tobeto utworzono 29 września 2011 utworzono 29 września 2011 [log]OTL logfile created on: 2011-09-29 17:40:02 - Run 1 OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\User\Moje dokumenty\Downloads Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,27 Gb Available Physical Memory | 63,51% Memory free 3,85 Gb Paging File | 3,19 Gb Available in Paging File | 82,84% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 50,85 Gb Total Space | 28,18 Gb Free Space | 55,42% Space Free | Partition Type: NTFS Drive D: | 50,86 Gb Total Space | 19,86 Gb Free Space | 39,05% Space Free | Partition Type: NTFS Drive E: | 47,34 Gb Total Space | 45,25 Gb Free Space | 95,58% Space Free | Partition Type: NTFS Computer Name: USER-AE38C3653C | User Name: User | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-09-29 17:37:48 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Moje dokumenty\Downloads\OTL.exe PRC - [2011-09-20 05:07:40 | 001,030,200 | ---- | M] (Google Inc.) -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe PRC - [2011-09-14 13:03:58 | 008,284,928 | ---- | M] (TeamSpeak Systems GmbH) -- C:\Program Files\TeamSpeak 3\ts3client_win32.exe PRC - [2011-09-08 15:04:20 | 002,592,768 | ---- | M] () -- C:\Program Files\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.33\deploy\LoLLauncher.exe PRC - [2011-08-29 00:14:10 | 000,924,672 | ---- | M] () -- C:\Documents and Settings\User\Dane aplikacji\mservice32_t.exe PRC - [2011-08-20 14:27:28 | 001,290,240 | ---- | M] () -- C:\Program Files\League of Legends\RADS\system\rads_user_kernel.exe PRC - [2011-01-12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2010-09-08 10:09:02 | 000,144,384 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.84\deploy\LolClient.exe PRC - [2009-07-13 10:19:56 | 010,707,560 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe PRC - [2009-07-13 09:16:14 | 000,077,824 | ---- | M] () -- C:\Program Files\Gadu-Gadu\spellchecker_gg.exe PRC - [2008-04-15 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2002-09-20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011-09-20 05:07:39 | 000,412,728 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\ppgooglenaclpluginchrome.dll MOD - [2011-09-20 05:07:37 | 003,696,184 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\pdf.dll MOD - [2011-09-20 05:07:08 | 000,352,312 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\Locales\pl.dll MOD - [2011-09-20 05:06:11 | 000,142,568 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\avutil-51.dll MOD - [2011-09-20 05:06:10 | 000,253,320 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\avformat-53.dll MOD - [2011-09-20 05:06:09 | 002,403,240 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\avcodec-53.dll MOD - [2011-09-20 02:32:41 | 006,338,720 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\gcswf32.dll MOD - [2011-09-14 13:03:58 | 000,420,096 | ---- | M] () -- C:\Program Files\TeamSpeak 3\plugins\clientquery_plugin.dll MOD - [2011-09-14 13:03:58 | 000,226,560 | ---- | M] () -- C:\Program Files\TeamSpeak 3\soundbackends\directsound_win32.dll MOD - [2011-09-14 13:03:58 | 000,157,440 | ---- | M] () -- C:\Program Files\TeamSpeak 3\plugins\appscanner_plugin.dll MOD - [2011-09-08 15:04:20 | 002,592,768 | ---- | M] () -- C:\Program Files\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.33\deploy\LoLLauncher.exe MOD - [2011-08-29 00:14:10 | 000,924,672 | ---- | M] () -- C:\Documents and Settings\User\Dane aplikacji\mservice32_t.exe MOD - [2011-08-20 14:27:28 | 001,290,240 | ---- | M] () -- C:\Program Files\League of Legends\RADS\system\rads_user_kernel.exe MOD - [2011-06-18 13:45:49 | 007,859,200 | ---- | M] () -- C:\Program Files\TeamSpeak 3\QtGui4.dll MOD - [2011-06-18 13:45:49 | 002,210,816 | ---- | M] () -- C:\Program Files\TeamSpeak 3\QtCore4.dll MOD - [2011-06-18 13:45:49 | 000,814,080 | ---- | M] () -- C:\Program Files\TeamSpeak 3\QtNetwork4.dll MOD - [2010-03-22 11:59:00 | 000,118,784 | ---- | M] () -- C:\Program Files\TeamSpeak 3\imageformats\_old_qjpeg4.dll MOD - [2010-03-22 11:59:00 | 000,025,088 | ---- | M] () -- C:\Program Files\TeamSpeak 3\imageformats\_old_qgif4.dll MOD - [2009-07-13 09:18:26 | 001,904,640 | ---- | M] () -- C:\Program Files\Gadu-Gadu\ggsip.dll MOD - [2009-07-13 09:16:14 | 000,077,824 | ---- | M] () -- C:\Program Files\Gadu-Gadu\spellchecker_gg.exe MOD - [2009-07-10 09:40:26 | 000,212,992 | ---- | M] () -- C:\Program Files\Gadu-Gadu\gglog.dll MOD - [2009-07-10 09:40:26 | 000,118,784 | ---- | M] () -- C:\Program Files\Gadu-Gadu\ggipcradioproxy.dll MOD - [2009-07-10 09:40:26 | 000,023,040 | ---- | M] () -- C:\Program Files\Gadu-Gadu\ggcrypto.dll MOD - [2009-07-10 09:40:26 | 000,012,800 | ---- | M] () -- C:\Program Files\Gadu-Gadu\ggipc.dll MOD - [2009-07-10 09:40:24 | 000,352,256 | ---- | M] () -- C:\Program Files\Gadu-Gadu\ggcommon.dll MOD - [2009-06-26 11:29:28 | 002,195,456 | ---- | M] () -- C:\Program Files\Gadu-Gadu\QtCore4.dll MOD - [2009-06-26 11:29:28 | 000,970,752 | ---- | M] () -- C:\Program Files\Gadu-Gadu\QtNetwork4.dll MOD - [2009-06-26 11:29:26 | 011,677,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu\QtWebKit4.dll MOD - [2009-06-26 11:29:26 | 008,024,064 | ---- | M] () -- C:\Program Files\Gadu-Gadu\QtGui4.dll MOD - [2009-06-26 11:29:22 | 000,393,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu\QtXml4.dll MOD - [2009-06-26 11:29:20 | 000,299,008 | ---- | M] () -- C:\Program Files\Gadu-Gadu\QtSvg4.dll MOD - [2009-06-26 11:28:26 | 000,303,104 | ---- | M] () -- C:\Program Files\Gadu-Gadu\imageformats\qtiff4.dll MOD - [2009-06-26 11:28:26 | 000,143,360 | ---- | M] () -- C:\Program Files\Gadu-Gadu\imageformats\qjpeg4.dll MOD - [2009-06-26 11:28:26 | 000,023,552 | ---- | M] () -- C:\Program Files\Gadu-Gadu\imageformats\qgif4.dll MOD - [2009-06-26 11:28:26 | 000,018,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu\imageformats\qsvg4.dll MOD - [2009-06-26 11:28:22 | 000,274,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu\imageformats\qmng4.dll MOD - [2009-06-23 13:27:48 | 000,059,904 | ---- | M] () -- C:\Program Files\Gadu-Gadu\zlib1.dll MOD - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-01-12 16:44:02 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2011-01-12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2002-09-20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default)) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-12-21 15:04:06 | 000,141,264 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2010-12-21 15:04:06 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010-12-21 13:47:38 | 000,094,872 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir) DRV - [2008-04-14 00:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) DRV - [2007-12-05 07:26:40 | 002,782,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2007-11-05 09:55:04 | 000,017,952 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Radeon Omega Drivers\v4.8.442\ATI Tray Tools\atitray.sys -- (atitray) DRV - [2007-03-22 18:35:40 | 001,659,008 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\p17xfilt.sys -- (p17xfilt) DRV - [2006-09-25 11:58:54 | 001,173,504 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17xfi.sys -- (P17xfi) DRV - [2006-08-07 13:30:52 | 000,162,176 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctusfsyn.sys -- (CTUSFSYN) DRV - [2005-12-08 05:54:52 | 000,114,688 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv) DRV - [2005-12-08 05:54:44 | 000,142,336 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k) DRV - [2004-08-28 14:54:38 | 000,033,995 | ---- | M] (Sonic Focus, Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sf.sys -- (sf) DRV - [2004-04-26 11:49:56 | 000,381,056 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt) DRV - [2002-09-20 12:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-06-17 11:42:19 | 000,000,000 | ---D | M] [2011-02-14 16:15:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Extensions [2011-04-20 11:02:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\lrc5rc70.default\extensions [2011-04-20 11:02:53 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\lrc5rc70.default\extensions\IplextoALL@ALLPlayer.org [2011-07-30 21:29:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-07-30 21:29:52 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-02-14 15:04:09 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\pdf.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2011-06-16 20:42:11 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O4 - HKCU..\RunOnce: [Update] File not found O4 - HKCU..\RunOnce: [UpdateT] C:\Documents and Settings\User\Dane aplikacji\mservice32_t.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.62 62.179.1.63 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4075A6AF-CCF3-4E9A-AFDE-3C95C50A4CCC}: DhcpNameServer = 62.179.1.62 62.179.1.63 O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-02-14 14:36:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^User^Menu Start^Programy^Autostart^Xfire.lnk - C:\Program Files\Xfire\Xfire.exe - (Xfire Inc.) MsConfig - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - C:\Program Files\ALLPlayer\ALLUpdate.exe () MsConfig - StartUpReg: [b]AtiPTA[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]egui[/b] - hkey= - key= - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) MsConfig - StartUpReg: [b]Nowe Gadu-Gadu[/b] - hkey= - key= - C:\Program Files\Gadu-Gadu\gg.exe (GG Network S.A.) MsConfig - StartUpReg: [b]P17Helper[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig - StartUpReg: [b]SnoopFreeUI[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]SoundMAXPnP[/b] - hkey= - key= - C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.) MsConfig - StartUpReg: [b]SpybotSD TeaTimer[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]StartCCC[/b] - hkey= - key= - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 1 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-09-15 17:41:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\stamina [2011-09-15 17:41:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Konnekt [2011-09-15 17:41:01 | 000,000,000 | ---D | C] -- C:\Program Files\Konnekt [2011-09-07 23:20:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Menu Start\Programy\Fraps [2011-09-07 23:20:13 | 000,000,000 | ---D | C] -- C:\Fraps [2011-08-31 16:38:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\VentriloMix [2011-08-31 16:38:22 | 000,000,000 | ---D | C] -- C:\Program Files\VentriloMix [2011-08-30 19:58:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\riotsGamesLogs [2011-02-14 14:44:23 | 000,065,536 | R--- | C] ( ) -- C:\WINDOWS\System32\A3d.dll [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-09-29 17:46:00 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-1957994488-1547161642-1003UA.job [2011-09-29 13:51:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-09-28 18:46:00 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-1957994488-1547161642-1003Core.job [2011-09-28 13:44:31 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-09-23 14:18:53 | 000,060,693 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\dota.jpg [2011-09-23 13:56:05 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-09-22 18:49:10 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2011-09-21 13:49:15 | 000,002,295 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Google Chrome.lnk [2011-09-16 18:42:50 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011-09-07 23:32:11 | 000,004,608 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-09-01 01:01:50 | 000,000,758 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Spam ue .elfc [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-09-23 14:18:57 | 000,060,693 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\dota.jpg [2011-09-01 01:04:27 | 000,000,758 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Spam ue .elfc [2011-08-29 14:15:20 | 000,924,672 | ---- | C] () -- C:\Documents and Settings\User\Dane aplikacji\mservice32_t.exe [2011-08-27 00:21:30 | 000,042,392 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll [2011-06-16 20:34:39 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2011-06-16 20:34:39 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2011-06-16 20:34:39 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2011-06-16 20:34:39 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2011-06-16 20:34:39 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011-06-16 01:13:51 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat [2011-06-16 01:13:51 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat [2011-04-26 11:35:55 | 000,000,525 | ---- | C] () -- C:\Program Files\Common Files\userInit.dll [2011-04-20 14:47:30 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-04-20 11:02:55 | 000,810,496 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2011-04-20 11:02:54 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll [2011-04-20 11:01:12 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-02-15 13:25:43 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2011-02-14 16:37:37 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\atiiprxx.exe [2011-02-14 16:37:34 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat [2011-02-14 16:37:33 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini [2011-02-14 16:37:27 | 000,472,576 | ---- | C] () -- C:\WINDOWS\Radeon Omega Drivers v4.8.442 Uninstall.exe [2011-02-14 16:14:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2011-02-14 15:42:56 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\antiwpa.dll [2011-02-14 15:36:04 | 000,003,118 | ---- | C] () -- C:\WINDOWS\System32\AudioDrv.ini [2011-02-14 15:35:52 | 000,022,478 | R--- | C] () -- C:\WINDOWS\System32\Ludap17.ini [2011-02-14 15:35:52 | 000,000,054 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini [2011-02-14 15:35:22 | 000,008,251 | R--- | C] () -- C:\WINDOWS\sfsyn.ini [2011-02-14 15:35:21 | 000,137,216 | R--- | C] () -- C:\WINDOWS\System32\OemSpi.dll [2011-02-14 15:35:21 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\P17CPI.dll [2011-02-14 15:22:51 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011-02-14 15:21:42 | 000,096,664 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-02-14 14:55:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2011-02-14 14:42:53 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe [2011-02-14 14:38:11 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011-02-14 14:33:07 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2011-02-11 14:41:20 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2011-02-11 14:41:20 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2011-02-11 14:41:19 | 000,158,080 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2008-04-15 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2008-04-15 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2008-04-15 14:00:00 | 000,490,636 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2008-04-15 14:00:00 | 000,432,708 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2008-04-15 14:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2008-04-15 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2008-04-15 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2008-04-15 14:00:00 | 000,083,832 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2008-04-15 14:00:00 | 000,067,484 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2008-04-15 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2008-04-15 14:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2008-04-15 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2008-04-15 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2008-04-15 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2008-04-15 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2008-04-15 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [color=#E56717]========== LOP Check ==========[/color] [2011-02-15 12:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2011-06-17 11:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2011-07-21 20:14:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2011-09-15 17:41:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\stamina [2011-09-15 21:10:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2011-04-18 21:11:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\id Software [2011-02-15 13:46:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\LolClient [2011-07-28 20:36:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Mumble [2011-02-15 14:08:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Nowe Gadu-Gadu [2011-02-15 13:06:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\OpenFM [2011-04-21 16:53:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Opera [2011-08-08 19:03:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\TeamViewer [2011-09-14 21:50:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Tibia [2011-08-09 01:12:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Tibiacast [2011-06-19 13:10:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\TS3Client [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2011-02-14 14:36:02 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2011-02-14 14:28:29 | 000,000,211 | ---- | M] () -- C:\Boot.bak [2011-07-30 20:15:13 | 000,000,327 | RHS- | M] () -- C:\boot.ini [2008-04-15 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2004-08-03 23:00:14 | 000,262,400 | RHS- | M] () -- C:\cmldr [2011-06-16 20:44:38 | 000,008,673 | ---- | M] () -- C:\ComboFix.txt [2011-02-14 14:36:02 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2011-02-14 14:36:02 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2011-02-14 14:36:02 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008-04-15 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008-04-15 14:00:00 | 000,251,152 | RHS- | M] () -- C:\ntldr [2011-09-29 13:51:04 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-04-14 02:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\AGP440.SYS [2008-04-14 02:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\AGP440.SYS [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-15 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys [2008-04-15 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys [2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-15 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ERDNT\cache\eventlog.dll [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-15 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys [2008-04-15 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys [2008-04-15 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ERDNT\cache\winlogon.exe [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 231 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B < End of report > [/log] [url="http://www.forumpc.pl/index.php?showtopic=225096"]http://www.forumpc.pl/index.php?showtopic=225096[/url]
