Win XP - Aplikacja żąda dostępu do elementu chronionego.

[CorteXPL]

Ostatnio jakiś haker wszedł mi na kompa, bo mój głupi brat wchodził na nie wiadomo jakie strony i pościągał jakieś programy, wirusy itp. którymi sterowali hakerzy. Teraz za to komp ma różne spowolnienia przez co nie mogę sobie pograć w Settlers 7 które wczoraj kupiłem bo tnie jak cholera, a demo wcześniej chodziło superowo. A do tego przy włączaniu kompa pisze takie coś 2x

Może wiecie jak to usunąć i odciąć tych hakerów, bo formata nie chce mi się robić...

[Sevard]

Przeskanuj kompa za pomocą Malwarebytes' Anti-Malware, log wklej na forum. Następnie zainstaluj SUPERAntispyware Free, uaktualnij go i uruchom go w trybie awaryjnym i przeskanuj kompa. Z tego programu też poproszę wkleić loga. Obydwóm programom pozwól usunąć to co znajdą.

Logi sprawdzę niestety dopiero w piątek, ale jeśli są to prymitywne narzędzia, to te programy to usuną.

[CorteXPL]

Dobra poprzeskanowałem, pousuwałem i już nic nie ma. Dzięki!

[Delmaq]

Wklej Sevardowi te logi o które prosił. W systemie jeszcze może być coś namieszane choć wydaję się, że wszystko jest cacy.

[politan]

Zainstaluj przede wszystkim jakiegoś "ogniomurka" najlepiej COMODO Firewall albo Outpoust Firewall. Możesz mi też wrzucić screena z wynikiem polecenia (Start -> Uruchom -> cmd.exe):

netstat -ano

[CorteXPL]

Dobra to tak:

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org


Wersja bazy: 4260


Windows 5.1.2600 Dodatek Service Pack 3

Internet Explorer 8.0.6001.18702


2010-06-30 14:33:30

mbam-log-2010-06-30 (14-33-30).txt


Typ skanowania: Szybkie skanowanie

Przeskanowano obiektów: 130530

Upłynęło: 3 minut(y), 16 sekund(y)


Zainfekowanych procesów w pamięci: 0

Zainfekowanych modułów w pamięci: 0

Zainfekowanych kluczy rejestru: 5

Zainfekowanych wartości rejestru: 2

Zainfekowane informacje rejestru systemowego: 3

Zainfekowanych folderów: 0

Zainfekowanych plików: 11


Zainfekowanych procesów w pamięci:

(Nie znaleziono zagrożeń)


Zainfekowanych modułów w pamięci:

(Nie znaleziono zagrożeń)


Zainfekowanych kluczy rejestru:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2gll782d-e0y2-432s-240x-1tm2m6c3iyca} (Generic.Bot.H) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6632k6le-504m-q204-j6r0-4y51aby1w75h} (Generic.Bot.H) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7oa81fo0-074b-8tkq-430l-dcjh73dmj516} (Generic.Bot.H) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{br63d71j-m8t0-vuex-2i8t-tng4mia5118w} (Generic.Bot.H) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\victim (Malware.Trace) -> Quarantined and deleted successfully.


Zainfekowanych wartości rejestru:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hklm (Backdoor.Bot) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\microsoft (Backdoor.Bot) -> Quarantined and deleted successfully.


Zainfekowane informacje rejestru systemowego:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.


Zainfekowanych folderów:

(Nie znaleziono zagrożeń)


Zainfekowanych plików:

C:\WINDOWS\system32\WinUpdate\WinUpdate.exe (Generic.Bot.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\install\WinUpdate.exe (Generic.Bot.H) -> Quarantined and deleted successfully.

C:\Documents and Settings\Gamer\Dane aplikacji\chrtmp (Malware.Trace) -> Quarantined and deleted successfully.

C:\Documents and Settings\Gamer\Dane aplikacji\cglogs.dat (Malware.Trace) -> Quarantined and deleted successfully.

C:\Documents and Settings\Gamer\Dane aplikacji\logs.dat (Bifrose.Trace) -> Quarantined and deleted successfully.

C:\Documents and Settings\Gamer\Dane aplikacji\lsass.exe (Trojan.Delf) -> Quarantined and deleted successfully.

