit) # Dodatek Service Pack 2 Internet Explorer 6.0.2900.2180 Windows Firewall: Enabled Antivirus: avast! Antivirus 5.0.100664499 [(!) Disabled | Updated] RAM -> 759 Mb C:\ (%systemdrive%) -> Fixed drive # 77 Gb (72 Mb free - 94%) [] # NTFS D:\ -> CD-ROM E:\ -> CD-ROM F:\ -> Removable drive # 8 Gb (3 Mb free - 45%) [ADATA UFD] # FAT32 ################## | Files # Infected Folders | Deleted ! C:\Recycler\S-1-5-21-329068152-1214440339-839522115-1003 ################## | Registry | Deleted ! HKLM\software\microsoft\shared tools\msconfig\startupreg\EXPLORER.EXE Deleted ! HKLM\software\microsoft\shared tools\msconfig\startupreg\wsctf.exe ################## | Mountpoints2 | ################## | Listing | [03/08/2011 - 16:48:42 | N | 0] C:\AUTOEXEC.BAT [04/08/2011 - 11:57:55 | N | 211] C:\boot.ini [21/07/2001 - 22:13:54 | N | 4952] C:\Bootfont.bin [03/08/2011 - 16:48:42 | N | 0] C:\CONFIG.SYS [03/08/2011 - 16:53:09 | D ] C:\Documents and Settings [03/08/2011 - 16:55:04 | D ] C:\IBMTOOLS [03/08/2011 - 16:48:42 | N | 0] C:\IO.SYS [03/08/2011 - 16:48:42 | N | 0] C:\MSDOS.SYS [03/08/2004 - 22:38:34 | N | 47564] C:\NTDETECT.COM [03/08/2004 - 22:59:54 | N | 250624] C:\ntldr [05/08/2011 - 11:00:09 | ASH | 1195376640] C:\pagefile.sys [04/08/2011 - 19:27:03 | D ] C:\Program Files [05/08/2011 - 11:04:47 | SHD ] C:\RECYCLER [03/08/2011 - 19:12:18 | SHD ] C:\System Volume Information [05/08/2011 - 11:04:47 | D ] C:\UsbFix [05/08/2011 - 11:07:52 | A | 1090] C:\UsbFix.txt [04/08/2011 - 21:34:13 | D ] C:\WINDOWS [09/11/2008 - 23:34:32 | RD ] E:\GameData [03/08/2011 - 18:34:48 | D ] F:\The Sims 2 [03/08/2011 - 18:44:30 | D ] F:\Moja muzyka [03/08/2011 - 18:47:06 | D ] F:\Star Wars Jedi Knight - Jedi Academy (2 Cds) ################## | Vaccin | C:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript) F:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript) ################## | Upload | Please send the file: C:\UsbFix_Upload_Me_DR-FE56AE8FB515.zip http://www.teamxscript.org/Upload.php Thank you for your contribution. ################## | E.O.F | [/log]
Human komentarz 5 sierpnia 2011 Autor komentarz 5 sierpnia 2011 Ok no to ten log co podałem wyżej jest z pendrive i tel.i co?
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.