Gość komentarz 29 września 2011 komentarz 29 września 2011 1. Uruchom OTL i w oknie [b]Własne opcje skanowania/Skrypt[/b] wklej następujący tekst: [php]:Files C:\Documents and Settings\User\Dane aplikacji\mservice32_t.exe :OTL 4 - HKCU..\RunOnce: [Update] File not found O4 - HKCU..\RunOnce: [UpdateT] C:\Documents and Settings\User\Dane aplikacji\mservice32_t.exe () @Alternate Data Stream - 231 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6BE50C2B :Commands [emptyflash] [emptytemp][/php] Kliknij w wykonaj skrypt. 2. Uruchamiasz OTL ponownie z opcji Skanuj. Wstawiasz nowe logi OTL i EXtras 1
tobeto komentarz 29 września 2011 Autor komentarz 29 września 2011 OTL. [log]OTL logfile created on: 2011-09-29 19:25:31 - Run 2 OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\User\Moje dokumenty\Downloads Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 72,64% Memory free 3,85 Gb Paging File | 3,42 Gb Available in Paging File | 88,71% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 50,85 Gb Total Space | 29,26 Gb Free Space | 57,54% Space Free | Partition Type: NTFS Drive D: | 50,86 Gb Total Space | 19,86 Gb Free Space | 39,05% Space Free | Partition Type: NTFS Drive E: | 47,34 Gb Total Space | 45,25 Gb Free Space | 95,58% Space Free | Partition Type: NTFS Computer Name: USER-AE38C3653C | User Name: User | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-09-29 17:37:48 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Moje dokumenty\Downloads\OTL.exe PRC - [2011-09-20 05:07:40 | 001,030,200 | ---- | M] (Google Inc.) -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe PRC - [2011-02-14 15:04:09 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2011-01-12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2010-08-17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2009-08-06 20:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe PRC - [2009-07-13 10:19:56 | 010,707,560 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe PRC - [2009-07-13 09:16:14 | 000,077,824 | ---- | M] () -- C:\Program Files\Gadu-Gadu\spellchecker_gg.exe PRC - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2009-02-06 12:10:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2008-04-15 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-15 14:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2008-04-15 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-15 14:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-15 14:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2008-04-15 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-15 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2007-12-05 04:53:58 | 000,495,616 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2002-09-20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-09-29 17:37:48 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Moje dokumenty\Downloads\OTL.exe MOD - [2011-09-20 05:07:40 | 001,030,200 | ---- | M] (Google Inc.) -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe MOD - [2011-09-20 05:07:39 | 000,412,728 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\ppgooglenaclpluginchrome.dll MOD - [2011-09-20 05:07:37 | 003,696,184 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\pdf.dll MOD - [2011-09-20 05:07:08 | 000,352,312 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\Locales\pl.dll MOD - [2011-09-20 05:06:19 | 009,848,888 | ---- | M] (The ICU Project) -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\icudt.dll MOD - [2011-09-20 05:06:14 | 027,574,840 | ---- | M] (Google Inc.) -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\chrome.dll MOD - [2011-09-20 05:06:11 | 000,142,568 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\avutil-51.dll MOD - [2011-09-20 05:06:10 | 000,253,320 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\avformat-53.dll MOD - [2011-09-20 05:06:09 | 002,403,240 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\avcodec-53.dll MOD - [2011-09-20 02:32:41 | 006,338,720 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\gcswf32.dll MOD - [2011-09-09 11:12:03 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll MOD - [2011-06-21 20:18:34 | 001,510,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll MOD - [2011-06-21 20:18:34 | 001,025,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll MOD - [2011-06-21 20:18:34 | 000,669,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll MOD - [2011-06-21 20:18:34 | 000,628,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll MOD - [2011-04-29 19:25:11 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll MOD - [2011-03-25 06:15:42 | 005,912,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll MOD - [2011-03-03 08:55:00 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll MOD - [2011-02-14 15:04:09 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Java\jre6\bin\msvcr71.dll MOD - [2011-02-14 15:04:09 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe MOD - [2011-02-08 15:33:57 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42u.dll MOD - [2011-01-21 16:44:11 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2011-01-12 16:46:26 | 000,286,904 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnUpdate.dll MOD - [2011-01-12 16:46:26 | 000,241,584 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\updater.dll MOD - [2011-01-12 16:45:12 | 000,122,104 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnMailPlugins.dll MOD - [2011-01-12 16:42:50 | 000,175,664 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnScan.dll MOD - [2011-01-12 16:42:08 | 000,558,824 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEpfw.dll MOD - [2011-01-12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe MOD - [2011-01-12 16:41:02 | 000,117,984 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEmon.dll MOD - [2011-01-12 16:40:34 | 000,117,984 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnDmon.dll MOD - [2011-01-12 16:39:38 | 000,179,784 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnAmon.dll MOD - [2010-12-22 14:34:22 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll MOD - [2010-12-20 19:32:08 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2010-12-20 19:25:52 | 000,732,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll MOD - [2010-12-09 17:15:25 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2010-11-09 16:52:35 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll MOD - [2010-08-27 07:54:13 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll MOD - [2010-08-23 18:12:55 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll MOD - [2010-08-23 18:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2010-08-17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe MOD - [2010-08-16 10:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2010-07-16 14:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2010-04-16 17:38:53 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll MOD - [2010-02-05 20:27:40 | 001,295,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\quartz.dll MOD - [2009-12-24 09:04:53 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll MOD - [2009-12-08 11:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-11-07 02:07:08 | 000,049,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netfxperf.dll MOD - [2009-11-07 02:07:04 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscoree.dll MOD - [2009-10-13 12:34:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll MOD - [2009-10-12 15:40:13 | 000,150,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll MOD - [2009-10-12 15:40:13 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll MOD - [2009-09-11 16:19:43 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll MOD - [2009-09-04 23:05:35 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll MOD - [2009-08-25 11:19:45 | 000,354,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll MOD - [2009-08-11 12:37:30 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Program Files\ESET\ESET NOD32 Antivirus\msvcr80.dll MOD - [2009-08-11 12:37:30 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Program Files\ESET\ESET NOD32 Antivirus\msvcp80.dll MOD - [2009-08-06 20:24:10 | 000,044,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wups2.dll MOD - [2009-08-06 20:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe MOD - [2009-08-06 20:23:46 | 001,929,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuaueng.dll MOD - [2009-07-28 01:19:10 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll MOD - [2009-07-17 21:04:02 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll MOD - [2009-07-17 18:17:57 | 001,439,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\query.dll MOD - [2009-07-13 10:19:56 | 010,707,560 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe MOD - [2009-07-13 09:18:26 | 001,904,640 | ---- | M] () -- C:\Program Files\Gadu-Gadu\ggsip.dll MOD - [2009-07-13 09:16:14 | 000,077,824 | ---- | M] () -- C:\Program Files\Gadu-Gadu\spellchecker_gg.exe MOD - [2009-07-10 09:40:26 | 000,212,992 | ---- | M] () -- C:\Program Files\Gadu-Gadu\gglog.dll MOD - [2009-07-10 09:40:26 | 000,118,784 | ---- | M] () -- C:\Program Files\Gadu-Gadu\ggipcradioproxy.dll MOD - [2009-07-10 09:40:26 | 000,023,040 | ---- | M] () -- C:\Program Files\Gadu-Gadu\ggcrypto.dll MOD - [2009-07-10 09:40:26 | 000,012,800 | ---- | M] () -- C:\Program Files\Gadu-Gadu\ggipc.dll MOD - [2009-07-10 09:40:24 | 000,352,256 | ---- | M] () -- C:\Program Files\Gadu-Gadu\ggcommon.dll MOD - [2009-06-26 11:29:28 | 002,195,456 | ---- | M] () -- C:\Program Files\Gadu-Gadu\QtCore4.dll MOD - [2009-06-26 11:29:28 | 000,970,752 | ---- | M] () -- C:\Program Files\Gadu-Gadu\QtNetwork4.dll MOD - [2009-06-26 11:29:26 | 011,677,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu\QtWebKit4.dll MOD - [2009-06-26 11:29:26 | 008,024,064 | ---- | M] () -- C:\Program Files\Gadu-Gadu\QtGui4.dll MOD - [2009-06-26 11:29:22 | 000,393,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu\QtXml4.dll MOD - [2009-06-26 11:29:20 | 000,299,008 | ---- | M] () -- C:\Program Files\Gadu-Gadu\QtSvg4.dll MOD - [2009-06-26 11:28:26 | 000,303,104 | ---- | M] () -- C:\Program Files\Gadu-Gadu\imageformats\qtiff4.dll MOD - [2009-06-26 11:28:26 | 000,143,360 | ---- | M] () -- C:\Program Files\Gadu-Gadu\imageformats\qjpeg4.dll MOD - [2009-06-26 11:28:26 | 000,023,552 | ---- | M] () -- C:\Program Files\Gadu-Gadu\imageformats\qgif4.dll MOD - [2009-06-26 11:28:26 | 000,018,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu\imageformats\qsvg4.dll MOD - [2009-06-26 11:28:22 | 000,274,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu\imageformats\qmng4.dll MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-06-25 10:27:54 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll MOD - [2009-06-23 13:28:52 | 000,327,680 | ---- | M] (http://hunspell.sourceforge.net/) -- C:\Program Files\Gadu-Gadu\libhunspell.dll MOD - [2009-06-23 13:28:50 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Gadu-Gadu\dbghelp.dll MOD - [2009-06-23 13:28:50 | 000,176,128 | ---- | M] (The cURL library, http://curl.haxx.se/) -- C:\Program Files\Gadu-Gadu\libcurl.dll MOD - [2009-06-23 13:27:48 | 001,048,576 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Gadu-Gadu\libeay32.dll MOD - [2009-06-23 13:27:48 | 000,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Gadu-Gadu\ssleay32.dll MOD - [2009-06-23 13:27:48 | 000,059,904 | ---- | M] () -- C:\Program Files\Gadu-Gadu\zlib1.dll MOD - [2009-06-10 08:16:42 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll MOD - [2009-05-07 17:34:14 | 000,347,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll MOD - [2009-03-21 16:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-03-06 16:22:12 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll MOD - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 12:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll MOD - [2009-02-09 12:53:44 | 000,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll MOD - [2009-02-09 12:53:43 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-10-15 18:36:55 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll MOD - [2008-07-25 12:17:20 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll MOD - [2008-07-25 12:17:20 | 000,558,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll MOD - [2008-07-25 12:17:02 | 000,088,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll MOD - [2008-07-25 12:17:00 | 000,089,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll MOD - [2008-07-25 12:16:40 | 000,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll MOD - [2008-07-07 22:29:10 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll MOD - [2008-07-06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll MOD - [2008-06-24 18:46:33 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll MOD - [2008-06-20 18:04:23 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll MOD - [2008-06-12 16:23:52 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcprx.dll MOD - [2008-06-12 16:23:52 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcuiu.dll MOD - [2008-06-12 16:23:52 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll MOD - [2008-04-15 14:00:00 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll MOD - [2008-04-15 14:00:00 | 002,843,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll MOD - [2008-04-15 14:00:00 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll MOD - [2008-04-15 14:00:00 | 001,710,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll MOD - [2008-04-15 14:00:00 | 001,267,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll MOD - [2008-04-15 14:00:00 | 001,092,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll MOD - [2008-04-15 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe MOD - [2008-04-15 14:00:00 | 001,000,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll MOD - [2008-04-15 14:00:00 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-15 14:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-15 14:00:00 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2008-04-15 14:00:00 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll MOD - [2008-04-15 14:00:00 | 000,675,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll MOD - [2008-04-15 14:00:00 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll MOD - [2008-04-15 14:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-15 14:00:00 | 000,531,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll MOD - [2008-04-15 14:00:00 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll MOD - [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe MOD - [2008-04-15 14:00:00 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-15 14:00:00 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll MOD - [2008-04-15 14:00:00 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\riched20.dll MOD - [2008-04-15 14:00:00 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll MOD - [2008-04-15 14:00:00 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll MOD - [2008-04-15 14:00:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll MOD - [2008-04-15 14:00:00 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qmgr.dll MOD - [2008-04-15 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll MOD - [2008-04-15 14:00:00 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll MOD - [2008-04-15 14:00:00 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dsound.dll MOD - [2008-04-15 14:00:00 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll MOD - [2008-04-15 14:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-15 14:00:00 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll MOD - [2008-04-15 14:00:00 | 000,330,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipnathlp.dll MOD - [2008-04-15 14:00:00 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll MOD - [2008-04-15 14:00:00 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\duser.dll MOD - [2008-04-15 14:00:00 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll MOD - [2008-04-15 14:00:00 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-15 14:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll MOD - [2008-04-15 14:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ddraw.dll MOD - [2008-04-15 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll MOD - [2008-04-15 14:00:00 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll MOD - [2008-04-15 14:00:00 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll MOD - [2008-04-15 14:00:00 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll MOD - [2008-04-15 14:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-15 14:00:00 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll MOD - [2008-04-15 14:00:00 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll MOD - [2008-04-15 14:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll MOD - [2008-04-15 14:00:00 