C:\Documents and Settings\Gamer\Ustawienia lokalne\Temp\MSN.abc (Malware.Trace) -> Quarantined and deleted successfully.

C:\Documents and Settings\Gamer\Ustawienia lokalne\Temp\UuU.uUu (Malware.Trace) -> Quarantined and deleted successfully.

C:\Documents and Settings\Gamer\Ustawienia lokalne\Temp\XxX.xXx (Malware.Trace) -> Delete on reboot.

C:\Documents and Settings\Gamer\Ustawienia lokalne\Temp\xxxyyyzzz.dat (Malware.Trace) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\vcpkgsrv.exe (Backdoor.Bot) -> Quarantined and deleted successfully.

SUPERAntiSpyware Scan Log

http://www.superantispyware.com


Generated 06/30/2010 at 02:58 PM


Application Version : 4.39.1002


Core Rules Database Version : 5136

Trace Rules Database Version: 2948


Scan type       : Quick Scan

Total Scan Time : 00:15:54


Memory items scanned      : 451

Memory threats detected   : 0

Registry items scanned    : 1668

Registry threats detected : 0

File items scanned        : 10305

File threats detected     : 57


Adware.Tracking Cookie

    C:\Documents and Settings\Gamer\Cookies\gamer@atdmt[2].txt

    C:\Documents and Settings\Gamer\Cookies\gamer@xfire.adbureau[2].txt

    C:\Documents and Settings\Gamer\Cookies\gamer@2o7[2].txt

    C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[1].txt

    C:\Documents and Settings\Administrator\Cookies\administrator@ads-dev.youporn[2].txt

    C:\Documents and Settings\Administrator\Cookies\administrator@ero-advertising[2].txt

    C:\Documents and Settings\Administrator\Cookies\administrator@youporn[1].txt

    C:\Documents and Settings\Administrator\Cookies\administrator@adultfriendfinder[1].txt

    static.youporn.com [ C:\Documents and Settings\Administrator\Dane aplikacji\Macromedia\Flash Player\#SharedObjects\VMS7Z32Q ]

    .youporn.com [ C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\nc5mb4sh.default\cookies.sqlite ]

    .youporn.com [ C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\nc5mb4sh.default\cookies.sqlite ]

    .youporn.com [ C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\nc5mb4sh.default\cookies.sqlite ]

    .youporn.com [ C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\nc5mb4sh.default\cookies.sqlite ]

    .youporn.com [ C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\nc5mb4sh.default\cookies.sqlite ]

    .youporn.com [ C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\nc5mb4sh.default\cookies.sqlite ]

    ads-dev.youporn.com [ C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\nc5mb4sh.default\cookies.sqlite ]

    .youporn.com [ C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\nc5mb4sh.default\cookies.sqlite ]

    cdn.insights.gravity.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Macromedia\Flash Player\#SharedObjects\C7H9SKPY ]

    media.mtvnservices.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Macromedia\Flash Player\#SharedObjects\C7H9SKPY ]

    secure-us.imrworldwide.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Macromedia\Flash Player\#SharedObjects\C7H9SKPY ]

    www.pornhub.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Macromedia\Flash Player\#SharedObjects\C7H9SKPY ]

    1.sharkadnetwork.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    .doubleclick.net [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    .bs.serving-sys.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    .serving-sys.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    .serving-sys.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    .serving-sys.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    .serving-sys.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    .serving-sys.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    .serving-sys.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    .serving-sys.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    tracking.novem.pl [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    tracking.novem.pl [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    tracking.novem.pl [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    .tradedoubler.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    .tradedoubler.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    .tradedoubler.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    .hit.stat.pl [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    .hit.stat.pl [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    .stat.4u.pl [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    .chitika.net [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    .kontera.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    ad.yieldmanager.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    ad.yieldmanager.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    ad.yieldmanager.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    ad.yieldmanager.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    ad.yieldmanager.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    .content.yieldmanager.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    .xm.xtendmedia.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    .content.yieldmanager.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    .tradedoubler.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]

    .adserver.adtechus.com [ C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\cookies.sqlite ]


Adware.Flash Tracking Cookie

    C:\Documents and Settings\Gamer\Dane aplikacji\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\C7H9SKPY\MEDIA.MTVNSERVICES.COM