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll MOD - [2008-04-15 14:00:00 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll MOD - [2008-04-15 14:00:00 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll MOD - [2008-04-15 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll MOD - [2008-04-15 14:00:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-15 14:00:00 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll MOD - [2008-04-15 14:00:00 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll MOD - [2008-04-15 14:00:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll MOD - [2008-04-15 14:00:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll MOD - [2008-04-15 14:00:00 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll MOD - [2008-04-15 14:00:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2008-04-15 14:00:00 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll MOD - [2008-04-15 14:00:00 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll MOD - [2008-04-15 14:00:00 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll MOD - [2008-04-15 14:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-15 14:00:00 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll MOD - [2008-04-15 14:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprov.dll MOD - [2008-04-15 14:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\onex.dll MOD - [2008-04-15 14:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll MOD - [2008-04-15 14:00:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll MOD - [2008-04-15 14:00:00 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll MOD - [2008-04-15 14:00:00 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll MOD - [2008-04-15 14:00:00 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll MOD - [2008-04-15 14:00:00 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll MOD - [2008-04-15 14:00:00 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappcfg.dll MOD - [2008-04-15 14:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe MOD - [2008-04-15 14:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll MOD - [2008-04-15 14:00:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll MOD - [2008-04-15 14:00:00 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll MOD - [2008-04-15 14:00:00 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll MOD - [2008-04-15 14:00:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2008-04-15 14:00:00 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll MOD - [2008-04-15 14:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-15 14:00:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2008-04-15 14:00:00 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll MOD - [2008-04-15 14:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll MOD - [2008-04-15 14:00:00 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advpack.dll MOD - [2008-04-15 14:00:00 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll MOD - [2008-04-15 14:00:00 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\loadperf.dll MOD - [2008-04-15 14:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll MOD - [2008-04-15 14:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll MOD - [2008-04-15 14:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll MOD - [2008-04-15 14:00:00 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll MOD - [2008-04-15 14:00:00 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll MOD - [2008-04-15 14:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll MOD - [2008-04-15 14:00:00 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll MOD - [2008-04-15 14:00:00 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiaprpl.dll MOD - [2008-04-15 14:00:00 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll MOD - [2008-04-15 14:00:00 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-15 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll MOD - [2008-04-15 14:00:00 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll MOD - [2008-04-15 14:00:00 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscsvc.dll MOD - [2008-04-15 14:00:00 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll MOD - [2008-04-15 14:00:00 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qutil.dll MOD - [2008-04-15 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll MOD - [2008-04-15 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll MOD - [2008-04-15 14:00:00 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll MOD - [2008-04-15 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-15 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browselc.dll MOD - [2008-04-15 14:00:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll MOD - [2008-04-15 14:00:00 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll MOD - [2008-04-15 14:00:00 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptnet.dll MOD - [2008-04-15 14:00:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2008-04-15 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll MOD - [2008-04-15 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll MOD - [2008-04-15 14:00:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll MOD - [2008-04-15 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll MOD - [2008-04-15 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll MOD - [2008-04-15 14:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll MOD - [2008-04-15 14:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\devenum.dll MOD - [2008-04-15 14:00:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll MOD - [2008-04-15 14:00:00 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll MOD - [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll MOD - [2008-04-15 14:00:00 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll MOD - [2008-04-15 14:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll MOD - [2008-04-15 14:00:00 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll MOD - [2008-04-15 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe MOD - [2008-04-15 14:00:00 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll MOD - [2008-04-15 14:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll MOD - [2008-04-15 14:00:00 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll MOD - [2008-04-15 14:00:00 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll MOD - [2008-04-15 14:00:00 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll MOD - [2008-04-15 14:00:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll MOD - [2008-04-15 14:00:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll MOD - [2008-04-15 14:00:00 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemsvc.dll MOD - [2008-04-15 14:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll MOD - [2008-04-15 14:00:00 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfctrs.dll MOD - [2008-04-15 14:00:00 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappprxy.dll MOD - [2008-04-15 14:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll MOD - [2008-04-15 14:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcAdProc.dll MOD - [2008-04-15 14:00:00 | 000,038,400 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll MOD - [2008-04-15 14:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll MOD - [2008-04-15 14:00:00 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll MOD - [2008-04-15 14:00:00 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll MOD - [2008-04-15 14:00:00 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll MOD - [2008-04-15 14:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll MOD - [2008-04-15 14:00:00 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll MOD - [2008-04-15 14:00:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\traffic.dll MOD - [2008-04-15 14:00:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eapolqec.dll MOD - [2008-04-15 14:00:00 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mspatcha.dll MOD - [2008-04-15 14:00:00 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll MOD - [2008-04-15 14:00:00 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll MOD - [2008-04-15 14:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll MOD - [2008-04-15 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\utildll.dll MOD - [2008-04-15 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3api.dll MOD - [2008-04-15 14:00:00 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll MOD - [2008-04-15 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shfolder.dll MOD - [2008-04-15 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll MOD - [2008-04-15 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll MOD - [2008-04-15 14:00:00 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll MOD - [2008-04-15 14:00:00 | 000,024,064 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmserver.dll MOD - [2008-04-15 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-15 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ersvc.dll MOD - [2008-04-15 14:00:00 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lpk.dll MOD - [2008-04-15 14:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv MOD - [2008-04-15 14:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll MOD - [2008-04-15 14:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll MOD - [2008-04-15 14:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll MOD - [2008-04-15 14:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll MOD - [2008-04-15 14:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dimsntfy.dll MOD - [2008-04-15 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll MOD - [2008-04-15 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-15 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll MOD - [2008-04-15 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll MOD - [2008-04-15 14:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll MOD - [2008-04-15 14:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll MOD - [2008-04-15 14:00:00 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfnet.dll MOD - [2008-04-15 14:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll MOD - [2008-04-15 14:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll MOD - [2008-04-15 14:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll MOD - [2008-04-15 14:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cfgmgr32.dll MOD - [2008-04-15 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll MOD - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe MOD - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll MOD - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2008-04-15 14:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe MOD - [2008-04-15 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe MOD - [2008-04-15 14:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfts.dll MOD - [2008-04-15 14:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll MOD - [2008-04-15 14:00:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll MOD - [2008-04-15 14:00:00 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pschdprf.dll MOD - [2008-04-15 14:00:00 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpperf.dll MOD - [2008-04-15 14:00:00 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3dlg.dll MOD - [2008-04-15 14:00:00 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dciman32.dll MOD - [2008-04-15 14:00:00 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll MOD - [2008-04-15 14:00:00 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapres.dll MOD - [2008-04-15 14:00:00 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll MOD - [2008-04-15 14:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauserv.dll MOD - [2008-04-15 14:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msidle.dll MOD - [2008-04-15 14:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll MOD - [2008-04-15 14:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapiperf.dll MOD - [2008-04-15 14:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll MOD - [2008-04-15 14:00:00 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll MOD - [2008-04-14 23:51:58 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv MOD - [2008-04-14 22:50:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidserv.dll MOD - [2007-12-05 04:56:02 | 000,147,456 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\system32\atipdlxx.dll MOD - [2007-12-05 04:55:34 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\system32\ati2edxx.dll MOD - [2007-12-05 04:55:20 | 000,122,880 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.dll MOD - [2007-12-05 04:53:58 | 000,495,616 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe MOD - [2002-09-20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-01-12 16:44:02 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2011-01-12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2002-09-20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default)) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-12-21 15:04:06 | 000,141,264 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2010-12-21 15:04:06 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010-12-21 13:47:38 | 000,094,872 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir) DRV - [2008-04-14 00:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) DRV - [2007-12-05 07:26:40 | 002,782,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2007-11-05 09:55:04 | 000,017,952 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Radeon Omega Drivers\v4.8.442\ATI Tray Tools\atitray.sys -- (atitray) DRV - [2007-03-22 18:35:40 | 001,659,008 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\p17xfilt.sys -- (p17xfilt) DRV - [2006-09-25 11:58:54 | 001,173,504 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17xfi.sys -- (P17xfi) DRV - [2006-08-07 13:30:52 | 000,162,176 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctusfsyn.sys -- (CTUSFSYN) DRV - [2005-12-08 05:54:52 | 000,114,688 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv) DRV - [2005-12-08 05:54:44 | 000,142,336 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k) DRV - [2004-08-28 14:54:38 | 000,033,995 | ---- | M] (Sonic Focus, Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sf.sys -- (sf) DRV - [2004-04-26 11:49:56 | 000,381,056 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt) DRV - [2002-09-20 12:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-06-17 11:42:19 | 000,000,000 | ---D | M] [2011-02-14 16:15:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Extensions [2011-04-20 11:02:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\lrc5rc70.default\extensions [2011-04-20 11:02:53 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\lrc5rc70.default\extensions\IplextoALL@ALLPlayer.org [2011-07-30 21:29:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-07-30 21:29:52 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-02-14 15:04:09 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\pdf.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2011-06-16 20:42:11 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.62 62.179.1.63 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4075A6AF-CCF3-4E9A-AFDE-3C95C50A4CCC}: DhcpNameServer = 62.179.1.62 62.179.1.63 O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-02-14 14:36:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^User^Menu Start^Programy^Autostart^Xfire.lnk - C:\Program Files\Xfire\Xfire.exe - (Xfire Inc.) MsConfig - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - C:\Program Files\ALLPlayer\ALLUpdate.exe () MsConfig - StartUpReg: [b]AtiPTA[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]egui[/b] - hkey= - key= - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) MsConfig - StartUpReg: [b]Nowe Gadu-Gadu[/b] - hkey= - key= - C:\Program Files\Gadu-Gadu\gg.exe (GG Network S.A.) MsConfig - StartUpReg: [b]P17Helper[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig - StartUpReg: [b]SnoopFreeUI[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]SoundMAXPnP[/b] - hkey= - key= - C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.) MsConfig - StartUpReg: [b]SpybotSD TeaTimer[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]StartCCC[/b] - hkey= - key= - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 1 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-09-29 19:18:34 | 000,000,000 | ---D | C] -- C:\_OTL [2011-09-15 17:41:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\stamina [2011-09-15 17:41:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Konnekt [2011-09-15 17:41:01 | 000,000,000 | ---D | C] -- C:\Program Files\Konnekt [2011-09-07 23:20:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Menu Start\Programy\Fraps [2011-09-07 23:20:13 | 000,000,000 | ---D | C] -- C:\Fraps [2011-08-31 16:38:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\VentriloMix [2011-08-31 16:38:22 | 000,000,000 | ---D | C] -- C:\Program Files\VentriloMix [2011-08-30 19:58:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\riotsGamesLogs [2011-08-26 16:49:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Menu Start\Programy\Counter-Strike [2011-08-26 16:44:04 | 000,000,000 | ---D | C] -- C:\Program Files\Counter-Strike [2011-08-26 16:41:48 | 000,000,000 | ---D | C] -- C:\Program Files\CS1.6_v32_by_Lukasz [2011-08-23 15:33:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ElfBot NG [2011-08-23 15:33:37 | 000,000,000 | ---D | C] -- C:\Program Files\ElfBot NG [2011-08-23 15:06:37 | 000,000,000 | ---D | C] -- C:\Program Files\Tibia8.6 [2011-08-23 14:58:11 | 000,000,000 | ---D | C] -- C:\Program Files\Asprate [2011-08-22 22:17:14 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView [2011-08-15 15:19:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Dane aplikacji\Ventrilo [2011-08-14 19:10:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\burning [2011-08-09 01:12:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Dane aplikacji\Tibiacast [2011-08-09 01:11:49 | 000,000,000 | ---D | C] -- C:\Program Files\Tibiacast [2011-08-09 01:11:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Tibiacast [2011-08-08 19:03:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Dane aplikacji\TeamViewer [2011-08-08 19:03:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\TeamViewer 6 [2011-08-08 19:03:27 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer [2011-08-08 18:51:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ESE [2011-08-05 13:07:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Aspyr [2011-08-05 13:07:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Moje dokumenty\Aspyr [2011-08-05 13:06:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\User\Dane aplikacji\SecuROM [2011-08-05 13:06:23 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll [2011-08-05 12:55:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Activision [2011-08-05 12:50:00 | 000,000,000 | ---D | C] -- C:\Program Files\Aspyr [2011-08-02 02:34:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Dane aplikacji\Tibia [2011-08-02 02:34:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Tibia [2011-08-02 02:34:04 | 000,000,000 | ---D | C] -- C:\Program Files\Tibia [2011-02-14 14:44:23 | 000,065,536 | R--- | C] ( ) -- C:\WINDOWS\System32\A3d.dll [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-09-29 19:21:41 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2011-09-29 19:21:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-09-29 19:20:25 | 003,145,728 | -H-- | M] () -- C:\Documents and Settings\User\NTUSER.DAT [2011-09-29 19:20:25 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\User\ntuser.ini [2011-09-29 18:46:01 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-1957994488-1547161642-1003Core.job [2011-09-29 18:46:00 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-1957994488-1547161642-1003UA.job [2011-09-29 08:43:06 | 003,738,740 | -H-- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\IconCache.db [2011-09-28 13:44:31 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-09-23 14:18:53 | 000,060,693 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\dota.jpg [2011-09-23 13:56:05 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-09-22 18:49:10 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2011-09-21 13:49:15 | 000,002,295 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Google Chrome.lnk [2011-09-16 18:42:50 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011-09-07 23:32:11 | 000,004,608 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-09-01 01:01:50 | 000,000,758 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Spam ue .elfc [2011-08-27 00:21:30 | 000,042,392 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll [2011-08-26 16:49:44 | 000,001,627 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Counter-Strike.lnk [2011-08-25 16:13:06 | 002,358,008 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\ElfBot NG.rar [2011-08-23 15:06:39 | 000,000,663 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Tibia.lnk [2011-08-23 14:58:12 | 000,001,838 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk [2011-08-23 14:55:34 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\User\Moje dokumenty\ipchanger.zip [2011-08-22 22:19:26 | 000,009,990 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\skelet.gif [2011-08-22 22:19:06 | 000,009,990 | ---- | M] () -- C:\Documents and Settings\User\Moje dokumenty\avatarskeletal.gif [2011-08-22 22:18:40 | 000,009,990 | ---- | M] () -- C:\Documents and Settings\User\Moje dokumenty\Crazy-skeleton-resized-128.gif [2011-08-22 22:15:25 | 000,005,116 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Crazy-skeleton-resized-128.jpg [2011-08-11 20:56:02 | 001,043,598 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2011-08-11 20:56:02 | 000,490,636 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-08-11 20:56:02 | 000,432,708 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-08-11 20:56:02 | 000,083,832 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-08-11 20:56:02 | 000,067,484 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-08-08 19:03:31 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 6.lnk [2011-08-08 18:51:36 | 000,000,469 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ESE Account Manager.lnk [2011-08-08 16:53:07 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Skrót do TacticalOps.lnk [2011-08-05 13:06:23 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll [2011-08-05 12:55:02 | 000,000,828 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Play Guitar Hero III.lnk [2011-08-05 11:30:43 | 000,209,141 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Kontakty_3015022.xml [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-09-23 14:18:57 | 000,060,693 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\dota.jpg [2011-09-01 01:04:27 | 000,000,758 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Spam ue .elfc [2011-08-27 00:21:30 | 000,042,392 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll [2011-08-26 16:49:44 | 000,001,627 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Counter-Strike.lnk [2011-08-25 16:13:00 | 002,358,008 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\ElfBot NG.rar [2011-08-23 14:58:12 | 000,001,838 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk [2011-08-23 14:55:34 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\User\Moje dokumenty\ipchanger.zip [2011-08-22 22:19:26 | 000,009,990 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\skelet.gif [2011-08-22 22:19:06 | 000,009,990 | ---- | C] () -- C:\Documents and Settings\User\Moje dokumenty\avatarskeletal.gif [2011-08-22 22:17:54 | 000,009,990 | ---- | C] () -- C:\Documents and Settings\User\Moje dokumenty\Crazy-skeleton-resized-128.gif [2011-08-22 22:15:27 | 000,005,116 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Crazy-skeleton-resized-128.jpg [2011-08-10 23:08:42 | 003,932,214 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Shot0014.bmp [2011-08-08 19:03:31 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 6.lnk [2011-08-08 18:51:36 | 000,000,469 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ESE Account Manager.lnk [2011-08-08 16:53:07 | 000,000,944 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Skrót do TacticalOps.lnk [2011-08-05 12:55:02 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Play Guitar Hero III.lnk [2011-08-05 11:30:43 | 000,209,141 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Kontakty_3015022.xml [2011-08-02 02:34:06 | 000,000,663 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Tibia.lnk [2011-06-16 20:34:39 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2011-06-16 20:34:39 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2011-06-16 20:34:39 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2011-06-16 20:34:39 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2011-06-16 20:34:39 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011-06-16 01:13:51 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat [2011-06-16 01:13:51 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat [2011-04-26 11:35:55 | 000,000,525 | ---- | C] () -- C:\Program Files\Common Files\userInit.dll [2011-04-20 14:47:30 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-04-20 11:02:55 | 000,810,496 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2011-04-20 11:02:54 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll [2011-04-20 11:01:12 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-02-15 13:25:43 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2011-02-14 16:37:37 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\atiiprxx.exe [2011-02-14 16:37:34 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat [2011-02-14 16:37:33 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini [2011-02-14 16:37:27 | 000,472,576 | ---- | C] () -- C:\WINDOWS\Radeon Omega Drivers v4.8.442 Uninstall.exe [2011-02-14 16:14:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2011-02-14 15:42:56 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\antiwpa.dll [2011-02-14 15:36:04 | 000,003,118 | ---- | C] () -- C:\WINDOWS\System32\AudioDrv.ini [2011-02-14 15:35:52 | 000,022,478 | R--- | C] () -- C:\WINDOWS\System32\Ludap17.ini [2011-02-14 15:35:52 | 000,000,054 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini [2011-02-14 15:35:22 | 000,008,251 | R--- | C] () -- C:\WINDOWS\sfsyn.ini [2011-02-14 15:35:21 | 000,137,216 | R--- | C] () -- C:\WINDOWS\System32\OemSpi.dll [2011-02-14 15:35:21 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\P17CPI.dll [2011-02-14 15:27:09 | 000,012,328 | ---- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2011-02-14 15:22:52 | 001,043,598 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2011-02-14 15:22:51 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011-02-14 15:21:42 | 000,096,664 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-02-14 14:55:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2011-02-14 14:54:45 | 003,738,740 | -H-- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\IconCache.db [2011-02-14 14:42:53 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe [2011-02-14 14:38:11 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011-02-14 14:36:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini [2011-02-14 14:34:59 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2011-02-14 14:34:54 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2011-02-14 14:33:07 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2011-02-14 14:32:57 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini [2011-02-14 14:32:57 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini [2011-02-14 14:32:21 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini [2011-02-14 14:32:20 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini [2011-02-11 14:41:20 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2011-02-11 14:41:20 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2011-02-11 14:41:19 | 000,158,080 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2008-04-15 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2008-04-15 14:00:00 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini [2008-04-15 14:00:00 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll [2008-04-15 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2008-04-15 14:00:00 | 000,490,636 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2008-04-15 14:00:00 | 000,432,708 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2008-04-15 14:00:00 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll [2008-04-15 14:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2008-04-15 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2008-04-15 14:00:00 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll [2008-04-15 14:00:00 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll [2008-04-15 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2008-04-15 14:00:00 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll [2008-04-15 14:00:00 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll [2008-04-15 14:00:00 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll [2008-04-15 14:00:00 | 000,083,832 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2008-04-15 14:00:00 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll [2008-04-15 14:00:00 | 000,070,622 | ---- | C] () -- C:\WINDOWS\System32\edit.com [2008-04-15 14:00:00 | 000,067,484 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2008-04-15 14:00:00 | 000,053,920 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe [2008-04-15 14:00:00 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini [2008-04-15 14:00:00 | 000,051,823 | ---- | C] () -- C:\WINDOWS\System32\command.com [2008-04-15 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2008-04-15 14:00:00 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys [2008-04-15 14:00:00 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys [2008-04-15 14:00:00 | 000,039,434 | ---- | C] () -- C:\WINDOWS\System32\mem.exe [2008-04-15 14:00:00 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys [2008-04-15 14:00:00 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys [2008-04-15 14:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2008-04-15 14:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys [2008-04-15 14:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys [2008-04-15 14:00:00 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys [2008-04-15 14:00:00 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys [2008-04-15 14:00:00 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys [2008-04-15 14:00:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys [2008-04-15 14:00:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys [2008-04-15 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2008-04-15 14:00:00 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys [2008-04-15 14:00:00 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys [2008-04-15 14:00:00 | 000,020,986 | ---- | C] () -- C:\WINDOWS\System32\debug.exe [2008-04-15 14:00:00 | 000,020,629 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini [2008-04-15 14:00:00 | 000,019,806 | ---- | C] () -- C:\WINDOWS\System32\graphics.com [2008-04-15 14:00:00 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini [2008-04-15 14:00:00 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll [2008-04-15 14:00:00 | 000,014,913 | ---- | C] () -- C:\WINDOWS\System32\kb16.com [2008-04-15 14:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll [2008-04-15 14:00:00 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini [2008-04-15 14:00:00 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll [2008-04-15 14:00:00 | 000,012,866 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe [2008-04-15 14:00:00 | 000,012,594 | ---- | C] () -- C:\WINDOWS\System32\append.exe [2008-04-15 14:00:00 | 000,011,859 | ---- | C] () -- C:\WINDOWS\System32\setver.exe [2008-04-15 14:00:00 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll [2008-04-15 14:00:00 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys [2008-04-15 14:00:00 | 000,008,520 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe [2008-04-15 14:00:00 | 000,007,116 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe [2008-04-15 14:00:00 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini [2008-04-15 14:00:00 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys [2008-04-15 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2008-04-15 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2008-04-15 14:00:00 | 000,003,346 | ---- | C] () -- C:\WINDOWS\System32\redir.exe [2008-04-15 14:00:00 | 000,003,260 | ---- | C] () -- C:\WINDOWS\System32\nw16.exe [2008-04-15 14:00:00 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini [2008-04-15 14:00:00 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini [2008-04-15 14:00:00 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv [2008-04-15 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2008-04-15 14:00:00 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini [2008-04-15 14:00:00 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini [2008-04-15 14:00:00 | 000,001,168 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com [2008-04-15 14:00:00 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\vwipxspx.exe [2008-04-15 14:00:00 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe [2008-04-15 14:00:00 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe [2008-04-15 14:00:00 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe [2008-04-15 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2008-04-15 14:00:00 | 000,000,477 | ---- | C] () -- C:\WINDOWS\win.ini [2008-04-15 14:00:00 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini [2008-04-15 14:00:00 | 000,000,227 | ---- | C] () -- C:\WINDOWS\system.ini [2001-10-26 19:29:54 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\dvdplay.exe [2001-10-26 19:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll [color=#E56717]========== LOP Check ==========[/color] [2011-02-15 12:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2011-06-17 11:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2011-07-21 20:14:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2011-09-15 17:41:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\stamina [2011-09-15 21:10:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2011-04-18 21:11:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\id Software [2011-02-15 13:46:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\LolClient [2011-07-28 20:36:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Mumble [2011-02-15 14:08:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Nowe Gadu-Gadu [2011-02-15 13:06:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\OpenFM [2011-04-21 16:53:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Opera [2011-08-08 19:03:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\TeamViewer [2011-09-14 21:50:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Tibia [2011-08-09 01:12:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Tibiacast [2011-06-19 13:10:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\TS3Client [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2011-02-14 14:36:02 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2011-02-14 14:28:29 | 000,000,211 | ---- | M] () -- C:\Boot.bak [2011-07-30 20:15:13 | 000,000,327 | RHS- | M] () -- C:\boot.ini [2008-04-15 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2004-08-03 23:00:14 | 000,262,400 | RHS- | M] () -- C:\cmldr [2011-06-16 20:44:38 | 000,008,673 | ---- | M] () -- C:\ComboFix.txt [2011-02-14 14:36:02 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2011-02-14 14:36:02 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2011-02-14 14:36:02 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008-04-15 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008-04-15 14:00:00 | 000,251,152 | RHS- | M] () -- C:\ntldr [2011-09-29 19:21:33 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-04-14 02:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\AGP440.SYS [2008-04-14 02:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\AGP440.SYS [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-15 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys [2008-04-15 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys [2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-15 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ERDNT\cache\eventlog.dll [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-15 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys [2008-04-15 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys [2008-04-15 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ERDNT\cache\winlogon.exe [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe < End of report > [/log] Extras [log]OTL Extras logfile created on: 2011-09-29 19:25:31 - Run 2 OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\User\Moje dokumenty\Downloads Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 72,64% Memory free 3,85 Gb Paging File | 3,42 Gb Available in Paging File | 88,71% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 50,85 Gb Total Space | 29,26 Gb Free Space | 57,54% Space Free | Partition Type: NTFS Drive D: | 50,86 Gb Total Space | 19,86 Gb Free Space | 39,05% Space Free | Partition Type: NTFS Drive E: | 47,34 Gb Total Space | 45,25 Gb Free Space | 95,58% Space Free | Partition Type: NTFS Computer Name: USER-AE38C3653C | User Name: User | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- Reg Error: Key error. File not found .