    C:\Documents and Settings\Gamer\Dane aplikacji\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\C7H9SKPY\SECURE-US.IMRWORLDWIDE.COM


Trojan.Agent/Gen-UsrMgr

    E:\SYSTEM VOLUME INFORMATION\_RESTORE{F96A9777-1ADE-4BDC-A1BB-83B421868533}\RP80\A0029930.EXE

    E:\SYSTEM VOLUME INFORMATION\_RESTORE{F96A9777-1ADE-4BDC-A1BB-83B421868533}\RP80\A0030020.EXE

    E:\SYSTEM VOLUME INFORMATION\_RESTORE{F96A9777-1ADE-4BDC-A1BB-83B421868533}\RP80\A0030110.EXE

I ten log z netstat -ano

Ehhh pewnie wyczytacie te "youporn.com" i wiadomo po czym mój brat łaźił....

[politan]

Co do netstat'a no to kolego jest tragedia. Pełno otwartych portów i ogólny sieciowy chaos. Patrząc na powyższe logi (na nich się za bardzo nie znam) to stwierdzam, że miałeś w systemie backdoory, tak więc furtkę dla hakerów. Najlepszą opcją byłoby teraz przeinstalować system... Jeżeli tego nie chcesz robić to czym prędzej instaluj firewalla i niech pozamyka te furtki w systemie.

[Sevard]

Jak wyżej. Dużo backdoorów i szpiegowskiego syfu. Zainstalowanie firewalla jest konieczne (niezależnie od tego, czy przeinstalujesz system).

Daj jeszcze logi z OTL, bo mogło coś jeszcze zostać.

[CorteXPL]

OTL logfile created on: 2010-07-02 19:32:03 - Run 1

OTL by OldTimer - Version 3.2.7.0     Folder = C:\Documents and Settings\Gamer\Pulpit

Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd


3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 71,00% Memory free

5,00 Gb Paging File | 4,00 Gb Available in Paging File | 84,00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]


%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 29,29 Gb Total Space | 12,75 Gb Free Space | 43,52% Space Free | Partition Type: NTFS

Drive D: | 195,31 Gb Total Space | 157,28 Gb Free Space | 80,53% Space Free | Partition Type: NTFS

Drive E: | 117,19 Gb Total Space | 38,76 Gb Free Space | 33,07% Space Free | Partition Type: NTFS

Drive F: | 123,96 Gb Total Space | 23,40 Gb Free Space | 18,88% Space Free | Partition Type: NTFS

G: Drive not present or media not loaded

Drive H: | 4,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

I: Drive not present or media not loaded


Computer Name: GAMERPC

Current User Name: Gamer

Logged in as Administrator.


Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 90 Days

Output = Standard

Quick Scan


[color=#E56717]========== Processes (SafeList) ==========[/color]


PRC - [2010-07-02 19:31:28 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gamer\Pulpit\OTL.exe

PRC - [2010-06-27 19:31:39 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe

PRC - [2010-06-27 19:31:38 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2010-06-01 19:00:52 | 001,778,480 | ---- | M] (COMODO) -- D:\Programy\COMODO Internet Security\COMODO\COMODO Internet Security\cmdagent.exe

PRC - [2010-06-01 19:00:40 | 002,039,240 | ---- | M] (COMODO) -- D:\Programy\COMODO Internet Security\COMODO\COMODO Internet Security\cfp.exe

PRC - [2010-05-07 06:42:00 | 001,238,352 | ---- | M] (Valve Corporation) -- F:\Steam\Steam.exe

PRC - [2009-09-29 13:03:46 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

PRC - [2009-09-29 13:02:52 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2001-10-19 12:14:22 | 000,049,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Fast.exe



[color=#E56717]========== Modules (SafeList) ==========[/color]


MOD - [2010-07-02 19:31:28 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gamer\Pulpit\OTL.exe

MOD - [2010-06-01 19:00:52 | 000,278,288 | ---- | M] (COMODO) -- C:\WINDOWS\system32\guard32.dll

MOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx



[color=#E56717]========== Win32 Services (SafeList) ==========[/color]