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "8396:TCP" = 8396:TCP:*:Enabled:League of Legends Launcher "8396:UDP" = 8396:UDP:*:Enabled:League of Legends Launcher "6943:TCP" = 6943:TCP:*:Enabled:League of Legends Launcher "6943:UDP" = 6943:UDP:*:Enabled:League of Legends Launcher "6960:TCP" = 6960:TCP:*:Enabled:League of Legends Launcher "6960:UDP" = 6960:UDP:*:Enabled:League of Legends Launcher "8397:TCP" = 8397:TCP:*:Enabled:League of Legends Launcher "8397:UDP" = 8397:UDP:*:Enabled:League of Legends Launcher "6908:TCP" = 6908:TCP:*:Enabled:League of Legends Launcher "6908:UDP" = 6908:UDP:*:Enabled:League of Legends Launcher "8398:TCP" = 8398:TCP:*:Enabled:League of Legends Launcher "8398:UDP" = 8398:UDP:*:Enabled:League of Legends Launcher "8393:TCP" = 8393:TCP:*:Enabled:League of Legends Lobby "8393:UDP" = 8393:UDP:*:Enabled:League of Legends Lobby "8390:TCP" = 8390:TCP:*:Enabled:League of Legends Game Client "8390:UDP" = 8390:UDP:*:Enabled:League of Legends Game Client "6952:TCP" = 6952:TCP:*:Enabled:League of Legends Launcher "6952:UDP" = 6952:UDP:*:Enabled:League of Legends Launcher [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu -- (GG Network S.A.) "C:\Program Files\League of Legends\air\LolClient.exe" = C:\Program Files\League of Legends\air\LolClient.exe:*:Enabled:League of Legends Lobby "C:\Program Files\League of Legends\game\League of Legends.exe" = C:\Program Files\League of Legends\game\League of Legends.exe:*:Enabled:League of Legends Game Client "C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager "C:\Program Files\Infogrames\Tactical Ops\System\TacticalOps.exe" = C:\Program Files\Infogrames\Tactical Ops\System\TacticalOps.exe:*:Enabled:TacticalOps "C:\Program Files\League of Legends\lol.launcher.exe" = C:\Program Files\League of Legends\lol.launcher.exe:*:Enabled:League of Legends Launcher -- () "C:\Program Files\Xfire\Xfire.exe" = C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire -- (Xfire Inc.) "C:\Program Files\TO350\Tactical Ops Clear\System\TacticalOps.exe" = C:\Program Files\TO350\Tactical Ops Clear\System\TacticalOps.exe:*:Enabled:TacticalOps -- () "C:\Program Files\Heroes of Newerth\hon.exe" = C:\Program Files\Heroes of Newerth\hon.exe:*:Enabled:Heroes of Newerth -- (S2 Games) "C:\Program Files\Aspyr\Guitar Hero III\GH3.exe" = C:\Program Files\Aspyr\Guitar Hero III\GH3.exe:*:Enabled:Guitar Hero III -- (Aspyr Media, Inc.) "C:\Program Files\TeamViewer\Version6\TeamViewer.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH) "C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH) "C:\Program Files\Tibiacast\Tibiacast Client.exe" = C:\Program Files\Tibiacast\Tibiacast Client.exe:*:Enabled:Tibiacast Client -- (Silver Squirrel Software HB) "C:\Program Files\Counter-Strike\cstrike.exe" = C:\Program Files\Counter-Strike\cstrike.exe:*:Enabled:Half-Life Launcher -- (Valve) "C:\Program Files\Konnekt\konnekt.exe" = C:\Program Files\Konnekt\konnekt.exe:*:Enabled:Konnekt - Core -- (Stamina) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish "{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}" = Guitar Hero III "{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish "{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard "{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese "{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23 "{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish "{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK "{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English "{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation "{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins "{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French "{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish "{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean "{53E2DCBB-E6F7-4C83-B1EF-F78435B9814E}" = Sound Blaster X-Fi Xtreme Audio "{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch "{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK "{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional "{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek "{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full "{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New "{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding "{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends "{91B323B5-A79C-4D23-BD6D-046C565F9BCF}" = MadOnion.com/3DMark2001 SE "{9757A0C5-E1D5-43EA-8817-80382BAF3CA9}" = Tibiacast "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian "{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish "{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai "{B3B5F219-79E6-4307-8AC1-9B32BE37CD48}" = ESET NOD32 Antivirus "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars "{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All "{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish "{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3 "{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static "{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light "{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F86B5FF0-E0C0-41AA-9FD3-5E9090FED323}" = Mumble 1.2.3 "{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "All ATI Software" = Narzędzie Software Uninstall Utility firmy ATI "ALLPlayer_is1" = ALLPlayer V4.X "ATI Display Driver" = ATI Display Driver (Omega 3.8.442) "Creative Software AutoUpdate" = Creative Software AutoUpdate "ElfBot NG_is1" = ElfBot NG 4.5.9 "ESE Account Manager" = ESE Account Manager 2.0.0.4 "Fraps" = Fraps "GameBoost_is1" = GameBoost "HD Tune_is1" = HD Tune 2.55 "hon" = Heroes of Newerth "IrfanView" = IrfanView (remove only) "Konnekt" = Konnekt "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "Tactical Ops" = Tactical Ops "TeamSpeak 3 Client" = TeamSpeak 3 Client "TeamViewer 6" = TeamViewer 6 "Tibia_is1" = Tibia "TMIPC" = Tibia MULTI-ip changer "VentriloMix_is1" = VentriloMix 1.22 "Winamp" = Winamp "WinRAR archiver" = Archiwizator WinRAR "Xbox_360_CC_Driver" = Xbox 360 Controller for Windows "Xfire" = Xfire (remove only) "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Counter-Strike 1.6: New Era" = Counter-Strike 1.6: New Era "Google Chrome" = Google Chrome [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-02-14 08:59:49 | Computer Name = USER-AE38C3653C | Source = crypt32 | ID = 131083 Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>, wystąpił błąd: Wystąpił wewnętrzny błąd obsługi łańcucha certyfikatów. Error - 2011-02-16 04:07:34 | Computer Name = USER-AE38C3653C | Source = PerfNet | ID = 2004 Description = Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error - 2011-06-15 19:09:06 | Computer Name = USER-AE38C3653C | Source = Lavasoft Ad-Aware Service | ID = 0 Description = < End of report > [/log]
Gość komentarz 29 września 2011 komentarz 29 września 2011 Był uzywany w czerwcu Combofix. Pokaż mi z niego log. Plik tekstowy znajduje się [b]C:\ComboFix.txt[/b]
tobeto komentarz 29 września 2011 Autor komentarz 29 września 2011 Log z COMBOFIX. [log]ComboFix 11-06-15.04 - User 2011-06-16 20:36:31.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.2046.1329 [GMT 2:00] Uruchomiony z: c:\documents and settings\User\Moje dokumenty\Downloads\ComboFix.exe . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Common Files\logonInit.dll E:\install.exe . . ((((((((((((((((((((((((( Pliki utworzone od 2011-05-16 do 2011-06-16 ))))))))))))))))))))))))))))))) . . 2011-06-16 14:12 . 2011-06-16 14:12 9472 ----a-w- c:\windows\system32\drivers\SnopFree.sys 2011-06-16 14:12 . 2011-06-16 14:12 90112 ----a-w- c:\windows\system32\SnoopFreeSvc.exe 2011-06-16 14:12 . 2011-06-16 14:12 45056 ----a-w- c:\windows\SnoopFreeDll.dll 2011-06-16 14:12 . 2011-06-16 14:12 221184 ----a-w- c:\windows\SnoopFreeUI.exe 2011-06-16 13:54 . 2011-06-16 13:54 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Skype Extras 2011-06-16 13:54 . 2011-06-16 13:54 -------- d-----w- c:\program files\Common Files\Skype 2011-06-16 08:14 . 2011-06-16 08:14 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-15 23:13 . 2011-06-15 23:13 -------- d-----w- c:\windows\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Sunbelt Software 2011-06-15 23:11 . 2011-06-16 08:54 -------- dc----w- c:\windows\system32\DRVSTORE 2011-06-15 23:11 . 2011-06-15 23:11 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2011-06-15 23:09 . 2011-06-15 23:09 -------- d-----w- c:\documents and settings\User\Ustawienia lokalne\Dane aplikacji\Sunbelt Software 2011-06-15 23:08 . 2011-06-16 08:54 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Lavasoft . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-06-16 14:52 . 2011-04-26 09:35 525 ----a-w- c:\program files\Common Files\userInit.dll 2011-05-02 15:32 . 2011-02-14 12:33 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-29 16:19 . 2008-04-15 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-25 14:47 . 2008-04-15 12:00 669696 ----a-w- c:\windows\system32\wininet.dll 2011-04-25 14:47 . 2008-04-15 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx 2011-04-25 14:47 . 2008-04-15 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll 2011-04-25 14:43 . 2008-04-15 12:00 370688 ----a-w- c:\windows\system32\html.iec 2011-04-21 13:37 . 2008-04-15 12:00 105472 ----a-w- c:\windows\system32\drivers\mup.sys . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Nowe Gadu-Gadu"="c:\program files\Gadu-Gadu\gg.exe" [2009-07-13 10707560] "ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe" [2011-02-07 1362944] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-05-26 15147400] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440] "SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-07-27 1388544] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "P17Helper"="SPIRun.dll" [2006-07-03 10752] "AtiPTA"="atiptaxx.exe" [2006-02-22 344064] "SnoopFreeUI"="SnoopFreeUI.exe" [2011-06-16 221184] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Gadu-Gadu\\gg.exe"= "c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\League of Legends\\air\\LolClient.exe"= "c:\\Program Files\\League of Legends\\game\\League of Legends.exe"= "c:\\Program Files\\Infogrames\\Tactical Ops\\System\\TacticalOps.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "56875:TCP"= 56875:TCP:Pando Media Booster "56875:UDP"= 56875:UDP:Pando Media Booster "8396:TCP"= 8396:TCP:League of Legends Launcher "8396:UDP"= 8396:UDP:League of Legends Launcher "6943:TCP"= 6943:TCP:League of Legends Launcher "6943:UDP"= 6943:UDP:League of Legends Launcher "6960:TCP"= 6960:TCP:League of Legends Launcher "6960:UDP"= 6960:UDP:League of Legends Launcher "8397:TCP"= 8397:TCP:League of Legends Launcher "8397:UDP"= 8397:UDP:League of Legends Launcher . R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2011-04-19 22504] S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?] . Zawartość folderu 'Zaplanowane zadania' . 2011-06-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-583907252-1957994488-1547161642-1003Core.job - c:\documents and settings\User\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2011-02-15 10:54] . 2011-06-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-583907252-1957994488-1547161642-1003UA.job - c:\documents and settings\User\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2011-02-15 10:54] . . ------- Skan uzupełniający ------- . TCP: DhcpNameServer = 62.179.1.63 62.179.1.62 FF - ProfilePath - c:\documents and settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\lrc5rc70.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/ FF - prefs.js: network.proxy.type - 0 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff . - - - - USUNIĘTO PUSTE WPISY - - - - . AddRemove-2kv4.8.442 - c:\windows\Radeon Omega Drivers v4.8.442 . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-06-16 20:42 Windows 5.1.2600 Dodatek Service Pack 3 NTFS . skanowanie ukrytych procesów ... . skanowanie ukrytych wpisów autostartu ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run P17Helper = Rundll32 SPIRun.dll,RunDLLEntry? . skanowanie ukrytych plików ... . skanowanie pomyślnie ukończone ukryte pliki: 0 . ************************************************************************** . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- . - - - - - - - > 'winlogon.exe'(540) c:\windows\system32\Ati2evxx.dll . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\System32\SnoopFreeSvc.exe c:\program files\Analog Devices\SoundMAX\SMAgent.exe c:\windows\system32\wbem\wmiapsrv.exe c:\windows\system32\wscntfy.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\windows\system32\Rundll32.exe c:\windows\SnoopFreeUI.exe c:\program files\Gadu-Gadu\spellchecker_gg.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe c:\program files\Skype\Plugin Manager\skypePM.exe c:\windows\system32\logonui.exe . ************************************************************************** . Czas ukończenia: 2011-06-16 20:44:37 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2011-06-16 18:44 . Przed: 38 515 236 864 bajtów wolnych Po: 38 782 742 528 bajtów wolnych . WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - 610B89987CFBAF589D3B3895A36241F3 [/log]
Gość komentarz 29 września 2011 komentarz 29 września 2011 Pobierz Combofix stąd [url="http://www.fixitpc.pl/topic/7-dezynfekcja-narzedzie-combofix/"]http://www.fixitpc.pl/topic/7-dezynfekcja-narzedzie-combofix/[/url] Plik Combofixa umieść w [b]c:\documents and settings\User\Moje dokumenty\Downloads\ComboFix.exe[/b] Pod żadnym pozorem go nie uruchamiaj. Po umieszczeniu w podanej ścieżce wykonaj [b]Start > polecenie uruchom[/b] i wklej komende [b]"c:\documents and settings\User\Moje dokumenty\Downloads\ComboFix.exe" /uninstall[/b] to usunie kwarantanne i pozostałości po dawnym użyciu programu. Jak to wykonasz, daj nowy log z [b]OTL[/b]. (Extras już nie potrzebny)