SRV - [2010-06-01 19:00:52 | 001,778,480 | ---- | M] (COMODO) [Auto | Running] -- D:\Programy\COMODO Internet Security\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)

SRV - [2010-04-23 05:39:00 | 000,136,616 | ---- | M] () [Auto | Stopped] -- C:\Program Files\AMD\OverDrive\AODAssist.exe -- (AODService)

SRV - [2009-09-29 13:11:10 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)

SRV - [2009-09-29 13:03:46 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)

SRV - [2008-11-11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2008-10-14 11:42:54 | 002,164,088 | ---- | M] (RealVNC Ltd.) [On_Demand | Stopped] -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4)

SRV - [2007-12-14 11:46:28 | 000,047,624 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\GIGABYTE\GEST\GSvr.exe -- (GEST Service)

SRV - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)

SRV - [2001-10-26 19:30:00 | 000,003,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\regedt32.exe -- (.EsetTrialReset)

SRV - [2001-10-19 12:14:22 | 000,049,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\Fast.exe -- (InteractiveLogon)



[color=#E56717]========== Driver Services (SafeList) ==========[/color]


DRV - [2010-06-30 08:50:40 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)

DRV - [2010-06-04 11:55:58 | 000,229,312 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)

DRV - [2010-06-02 16:19:25 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)

DRV - [2010-06-01 19:00:24 | 000,087,824 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)

DRV - [2010-06-01 19:00:22 | 000,025,240 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)

DRV - [2010-05-27 19:37:06 | 004,830,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)

DRV - [2010-05-10 20:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Programy\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)

DRV - [2010-03-30 23:38:26 | 000,020,968 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz133_x32.sys -- (cpuz133)

DRV - [2010-03-26 18:21:26 | 005,883,936 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2010-03-08 18:41:48 | 000,220,112 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)

DRV - [2010-02-17 20:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Programy\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)

DRV - [2010-02-03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)

DRV - [2010-01-11 18:06:35 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)

DRV - [2009-12-14 09:21:44 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)

DRV - [2009-11-21 13:11:15 | 000,013,824 | ---- | M] (LoteSoft Co.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\splitcam.sys -- (SPLITCAM)

DRV - [2009-11-18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)

DRV - [2009-11-18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)

DRV - [2009-10-02 21:56:26 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)

DRV - [2009-09-29 13:05:54 | 000,096,408 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)

DRV - [2009-09-29 13:02:58 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)

DRV - [2009-09-29 12:56:32 | 000,116,008 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)

DRV - [2009-09-21 10:55:36 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)

DRV - [2009-09-21 10:55:36 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)

DRV - [2009-09-21 10:55:36 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)

DRV - [2009-07-20 07:00:00 | 000,213,552 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)

DRV - [2008-10-14 02:03:46 | 000,004,608 | ---- | M] (RealVNC Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vncmirror.sys -- (vncmirror)

DRV - [2008-09-15 07:56:24 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)

DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)

DRV - [2008-05-02 08:48:55 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\si3112.sys -- (Si3112)

DRV - [2008-04-14 00:26:50 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)

DRV - [2008-04-14 00:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)

DRV - [2008-04-14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM)

DRV - [2008-04-14 00:10:52 | 000,149,376 | ---- | M] (M-Systems) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tffsport.sys -- (tffsport)

DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)

DRV - [2008-03-20 17:39:04 | 000,021,672 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)

DRV - [2008-03-20 17:39:04 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)

DRV - [2007-10-11 11:10:52 | 000,030,008 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ET5Drv.sys -- (ET5Drv)

DRV - [2007-02-26 18:15:22 | 000,061,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\xusb21.sys -- (xusb21)

DRV - [2002-10-15 22:41:06 | 000,102,220 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonypvs1.sys -- (sonypvs1)

DRV - [2001-08-17 23:54:18 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)

DRV - [2001-08-17 23:54:18 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)



[color=#E56717]========== Standard Registry (SafeList) ==========[/color]



[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=14780&l=dis

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]


FF - prefs.js..browser.search.defaultengine: "Ask.com"

FF - prefs.js..browser.search.defaultenginename: "Ask.com"

FF - prefs.js..browser.search.defaultthis.engineName: "LockerzTOOL Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2539511&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.order.1: "Ask.com"

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.google.pl/webhp?rls=ig"

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3

FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.9

FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.1.5

FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3

FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10

FF - prefs.js..extensions.enabledItems: YoutubeDownloader@PeterOlayev.com:1.4

FF - prefs.js..extensions.enabledItems: video.downloader.plugin@ffpimp.com:2.2

FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.91


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-06-27 19:31:42 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-06-27 19:31:42 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-06-12 14:22:52 | 000,000,000 | ---D | M]


[2009-09-26 16:13:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Extensions

[2010-07-01 19:34:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\extensions

[2010-05-28 06:42:34 | 000,000,000 | ---D | M] (Vista-aero) -- C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}

[2010-05-02 06:21:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010-05-22 20:21:06 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}

[2010-05-29 06:27:21 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}

[2010-05-09 09:57:47 | 000,000,000 | ---D | M] (FoxTab) -- C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}

[2010-05-02 06:21:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\extensions\personas@christopher.beard

[2010-06-25 12:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\extensions\smarterwiki@wikiatic.com

[2010-06-10 06:51:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\extensions\video.downloader.plugin@ffpimp.com

[2010-05-09 16:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\extensions\YoutubeDownloader@PeterOlayev.com

[2010-05-28 06:42:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}\chrome\mozapps\extensions

[2010-04-28 20:08:51 | 000,002,423 | ---- | M] () -- C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\searchplugins\askcom.xml

[2010-02-20 20:53:50 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\Gamer\Dane aplikacji\Mozilla\Firefox\Profiles\spq8a8ph.default\searchplugins\conduit.xml

[2010-06-13 19:09:44 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2010-03-13 08:01:30 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml

[2010-03-13 08:01:30 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml

[2010-03-13 08:01:30 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml

[2010-03-13 08:01:30 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml

[2010-03-13 08:01:30 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml

[2010-03-13 08:01:30 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml


O1 HOSTS File: ([2010-06-29 08:13:56 | 000,408,561 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: 127.0.0.1    www.007guard.com

O1 - Hosts: 127.0.0.1    007guard.com

O1 - Hosts: 127.0.0.1    008i.com

O1 - Hosts: 127.0.0.1    www.008k.com

O1 - Hosts: 127.0.0.1    008k.com

O1 - Hosts: 127.0.0.1    www.00hq.com

O1 - Hosts: 127.0.0.1    00hq.com

O1 - Hosts: 127.0.0.1    010402.com

O1 - Hosts: 127.0.0.1    www.032439.com

O1 - Hosts: 127.0.0.1    032439.com

O1 - Hosts: 127.0.0.1    www.0scan.com

O1 - Hosts: 127.0.0.1    0scan.com

O1 - Hosts: 127.0.0.1    1000gratisproben.com

O1 - Hosts: 127.0.0.1    www.1000gratisproben.com

O1 - Hosts: 127.0.0.1    1001namen.com

O1 - Hosts: 127.0.0.1    www.1001namen.com

O1 - Hosts: 127.0.0.1    100888290cs.com

O1 - Hosts: 127.0.0.1    www.100888290cs.com

O1 - Hosts: 127.0.0.1    www.100sexlinks.com

O1 - Hosts: 127.0.0.1    100sexlinks.com

O1 - Hosts: 127.0.0.1    10sek.com

O1 - Hosts: 127.0.0.1    www.10sek.com

O1 - Hosts: 127.0.0.1    www.1-2005-search.com

O1 - Hosts: 127.0.0.1    1-2005-search.com

O1 - Hosts: 14129 more lines...

O2 - BHO: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.

O2 - BHO: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No CLSID value found.

O2 - BHO: (VidToMP3.com Toolbar) - {BBF89FDA-07F1-4AD3-86B1-0DE425EE8097} - C:\Program Files\vidtomp3Tb\vidtomp3Dx.dll File not found

O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.

O4 - HKLM..\Run: [COMODO Internet Security] D:\Programy\COMODO Internet Security\COMODO\COMODO Internet Security\cfp.exe (COMODO)

O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKCU..\Run: [HKCU] C:\WINDOWS\System32\install\WinUpdate.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\WINDOWS\system32\install\WinUpdate.exe File not found

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 01 00 00 00  [binary data]

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\WINDOWS\system32\install\WinUpdate.exe File not found

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {32564D57-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/wmv8dmo.cab (Reg Error: Key error.)