tobeto komentarz 29 września 2011 Autor komentarz 29 września 2011 OTL po usunieciu ComboFixa. [log]OTL logfile created on: 2011-09-29 21:20:24 - Run 3 OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\User\Moje dokumenty\Downloads Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,37 Gb Available Physical Memory | 68,35% Memory free 3,85 Gb Paging File | 3,38 Gb Available in Paging File | 87,81% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 50,85 Gb Total Space | 32,04 Gb Free Space | 63,01% Space Free | Partition Type: NTFS Drive D: | 50,86 Gb Total Space | 20,19 Gb Free Space | 39,70% Space Free | Partition Type: NTFS Drive E: | 47,34 Gb Total Space | 45,88 Gb Free Space | 96,91% Space Free | Partition Type: NTFS Computer Name: USER-AE38C3653C | User Name: User | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-09-29 17:37:48 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Moje dokumenty\Downloads\OTL.exe PRC - [2011-09-20 05:07:40 | 001,030,200 | ---- | M] (Google Inc.) -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe PRC - [2011-09-14 13:03:58 | 008,284,928 | ---- | M] (TeamSpeak Systems GmbH) -- C:\Program Files\TeamSpeak 3\ts3client_win32.exe PRC - [2011-09-08 15:04:20 | 002,592,768 | ---- | M] () -- C:\Program Files\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.33\deploy\LoLLauncher.exe PRC - [2011-08-20 14:27:28 | 001,290,240 | ---- | M] () -- C:\Program Files\League of Legends\RADS\system\rads_user_kernel.exe PRC - [2011-02-14 15:04:09 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2011-01-12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2010-08-17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-04-15 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-15 14:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2008-04-15 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-15 14:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-15 14:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2008-04-15 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-15 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2007-12-05 04:53:58 | 000,495,616 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2002-09-20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-09-29 17:37:48 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Moje dokumenty\Downloads\OTL.exe MOD - [2011-09-20 05:07:40 | 001,030,200 | ---- | M] (Google Inc.) -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe MOD - [2011-09-20 05:07:39 | 000,412,728 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\ppgooglenaclpluginchrome.dll MOD - [2011-09-20 05:07:37 | 003,696,184 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\pdf.dll MOD - [2011-09-20 05:07:08 | 000,352,312 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\Locales\pl.dll MOD - [2011-09-20 05:06:19 | 009,848,888 | ---- | M] (The ICU Project) -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\icudt.dll MOD - [2011-09-20 05:06:14 | 027,574,840 | ---- | M] (Google Inc.) -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\chrome.dll MOD - [2011-09-20 05:06:11 | 000,142,568 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\avutil-51.dll MOD - [2011-09-20 05:06:10 | 000,253,320 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\avformat-53.dll MOD - [2011-09-20 05:06:09 | 002,403,240 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\avcodec-53.dll MOD - [2011-09-20 02:32:41 | 006,338,720 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\gcswf32.dll MOD - [2011-09-14 13:03:58 | 008,284,928 | ---- | M] (TeamSpeak Systems GmbH) -- C:\Program Files\TeamSpeak 3\ts3client_win32.exe MOD - [2011-09-14 13:03:58 | 000,420,096 | ---- | M] () -- C:\Program Files\TeamSpeak 3\plugins\clientquery_plugin.dll MOD - [2011-09-14 13:03:58 | 000,226,560 | ---- | M] () -- C:\Program Files\TeamSpeak 3\soundbackends\directsound_win32.dll MOD - [2011-09-14 13:03:58 | 000,157,440 | ---- | M] () -- C:\Program Files\TeamSpeak 3\plugins\appscanner_plugin.dll MOD - [2011-09-09 11:12:03 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll MOD - [2011-09-08 15:04:20 | 002,592,768 | ---- | M] () -- C:\Program Files\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.33\deploy\LoLLauncher.exe MOD - [2011-08-20 14:27:30 | 000,118,784 | ---- | M] (Solid State Networks) -- C:\Program Files\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.33\deploy\launcher.maestro.dll MOD - [2011-08-20 14:27:28 | 001,290,240 | ---- | M] () -- C:\Program Files\League of Legends\RADS\system\rads_user_kernel.exe MOD - [2011-06-21 20:18:34 | 001,510,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll MOD - [2011-06-21 20:18:34 | 001,025,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll MOD - [2011-06-21 20:18:34 | 000,669,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll MOD - [2011-06-21 20:18:34 | 000,628,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll MOD - [2011-06-18 13:45:49 | 007,859,200 | ---- | M] () -- C:\Program Files\TeamSpeak 3\QtGui4.dll MOD - [2011-06-18 13:45:49 | 002,210,816 | ---- | M] () -- C:\Program Files\TeamSpeak 3\QtCore4.dll MOD - [2011-06-18 13:45:49 | 000,814,080 | ---- | M] () -- C:\Program Files\TeamSpeak 3\QtNetwork4.dll MOD - [2011-04-29 19:25:11 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll MOD - [2011-03-25 06:15:42 | 005,912,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll MOD - [2011-03-04 08:44:09 | 000,512,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\jscript.dll MOD - [2011-03-03 08:55:00 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll MOD - [2011-02-14 15:04:09 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Java\jre6\bin\msvcr71.dll MOD - [2011-02-14 15:04:09 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe MOD - [2011-02-09 20:29:08 | 000,400,384 | ---- | M] (ALLCinema Ltd.) -- C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll MOD - [2011-02-08 15:33:57 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42u.dll MOD - [2011-01-21 16:44:11 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2011-01-12 16:46:26 | 000,286,904 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnUpdate.dll MOD - [2011-01-12 16:46:26 | 000,241,584 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\updater.dll MOD - [2011-01-12 16:45:12 | 000,122,104 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnMailPlugins.dll MOD - [2011-01-12 16:42:50 | 000,175,664 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnScan.dll MOD - [2011-01-12 16:42:08 | 000,558,824 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEpfw.dll MOD - [2011-01-12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe MOD - [2011-01-12 16:41:02 | 000,117,984 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEmon.dll MOD - [2011-01-12 16:40:34 | 000,117,984 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnDmon.dll MOD - [2011-01-12 16:39:38 | 000,179,784 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnAmon.dll MOD - [2010-12-22 14:34:22 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll MOD - [2010-12-20 19:32:08 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2010-12-20 19:25:52 | 000,732,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll MOD - [2010-12-09 17:15:25 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2010-11-09 16:52:35 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll MOD - [2010-08-27 07:54:13 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll MOD - [2010-08-23 18:12:55 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll MOD - [2010-08-23 18:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2010-08-17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe MOD - [2010-08-16 10:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2010-07-16 14:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2010-04-16 17:38:53 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll MOD - [2010-03-22 11:59:00 | 000,118,784 | ---- | M] () -- C:\Program Files\TeamSpeak 3\imageformats\_old_qjpeg4.dll MOD - [2010-03-22 11:59:00 | 000,025,088 | ---- | M] () -- C:\Program Files\TeamSpeak 3\imageformats\_old_qgif4.dll MOD - [2009-12-24 09:04:53 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll MOD - [2009-12-08 11:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-11-07 02:07:08 | 000,049,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netfxperf.dll MOD - [2009-11-07 02:07:04 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscoree.dll MOD - [2009-11-07 02:06:46 | 001,130,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dfshim.dll MOD - [2009-10-13 12:34:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll MOD - [2009-10-12 15:40:13 | 000,150,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll MOD - [2009-10-12 15:40:13 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll MOD - [2009-09-11 16:19:43 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll MOD - [2009-09-04 23:05:35 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll MOD - [2009-08-25 11:19:45 | 000,354,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll MOD - [2009-08-11 12:37:30 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Program Files\ESET\ESET NOD32 Antivirus\msvcr80.dll MOD - [2009-08-11 12:37:30 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Program Files\ESET\ESET NOD32 Antivirus\msvcp80.dll MOD - [2009-08-06 20:23:46 | 001,929,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuaueng.dll MOD - [2009-07-28 01:19:10 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll MOD - [2009-07-17 21:04:02 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll MOD - [2009-07-17 18:17:57 | 001,439,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\query.dll MOD - [2009-07-12 01:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll MOD - [2009-07-12 01:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-06-25 10:27:54 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll MOD - [2009-06-10 08:16:42 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll MOD - [2009-05-07 17:34:14 | 000,347,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll MOD - [2009-03-21 16:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-03-06 16:22:12 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll MOD - [2009-02-09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 12:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll MOD - [2009-02-09 12:53:44 | 000,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll MOD - [2009-02-09 12:53:43 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll MOD - [2008-10-23 14:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-10-15 18:36:55 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll MOD - [2008-09-10 18:47:28 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\pl\ShFusRes.dll MOD - [2008-07-25 12:17:20 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll MOD - [2008-07-25 12:17:20 | 000,558,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll MOD - [2008-07-25 12:17:02 | 000,088,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll MOD - [2008-07-25 12:17:02 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll MOD - [2008-07-25 12:17:00 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll MOD - [2008-07-25 12:17:00 | 000,089,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll MOD - [2008-07-25 12:16:58 | 000,018,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll MOD - [2008-07-25 12:16:40 | 000,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll MOD - [2008-07-12 09:18:52 | 003,851,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\D3DX9_39.dll MOD - [2008-07-07 22:29:10 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll MOD - [2008-07-06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll MOD - [2008-06-24 18:46:33 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll MOD - [2008-06-20 18:04:23 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll MOD - [2008-06-12 16:23:52 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcprx.dll MOD - [2008-06-12 16:23:52 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcuiu.dll MOD - [2008-06-12 16:23:52 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll MOD - [2008-04-15 14:00:00 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll MOD - [2008-04-15 14:00:00 | 002,843,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll MOD - [2008-04-15 14:00:00 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll MOD - [2008-04-15 14:00:00 | 001,710,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll MOD - [2008-04-15 14:00:00 | 001,689,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\d3d9.dll MOD - [2008-04-15 14:00:00 | 001,267,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll MOD - [2008-04-15 14:00:00 | 001,092,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll MOD - [2008-04-15 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe MOD - [2008-04-15 14:00:00 | 001,000,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll MOD - [2008-04-15 14:00:00 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-15 14:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-15 14:00:00 | 000,741,376 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Speech\sapi.dll MOD - [2008-04-15 14:00:00 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2008-04-15 14:00:00 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll MOD - [2008-04-15 14:00:00 | 000,675,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll MOD - [2008-04-15 14:00:00 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll MOD - [2008-04-15 14:00:00 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll MOD - [2008-04-15 14:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-15 14:00:00 | 000,563,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdoclc.dll MOD - [2008-04-15 14:00:00 | 000,531,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll MOD - [2008-04-15 14:00:00 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll MOD - [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe MOD - [2008-04-15 14:00:00 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-15 14:00:00 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll MOD - [2008-04-15 14:00:00 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\riched20.dll MOD - [2008-04-15 14:00:00 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll MOD - [2008-04-15 14:00:00 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll MOD - [2008-04-15 14:00:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll MOD - [2008-04-15 14:00:00 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qmgr.dll MOD - [2008-04-15 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll MOD - [2008-04-15 14:00:00 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll MOD - [2008-04-15 14:00:00 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dsound.dll MOD - [2008-04-15 14:00:00 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll MOD - [2008-04-15 14:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-15 14:00:00 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll MOD - [2008-04-15 14:00:00 | 000,330,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipnathlp.dll MOD - [2008-04-15 14:00:00 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll MOD - [2008-04-15 14:00:00 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\duser.dll MOD - [2008-04-15 14:00:00 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll MOD - [2008-04-15 14:00:00 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-15 14:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll MOD - [2008-04-15 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll MOD - [2008-04-15 14:00:00 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll MOD - [2008-04-15 14:00:00 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll MOD - [2008-04-15 14:00:00 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll MOD - [2008-04-15 14:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-15 14:00:00 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll MOD - [2008-04-15 14:00:00 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll MOD - [2008-04-15 14:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll MOD - [2008-04-15 14:00:00 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll MOD - [2008-04-15 14:00:00 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll MOD - [2008-04-15 14:00:00 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll MOD - [2008-04-15 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll MOD - [2008-04-15 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dinput8.dll MOD - [2008-04-15 14:00:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-15 14:00:00 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll MOD - [2008-04-15 14:00:00 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll MOD - [2008-04-15 14:00:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll MOD - [2008-04-15 14:00:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll MOD - [2008-04-15 14:00:00 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll MOD - [2008-04-15 14:00:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2008-04-15 14:00:00 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll MOD - [2008-04-15 14:00:00 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll MOD - [2008-04-15 14:00:00 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll MOD - [2008-04-15 14:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-15 14:00:00 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll MOD - [2008-04-15 14:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprov.dll MOD - [2008-04-15 14:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\onex.dll MOD - [2008-04-15 14:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll MOD - [2008-04-15 14:00:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll MOD - [2008-04-15 14:00:00 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll MOD - [2008-04-15 14:00:00 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll MOD - [2008-04-15 14:00:00 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll MOD - [2008-04-15 14:00:00 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll MOD - [2008-04-15 14:00:00 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappcfg.dll MOD - [2008-04-15 14:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe MOD - [2008-04-15 14:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll MOD - [2008-04-15 14:00:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll MOD - [2008-04-15 14:00:00 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll MOD - [2008-04-15 14:00:00 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll MOD - [2008-04-15 14:00:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2008-04-15 14:00:00 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll MOD - [2008-04-15 14:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-15 14:00:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2008-04-15 14:00:00 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll MOD - [2008-04-15 14:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll MOD - [2008-04-15 14:00:00 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advpack.dll MOD - [2008-04-15 14:00:00 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll MOD - [2008-04-15 14:00:00 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\loadperf.dll MOD - [2008-04-15 14:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll MOD - [2008-04-15 14:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll MOD - [2008-04-15 14:00:00 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll MOD - [2008-04-15 14:00:00 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll MOD - [2008-04-15 14:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll MOD - [2008-04-15 14:00:00 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll MOD - [2008-04-15 14:00:00 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiaprpl.dll MOD - [2008-04-15 14:00:00 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll MOD - [2008-04-15 14:00:00 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-15 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll MOD - [2008-04-15 14:00:00 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll MOD - [2008-04-15 14:00:00 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscsvc.dll MOD - [2008-04-15 14:00:00 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll MOD - [2008-04-15 14:00:00 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qutil.dll MOD - [2008-04-15 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll MOD - [2008-04-15 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll MOD - [2008-04-15 14:00:00 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll MOD - [2008-04-15 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-15 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browselc.dll MOD - [2008-04-15 14:00:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll MOD - [2008-04-15 14:00:00 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll MOD - [2008-04-15 14:00:00 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptnet.dll MOD - [2008-04-15 14:00:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2008-04-15 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll MOD - [2008-04-15 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll MOD - [2008-04-15 14:00:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll MOD - [2008-04-15 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll MOD - [2008-04-15 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll MOD - [2008-04-15 14:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll MOD - [2008-04-15 14:00:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll MOD - [2008-04-15 14:00:00 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll MOD - [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll MOD - [2008-04-15 14:00:00 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll MOD - [2008-04-15 14:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll MOD - [2008-04-15 14:00:00 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll MOD - [2008-04-15 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe MOD - [2008-04-15 14:00:00 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll MOD - [2008-04-15 14:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll MOD - [2008-04-15 14:00:00 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll MOD - [2008-04-15 14:00:00 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll MOD - [2008-04-15 14:00:00 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll MOD - [2008-04-15 14:00:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll MOD - [2008-04-15 14:00:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll MOD - [2008-04-15 14:00:00 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemsvc.dll MOD - [2008-04-15 14:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll MOD - [2008-04-15 14:00:00 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfctrs.dll MOD - [2008-04-15 14:00:00 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappprxy.dll MOD - [2008-04-15 14:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll MOD - [2008-04-15 14:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcAdProc.dll MOD - [2008-04-15 14:00:00 | 000,038,400 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll MOD - [2008-04-15 14:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll MOD - [2008-04-15 14:00:00 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll MOD - [2008-04-15 14:00:00 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll MOD - [2008-04-15 14:00:00 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll MOD - [2008-04-15 14:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll MOD - [2008-04-15 14:00:00 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll MOD - [2008-04-15 14:00:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\traffic.dll MOD - [2008-04-15 14:00:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eapolqec.dll MOD - [2008-04-15 14:00:00 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mspatcha.dll MOD - [2008-04-15 14:00:00 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll MOD - [2008-04-15 14:00:00 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll MOD - [2008-04-15 14:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll MOD - [2008-04-15 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\utildll.dll MOD - [2008-04-15 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3api.dll MOD - [2008-04-15 14:00:00 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll MOD - [2008-04-15 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shfolder.dll MOD - [2008-04-15 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll MOD - [2008-04-15 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll MOD - [2008-04-15 14:00:00 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll MOD - [2008-04-15 14:00:00 | 000,024,064 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmserver.dll MOD - [2008-04-15 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-15 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ersvc.dll MOD - [2008-04-15 14:00:00 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lpk.dll MOD - [2008-04-15 14:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv MOD - [2008-04-15 14:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll MOD - [2008-04-15 14:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll MOD - [2008-04-15 14:00:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll MOD - [2008-04-15 14:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll MOD - [2008-04-15 14:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dimsntfy.dll MOD - [2008-04-15 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll MOD - [2008-04-15 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-15 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll MOD - [2008-04-15 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll MOD - [2008-04-15 14:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll MOD - [2008-04-15 14:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll MOD - [2008-04-15 14:00:00 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfnet.dll MOD - [2008-04-15 14:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll MOD - [2008-04-15 14:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll MOD - [2008-04-15 14:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll MOD - [2008-04-15 14:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cfgmgr32.dll MOD - [2008-04-15 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll MOD - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe MOD - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll MOD - [2008-04-15 14:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe MOD - [2008-04-15 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe MOD - [2008-04-15 14:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfts.dll MOD - [2008-04-15 14:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll MOD - [2008-04-15 14:00:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll MOD - [2008-04-15 14:00:00 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pschdprf.dll MOD - [2008-04-15 14:00:00 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpperf.dll MOD - [2008-04-15 14:00:00 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3dlg.dll MOD - [2008-04-15 14:00:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\d3d8thk.dll MOD - [2008-04-15 14:00:00 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll MOD - [2008-04-15 14:00:00 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapres.dll MOD - [2008-04-15 14:00:00 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll MOD - [2008-04-15 14:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauserv.dll MOD - [2008-04-15 14:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msidle.dll MOD - [2008-04-15 14:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll MOD - [2008-04-15 14:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapiperf.dll MOD - [2008-04-15 14:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll MOD - [2008-04-15 14:00:00 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll MOD - [2008-04-14 23:51:58 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv MOD - [2008-04-14 23:50:36 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ksuser.dll MOD - [2008-04-14 22:50:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidserv.dll MOD - [2007-12-05 04:56:02 | 000,147,456 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\system32\atipdlxx.dll MOD - [2007-12-05 04:55:34 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\system32\ati2edxx.dll MOD - [2007-12-05 04:55:20 | 000,122,880 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.dll MOD - [2007-12-05 04:53:58 | 000,495,616 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe MOD - [2002-09-20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-01-12 16:44:02 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2011-01-12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2002-09-20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default)) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-12-21 15:04:06 | 000,141,264 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2010-12-21 15:04:06 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010-12-21 13:47:38 | 000,094,872 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir) DRV - [2008-04-14 00:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) DRV - [2007-12-05 07:26:40 | 002,782,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2007-11-05 09:55:04 | 000,017,952 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Radeon Omega Drivers\v4.8.442\ATI Tray Tools\atitray.sys -- (atitray) DRV - [2007-03-22 18:35:40 | 001,659,008 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\p17xfilt.sys -- (p17xfilt) DRV - [2006-09-25 11:58:54 | 001,173,504 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17xfi.sys -- (P17xfi) DRV - [2006-08-07 13:30:52 | 000,162,176 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctusfsyn.sys -- (CTUSFSYN) DRV - [2005-12-08 05:54:52 | 000,114,688 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv) DRV - [2005-12-08 05:54:44 | 000,142,336 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k) DRV - [2004-08-28 14:54:38 | 000,033,995 | ---- | M] (Sonic Focus, Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sf.sys -- (sf) DRV - [2004-04-26 11:49:56 | 000,381,056 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt) DRV - [2002-09-20 12:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-583907252-1957994488-1547161642-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-06-17 11:42:19 | 000,000,000 | ---D | M] [2011-02-14 16:15:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Extensions [2011-04-20 11:02:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\lrc5rc70.default\extensions [2011-04-20 11:02:53 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\lrc5rc70.default\extensions\IplextoALL@ALLPlayer.org [2011-07-30 21:29:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-07-30 21:29:52 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-02-14 15:04:09 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\14.0.835.186\pdf.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2011-06-16 20:42:11 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-583907252-1957994488-1547161642-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-583907252-1957994488-1547161642-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-583907252-1957994488-1547161642-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-583907252-1957994488-1547161642-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.62 62.179.1.63 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4075A6AF-CCF3-4E9A-AFDE-3C95C50A4CCC}: DhcpNameServer = 62.179.1.62 62.179.1.63 O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-02-14 14:36:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^User^Menu Start^Programy^Autostart^Xfire.lnk - C:\Program Files\Xfire\Xfire.exe - (Xfire Inc.) MsConfig - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - C:\Program Files\ALLPlayer\ALLUpdate.exe () MsConfig - StartUpReg: [b]AtiPTA[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]egui[/b] - hkey= - key= - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) MsConfig - StartUpReg: [b]Nowe Gadu-Gadu[/b] - hkey= - key= - C:\Program Files\Gadu-Gadu\gg.exe (GG Network S.A.) MsConfig - StartUpReg: [b]P17Helper[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig - StartUpReg: [b]SnoopFreeUI[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]SoundMAXPnP[/b] - hkey= - key= - C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.) MsConfig - StartUpReg: [b]SpybotSD TeaTimer[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]StartCCC[/b] - hkey= - key= - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 1 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-09-29 19:34:13 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2011-09-29 19:34:12 | 000,000,000 | ---D | C] -- C:\rsit [2011-09-29 19:18:34 | 000,000,000 | ---D | C] -- C:\_OTL [2011-09-15 17:41:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\stamina [2011-09-15 17:41:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Konnekt [2011-09-15 17:41:01 | 000,000,000 | ---D | C] -- C:\Program Files\Konnekt [2011-09-07 23:20:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Menu Start\Programy\Fraps [2011-09-07 23:20:13 | 000,000,000 | ---D | C] -- C:\Fraps [2011-08-31 16:38:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\VentriloMix [2011-08-31 16:38:22 | 000,000,000 | ---D | C] -- C:\Program Files\VentriloMix [2011-08-30 19:58:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\riotsGamesLogs [2011-08-26 16:49:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Menu Start\Programy\Counter-Strike [2011-08-26 16:44:04 | 000,000,000 | ---D | C] -- C:\Program Files\Counter-Strike [2011-08-26 16:41:48 | 000,000,000 | ---D | C] -- C:\Program Files\CS1.6_v32_by_Lukasz [2011-08-23 15:33:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ElfBot NG [2011-08-23 15:33:37 | 000,000,000 | ---D | C] -- C:\Program Files\ElfBot NG [2011-08-23 15:06:37 | 000,000,000 | ---D | C] -- C:\Program Files\Tibia8.6 [2011-08-23 14:58:11 | 000,000,000 | ---D | C] -- C:\Program Files\Asprate [2011-08-22 22:17:14 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView [2011-08-15 15:19:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Dane aplikacji\Ventrilo [2011-08-14 19:10:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Pulpit\burning [2011-08-09 01:12:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Dane aplikacji\Tibiacast [2011-08-09 01:11:49 | 000,000,000 | ---D | C] -- C:\Program Files\Tibiacast [2011-08-09 01:11:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Tibiacast [2011-08-08 19:03:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Dane aplikacji\TeamViewer [2011-08-08 19:03:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\TeamViewer 6 [2011-08-08 19:03:27 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer [2011-08-08 18:51:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ESE [2011-08-05 13:07:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Aspyr [2011-08-05 13:07:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Moje dokumenty\Aspyr [2011-08-05 13:06:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\User\Dane aplikacji\SecuROM [2011-08-05 13:06:23 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll [2011-08-05 12:55:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Activision [2011-08-05 12:50:00 | 000,000,000 | ---D | C] -- C:\Program Files\Aspyr [2011-08-02 02:34:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Dane aplikacji\Tibia [2011-08-02 02:34:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Tibia [2011-08-02 02:34:04 | 000,000,000 | ---D | C] -- C:\Program Files\Tibia [2011-02-14 14:44:23 | 000,065,536 | R--- | C] ( ) -- C:\WINDOWS\System32\A3d.dll [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-09-29 20:46:00 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-1957994488-1547161642-1003UA.job [2011-09-29 19:21:41 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2011-09-29 19:21:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-09-29 19:20:25 | 003,145,728 | -H-- | M] () -- C:\Documents and Settings\User\NTUSER.DAT [2011-09-29 19:20:25 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\User\ntuser.ini [2011-09-29 18:46:01 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-1957994488-1547161642-1003Core.job [2011-09-29 08:43:06 | 003,738,740 | -H-- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\IconCache.db [2011-09-28 13:44:31 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-09-23 14:18:53 | 000,060,693 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\dota.jpg [2011-09-23 13:56:05 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-09-22 18:49:10 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2011-09-21 13:49:15 | 000,002,295 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Google Chrome.lnk [2011-09-16 18:42:50 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011-09-07 23:32:11 | 000,004,608 | ---- | M] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-09-01 01:01:50 | 000,000,758 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Spam ue .elfc [2011-08-27 00:21:30 | 000,042,392 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll [2011-08-26 16:49:44 | 000,001,627 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Counter-Strike.lnk [2011-08-25 16:13:06 | 002,358,008 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\ElfBot NG.rar [2011-08-23 15:06:39 | 000,000,663 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Tibia.lnk [2011-08-23 14:58:12 | 000,001,838 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk [2011-08-23 14:55:34 