O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)

O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.250

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\!SASWinLogon: DllName - D:\Programy\SUPERAntiSpyware\SASWINLO.DLL - D:\Programy\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Gamer\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Gamer\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - D:\Programy\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-09-26 15:38:23 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2010-06-24 16:51:57 | 000,000,075 | R--- | M] () - H:\autorun.inf -- [ CDFS ]

O33 - MountPoints2\{61b8d005-ab1f-11de-9aba-0000cac3bc72}\Shell - "" = Autorun

O33 - MountPoints2\{61b8d005-ab1f-11de-9aba-0000cac3bc72}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\setup.exe -- [2008-04-14 22:51:40 | 000,023,040 | ---- | M] (Microsoft Corporation)

O33 - MountPoints2\{7d558b6b-afd7-11de-9ad0-0000cac3bc72}\Shell - "" = Autorun

O33 - MountPoints2\{7d558b6b-afd7-11de-9ad0-0000cac3bc72}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\setup.exe -- [2008-04-14 22:51:40 | 000,023,040 | ---- | M] (Microsoft Corporation)

O33 - MountPoints2\{81bbfb16-aaa9-11de-9ab8-0000cac3bc72}\Shell - "" = Autorun

O33 - MountPoints2\{81bbfb16-aaa9-11de-9ab8-0000cac3bc72}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\setup.exe -- [2008-04-14 22:51:40 | 000,023,040 | ---- | M] (Microsoft Corporation)

O33 - MountPoints2\{8d3f3f06-eefd-11de-9bbf-001fd086a395}\Shell - "" = Autorun

O33 - MountPoints2\{8d3f3f06-eefd-11de-9bbf-001fd086a395}\Shell\AutoRun\command - "" = H:\Setup.exe -- [2010-06-24 16:51:57 | 000,443,156 | R--- | M] (City Interactive                                            )

O33 - MountPoints2\{a0166da6-aaa5-11de-9ab6-001fd086a395}\Shell - "" = Autorun

O33 - MountPoints2\{a0166da6-aaa5-11de-9ab6-001fd086a395}\Shell\AutoRun\command - "" = H:\Setup.exe -- [2010-06-24 16:51:57 | 000,443,156 | R--- | M] (City Interactive                                            )

O33 - MountPoints2\{a8d7852a-b0ef-11de-9ad8-0000cac3bc72}\Shell - "" = Autorun

O33 - MountPoints2\{a8d7852a-b0ef-11de-9ad8-0000cac3bc72}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\setup.exe -- [2008-04-14 22:51:40 | 000,023,040 | ---- | M] (Microsoft Corporation)

O33 - MountPoints2\{c518cde6-55ee-11df-9d33-001fd086a395}\Shell - "" = AutoRun

O33 - MountPoints2\{c518cde6-55ee-11df-9d33-001fd086a395}\Shell\AutoRun\command - "" = H:\Setup.exe -- [2010-06-24 16:51:57 | 000,443,156 | R--- | M] (City Interactive                                            )

O33 - MountPoints2\{e21bb2a2-fcf7-11de-9be9-001fd086a395}\Shell - "" = Autorun

O33 - MountPoints2\{e21bb2a2-fcf7-11de-9be9-001fd086a395}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\setup.exe -- [2008-04-14 22:51:40 | 000,023,040 | ---- | M] (Microsoft Corporation)

O33 - MountPoints2\{e21bb2a8-fcf7-11de-9be9-001fd086a395}\Shell - "" = Autorun

O33 - MountPoints2\{e21bb2a8-fcf7-11de-9be9-001fd086a395}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\setup.exe -- [2008-04-14 22:51:40 | 000,023,040 | ---- | M] (Microsoft Corporation)

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*


[color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color]


[2010-07-02 19:30:32 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Gamer\Pulpit\OTL.exe

[2010-07-02 16:16:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Moje dokumenty\Image Transfer

[2010-07-02 16:13:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood

[2010-07-02 16:11:10 | 000,000,000 | ---D | C] -- C:\Drivers

[2010-07-01 07:42:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\COMODO

[2010-07-01 07:39:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Comodo Downloader

[2010-06-30 22:04:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data

[2010-06-30 20:09:31 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SecuROM

[2010-06-30 14:39:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Dane aplikacji\SUPERAntiSpyware.com

[2010-06-30 14:39:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\SUPERAntiSpyware.com

[2010-06-30 14:29:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Dane aplikacji\Malwarebytes

[2010-06-30 14:29:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010-06-30 14:29:31 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010-06-30 14:29:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes

[2010-06-29 13:50:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Moje dokumenty\Settlers7

[2010-06-29 07:28:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy

[2010-06-29 06:43:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\My Documents

[2010-06-26 15:27:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Moje dokumenty\Settlers7Demo

[2010-06-26 15:23:29 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft

[2010-06-25 17:47:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Ustawienia lokalne\Dane aplikacji\Mumble

[2010-06-25 17:38:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Dane aplikacji\Mumble

[2010-06-25 17:37:58 | 000,000,000 | ---D | C] -- C:\Program Files\Mumble

[2010-06-21 12:47:40 | 000,000,000 | ---D | C] -- C:\Program Files\mIRC

[2010-06-19 09:49:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Moje dokumenty\pcsx2

[2010-06-19 09:48:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Ustawienia lokalne\Dane aplikacji\pcsx2

[2010-06-12 15:56:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Ustawienia lokalne\Dane aplikacji\ESET

[2010-06-12 14:36:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET

[2010-06-12 14:22:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET

[2010-06-12 08:08:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Dane aplikacji\Xfire

[2010-06-10 16:31:48 | 000,121,856 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bmdm.sys

[2010-06-10 16:31:48 | 000,090,112 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\ss_bbus.sys

[2010-06-10 16:31:48 | 000,014,976 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bmdfl.sys

[2010-06-10 16:31:48 | 000,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bwhnt.sys

[2010-06-10 16:31:48 | 000,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bwh.sys

[2010-06-10 16:31:48 | 000,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bcmnt.sys

[2010-06-10 16:31:48 | 000,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bcm.sys

[2010-06-10 16:00:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Ustawienia lokalne\Dane aplikacji\VDownloader

[2010-06-09 20:08:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Ustawienia lokalne\Dane aplikacji\Conduit

[2010-06-09 20:02:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Moje dokumenty\DVDVideoSoft

[2010-06-09 20:02:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft

[2010-06-07 21:30:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Futuremark Shared

[2010-06-07 17:23:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Dane aplikacji\Dropbox

[2010-06-05 12:06:39 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies

[2010-06-05 12:06:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA

[2010-06-05 05:09:15 | 000,447,752 | R--- | C] (On2.com) -- C:\WINDOWS\System32\vp6vfw.dll

[2010-06-05 05:09:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE

[2010-06-03 22:46:32 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Gamer\IECompatCache

[2010-06-02 20:31:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Tages

[2010-06-02 16:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Moje dokumenty\Risen

[2010-05-30 19:36:20 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0

[2010-05-30 17:05:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Moje dokumenty\Prince of Persia

[2010-05-30 08:22:13 | 000,000,000 | ---D | C] -- C:\Program Files\SAMSUNG

[2010-05-30 08:22:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung

[2010-05-30 06:56:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Dane aplikacji\runic games

[2010-05-29 15:06:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowsupdate

[2010-05-27 15:35:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Moje dokumenty\EA SPORTS(TM) FIFA Online

[2010-05-27 15:15:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\FIFAOnlineSetup

[2010-05-22 20:26:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\InterAction studios

[2010-05-22 13:46:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Moje dokumenty\Disney Interactive Studios

[2010-05-20 09:52:58 | 000,000,000 | ---D | C] -- C:\Program Files\SamsungAR

[2010-05-15 12:31:26 | 000,000,000 | ---D | C] -- C:\Program Files\Raptr

[2010-05-15 12:31:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Dane aplikacji\Raptr

[2010-05-14 20:46:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Dane aplikacji\Need for Speed World Online

[2010-05-14 20:46:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Dane aplikacji\Need for Speed World

[2010-05-14 20:39:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Ustawienia lokalne\Dane aplikacji\Electronic_Arts_Inc