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\User\Moje dokumenty\ipchanger.zip [2011-08-22 22:19:26 | 000,009,990 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\skelet.gif [2011-08-22 22:19:06 | 000,009,990 | ---- | M] () -- C:\Documents and Settings\User\Moje dokumenty\avatarskeletal.gif [2011-08-22 22:18:40 | 000,009,990 | ---- | M] () -- C:\Documents and Settings\User\Moje dokumenty\Crazy-skeleton-resized-128.gif [2011-08-22 22:15:25 | 000,005,116 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Crazy-skeleton-resized-128.jpg [2011-08-11 20:56:02 | 001,043,598 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2011-08-11 20:56:02 | 000,490,636 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2011-08-11 20:56:02 | 000,432,708 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011-08-11 20:56:02 | 000,083,832 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2011-08-11 20:56:02 | 000,067,484 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011-08-08 19:03:31 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 6.lnk [2011-08-08 18:51:36 | 000,000,469 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ESE Account Manager.lnk [2011-08-08 16:53:07 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Skrót do TacticalOps.lnk [2011-08-05 13:06:23 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll [2011-08-05 12:55:02 | 000,000,828 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Play Guitar Hero III.lnk [2011-08-05 11:30:43 | 000,209,141 | ---- | M] () -- C:\Documents and Settings\User\Pulpit\Kontakty_3015022.xml [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-09-23 14:18:57 | 000,060,693 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\dota.jpg [2011-09-01 01:04:27 | 000,000,758 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Spam ue .elfc [2011-08-27 00:21:30 | 000,042,392 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll [2011-08-26 16:49:44 | 000,001,627 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Counter-Strike.lnk [2011-08-25 16:13:00 | 002,358,008 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\ElfBot NG.rar [2011-08-23 14:58:12 | 000,001,838 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Tibia MULTI-IP Changer.lnk [2011-08-23 14:55:34 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\User\Moje dokumenty\ipchanger.zip [2011-08-22 22:19:26 | 000,009,990 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\skelet.gif [2011-08-22 22:19:06 | 000,009,990 | ---- | C] () -- C:\Documents and Settings\User\Moje dokumenty\avatarskeletal.gif [2011-08-22 22:17:54 | 000,009,990 | ---- | C] () -- C:\Documents and Settings\User\Moje dokumenty\Crazy-skeleton-resized-128.gif [2011-08-22 22:15:27 | 000,005,116 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Crazy-skeleton-resized-128.jpg [2011-08-10 23:08:42 | 003,932,214 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Shot0014.bmp [2011-08-08 19:03:31 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 6.lnk [2011-08-08 18:51:36 | 000,000,469 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ESE Account Manager.lnk [2011-08-08 16:53:07 | 000,000,944 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Skrót do TacticalOps.lnk [2011-08-05 12:55:02 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Play Guitar Hero III.lnk [2011-08-05 11:30:43 | 000,209,141 | ---- | C] () -- C:\Documents and Settings\User\Pulpit\Kontakty_3015022.xml [2011-08-02 02:34:06 | 000,000,663 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Tibia.lnk [2011-06-16 01:13:51 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat [2011-06-16 01:13:51 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat [2011-04-26 11:35:55 | 000,000,525 | ---- | C] () -- C:\Program Files\Common Files\userInit.dll [2011-04-20 14:47:30 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-04-20 11:02:55 | 000,810,496 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2011-04-20 11:02:54 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll [2011-04-20 11:01:12 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-02-15 13:25:43 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2011-02-14 16:37:37 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\atiiprxx.exe [2011-02-14 16:37:34 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat [2011-02-14 16:37:33 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini [2011-02-14 16:37:27 | 000,472,576 | ---- | C] () -- C:\WINDOWS\Radeon Omega Drivers v4.8.442 Uninstall.exe [2011-02-14 16:14:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2011-02-14 15:42:56 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\antiwpa.dll [2011-02-14 15:36:04 | 000,003,118 | ---- | C] () -- C:\WINDOWS\System32\AudioDrv.ini [2011-02-14 15:35:52 | 000,022,478 | R--- | C] () -- C:\WINDOWS\System32\Ludap17.ini [2011-02-14 15:35:52 | 000,000,054 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini [2011-02-14 15:35:22 | 000,008,251 | R--- | C] () -- C:\WINDOWS\sfsyn.ini [2011-02-14 15:35:21 | 000,137,216 | R--- | C] () -- C:\WINDOWS\System32\OemSpi.dll [2011-02-14 15:35:21 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\P17CPI.dll [2011-02-14 15:27:09 | 000,012,328 | ---- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2011-02-14 15:22:52 | 001,043,598 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2011-02-14 15:22:51 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011-02-14 15:21:42 | 000,096,664 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-02-14 14:55:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2011-02-14 14:54:45 | 003,738,740 | -H-- | C] () -- C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\IconCache.db [2011-02-14 14:42:53 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe [2011-02-14 14:38:11 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011-02-14 14:36:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini [2011-02-14 14:34:59 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2011-02-14 14:34:54 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2011-02-14 14:33:07 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2011-02-14 14:32:57 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini [2011-02-14 14:32:57 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini [2011-02-14 14:32:21 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini [2011-02-14 14:32:20 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini [2011-02-11 14:41:20 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2011-02-11 14:41:20 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2011-02-11 14:41:19 | 000,158,080 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2008-04-15 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2008-04-15 14:00:00 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini [2008-04-15 14:00:00 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll [2008-04-15 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2008-04-15 14:00:00 | 000,490,636 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2008-04-15 14:00:00 | 000,432,708 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2008-04-15 14:00:00 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll [2008-04-15 14:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2008-04-15 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2008-04-15 14:00:00 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll [2008-04-15 14:00:00 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll [2008-04-15 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2008-04-15 14:00:00 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll [2008-04-15 14:00:00 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll [2008-04-15 14:00:00 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll [2008-04-15 14:00:00 | 000,083,832 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2008-04-15 14:00:00 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll [2008-04-15 14:00:00 | 000,070,622 | ---- | C] () -- C:\WINDOWS\System32\edit.com [2008-04-15 14:00:00 | 000,067,484 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2008-04-15 14:00:00 | 000,053,920 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe [2008-04-15 14:00:00 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini [2008-04-15 14:00:00 | 000,051,823 | ---- | C] () -- C:\WINDOWS\System32\command.com [2008-04-15 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2008-04-15 14:00:00 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys [2008-04-15 14:00:00 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys [2008-04-15 14:00:00 | 000,039,434 | ---- | C] () -- C:\WINDOWS\System32\mem.exe [2008-04-15 14:00:00 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys [2008-04-15 14:00:00 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys [2008-04-15 14:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2008-04-15 14:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys [2008-04-15 14:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys [2008-04-15 14:00:00 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys [2008-04-15 14:00:00 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys [2008-04-15 14:00:00 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys [2008-04-15 14:00:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys [2008-04-15 14:00:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys [2008-04-15 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2008-04-15 14:00:00 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys [2008-04-15 14:00:00 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys [2008-04-15 14:00:00 | 000,020,986 | ---- | C] () -- C:\WINDOWS\System32\debug.exe [2008-04-15 14:00:00 | 000,020,629 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini [2008-04-15 14:00:00 | 000,019,806 | ---- | C] () -- C:\WINDOWS\System32\graphics.com [2008-04-15 14:00:00 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini [2008-04-15 14:00:00 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll [2008-04-15 14:00:00 | 000,014,913 | ---- | C] () -- C:\WINDOWS\System32\kb16.com [2008-04-15 14:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll [2008-04-15 14:00:00 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini [2008-04-15 14:00:00 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll [2008-04-15 14:00:00 | 000,012,866 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe [2008-04-15 14:00:00 | 000,012,594 | ---- | C] () -- C:\WINDOWS\System32\append.exe [2008-04-15 14:00:00 | 000,011,859 | ---- | C] () -- C:\WINDOWS\System32\setver.exe [2008-04-15 14:00:00 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll [2008-04-15 14:00:00 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys [2008-04-15 14:00:00 | 000,008,520 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe [2008-04-15 14:00:00 | 000,007,116 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe [2008-04-15 14:00:00 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini [2008-04-15 14:00:00 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys [2008-04-15 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2008-04-15 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2008-04-15 14:00:00 | 000,003,346 | ---- | C] () -- C:\WINDOWS\System32\redir.exe [2008-04-15 14:00:00 | 000,003,260 | ---- | C] () -- C:\WINDOWS\System32\nw16.exe [2008-04-15 14:00:00 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini [2008-04-15 14:00:00 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini [2008-04-15 14:00:00 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv [2008-04-15 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2008-04-15 14:00:00 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini [2008-04-15 14:00:00 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini [2008-04-15 14:00:00 | 000,001,168 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com [2008-04-15 14:00:00 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\vwipxspx.exe [2008-04-15 14:00:00 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe [2008-04-15 14:00:00 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe [2008-04-15 14:00:00 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe [2008-04-15 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2008-04-15 14:00:00 | 000,000,477 | ---- | C] () -- C:\WINDOWS\win.ini [2008-04-15 14:00:00 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini [2008-04-15 14:00:00 | 000,000,227 | ---- | C] () -- C:\WINDOWS\system.ini [2001-10-26 19:29:54 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\dvdplay.exe [2001-10-26 19:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll [color=#E56717]========== LOP Check ==========[/color] [2011-02-15 12:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2011-06-17 11:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2011-07-21 20:14:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2011-09-15 17:41:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\stamina [2011-09-15 21:10:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2011-04-18 21:11:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\id Software [2011-02-15 13:46:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\LolClient [2011-07-28 20:36:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Mumble [2011-02-15 14:08:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Nowe Gadu-Gadu [2011-02-15 13:06:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\OpenFM [2011-04-21 16:53:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Opera [2011-08-08 19:03:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\TeamViewer [2011-09-14 21:50:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Tibia [2011-08-09 01:12:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\Tibiacast [2011-06-19 13:10:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dane aplikacji\TS3Client [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2011-02-14 14:36:02 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2011-02-14 14:28:29 | 000,000,211 | ---- | M] () -- C:\Boot.bak [2011-07-30 20:15:13 | 000,000,327 | RHS- | M] () -- C:\boot.ini [2008-04-15 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2004-08-03 23:00:14 | 000,262,400 | RHS- | M] () -- C:\cmldr [2011-06-16 20:44:38 | 000,008,673 | ---- | M] () -- C:\ComboFix.txt [2011-02-14 14:36:02 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2011-02-14 14:36:02 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2011-02-14 14:36:02 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008-04-15 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008-04-15 14:00:00 | 000,251,152 | RHS- | M] () -- C:\ntldr [2011-09-29 19:21:33 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [2008-04-14 02:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\AGP440.SYS [2008-04-14 02:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\AGP440.SYS [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-15 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys [2008-04-15 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys [2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-04-15 14:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-15 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ERDNT\cache\eventlog.dll [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-15 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys [2008-04-15 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys [2008-04-15 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ERDNT\cache\winlogon.exe [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe [2008-04-15 14:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe < End of report > [/log]
Gość komentarz 29 września 2011 komentarz 29 września 2011 1. Usuń log Combofixa [b]C:\ComboFix.txt[/b] 2. Odinstaluj RSIT 3. Uruchom OTL i kliknij opcje Sprzątanie. To usunie program i kwarantannę z dysku. 4. Wyczyść foldery Przywracania systemu - [url="http://www.fixitpc.pl/topic/5-dezynfekcja-metody-usuwania-czesc-1/#1"]http://www.fixitpc.p...ania-czesc-1/#1[/url] 5. Aktualizacje - odinstaluj Java™ 6 Update 23, pobierz najnowszą Java 7 zainstaluj IE8 ( nie ma znaczenia że z niego nie korzystasz) [url="http://www.microsoft.com/downloads/pl-pl/details.aspx?FamilyID=341c2ad5-8c3d-4347-8c03-08cdecd8852b"]http://www.microsoft...03-08cdecd8852b[/url] Czy problem główny ustąpił?
tobeto komentarz 29 września 2011 Autor komentarz 29 września 2011 Przywracanie systemu mialem wylaczone. Java 7 zainstalowana. IE8 zainstalowany. Zaobserwowane zmiany po ponownym wlaczeniu komputera: brak. Moze to faktycznie tkwi w moim sprzecie, nie wiem.
Gość komentarz 29 września 2011 komentarz 29 września 2011 Pobierz [b]Process Explorer[/b] i monitoruj który process tak absorbuje procesor.
tobeto komentarz 29 września 2011 Autor komentarz 29 września 2011 (edytowane) kazdy jeden, z ktorego obecnie korzystam. nie tyczy sie chyba tylko i wylacznie komunikatorow (poza skype) to jest tak, ze czytam to forum i mam 5% zuzycia, a gdy zmieniam strony to 70%~
Gość komentarz 29 września 2011 komentarz 29 września 2011 czy to dotyczy tylko przegladarki? czy innych programów też?
tobeto komentarz 4 października 2011 Autor komentarz 4 października 2011 chodzi o przegladarki i o wszystkie gry, ktore maja 'jakakolwiek' grafikekropka, przecinek, wykrzyknik. jakis jeszcze pomysl, co mogloby pomoc?
Gość komentarz 4 października 2011 komentarz 4 października 2011 Testowo do całkowitej deinstalacji ESET. Najpierw usuwasz z panelu [b]dodaj/usuń programy[/b]. Potem pobierasz ESET Unistaler wchodzisz do trybu awaryjnego i uruchamisz narzędzie [url="http://kb.eset.com/esetkb/index?page=content&id=SOLN2289&cat=EAV&actp=LIST"]http://kb.eset.com/esetkb/index?page=content&id=SOLN2289&cat=EAV&actp=LIST[/url] Przedstaw raport z programu SIW lub HWinfo. Sprawdź jakie są temeperatury podzespołów.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.