[2010-05-09 16:41:45 | 000,000,000 | ---D | C] -- C:\Program Files\YoutubeToMP3

[2010-05-06 21:46:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Dane aplikacji\Gadu-Gadu 10

[2010-05-06 21:46:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10

[2010-05-06 21:46:16 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10

[2010-05-04 10:25:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Gamer\PrivacIE

[2010-05-02 15:34:29 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite

[2010-05-02 13:49:32 | 000,000,000 | ---D | C] -- C:\Program Files\AMD

[2010-05-02 08:49:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Ustawienia lokalne\Dane aplikacji\SKIDROW

[2010-05-02 07:44:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ATI

[2010-05-02 07:41:27 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies

[2010-05-01 20:52:48 | 000,020,968 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\System32\drivers\cpuz133_x32.sys

[2010-05-01 20:52:47 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID

[2010-05-01 10:16:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Windows Genuine Advantage

[2010-05-01 10:15:51 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Gamer\IETldCache

[2010-05-01 10:07:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates

[2010-05-01 10:05:28 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8

[2010-05-01 09:53:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie7updates

[2010-05-01 09:06:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall

[2010-05-01 08:58:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution

[2010-04-28 19:54:13 | 002,131,336 | ---- | C] (Ask.com                                                      ) -- C:\Program Files\Common Files\AskToolbarInstaller.exe

[2010-04-28 19:54:10 | 000,000,000 | ---D | C] -- C:\Program Files\VDownloader

[2010-04-27 00:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl

[2010-04-13 20:58:53 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo

[2010-04-13 19:57:25 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Gamer\Moje dokumenty\Runes of Magic

[2010-04-12 16:34:29 | 001,843,200 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTAudioFile2.dll

[2010-04-12 16:34:29 | 000,315,392 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTAudioPlayer2.dll

[2010-04-12 16:34:29 | 000,196,608 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTWMAFile2.dll

[2010-04-12 16:34:24 | 000,000,000 | ---D | C] -- C:\Program Files\Free MP3 WMA WAV Converter

[2010-04-06 15:22:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Moje dokumenty\BioWare

[2010-04-06 09:31:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\XfireXO

[2010-04-05 22:04:36 | 000,000,000 | ---D | C] -- C:\Program Files\KaraFun

[2010-04-05 21:47:10 | 000,000,000 | ---D | C] -- C:\Program Files\Karaoke Editor

[2010-04-04 22:39:46 | 000,000,000 | -H-D | C] -- C:\WINDOWS\NiwradSoft Shell Pack

[2010-04-04 07:30:51 | 000,208,896 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll

[2010-04-04 07:30:51 | 000,155,648 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Oemdspif.dll

[2010-04-04 07:30:51 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ati2edxx.dll

[2010-04-04 07:30:51 | 000,026,112 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe

[2010-04-04 07:30:51 | 000,024,064 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ativcoxx.dll

[2010-04-03 23:19:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Moje dokumenty\Mount&Blade Warband Savegames

[2010-04-03 23:19:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gamer\Dane aplikacji\Mount&Blade Warband

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\Documents and Settings\Gamer\Dane aplikacji\*.tmp files -> C:\Documents and Settings\Gamer\Dane aplikacji\*.tmp -> ]


[color=#E56717]========== Files - Modified Within 90 Days ==========[/color]


[2010-07-02 19:31:28 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gamer\Pulpit\OTL.exe

[2010-07-02 17:58:16 | 000,015,360 | ---- | M] () -- C:\Documents and Settings\Gamer\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010-07-02 16:12:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010-07-02 16:12:26 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010-07-02 16:12:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010-07-02 16:11:26 | 015,204,352 | ---- | M] () -- C:\Documents and Settings\Gamer\NTUSER.DAT

[2010-07-02 16:11:26 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Gamer\ntuser.ini

[2010-07-02 14:27:55 | 000,198,294 | ---- | M] () -- C:\Documents and Settings\Gamer\Pulpit\P1070938.JPG

[2010-07-02 14:27:55 | 000,005,886 | ---- | M] () -- C:\Documents and Settings\Gamer\.recently-used.xbel

[2010-07-02 14:27:39 | 000,204,700 | ---- | M] () -- C:\Documents and Settings\Gamer\Pulpit\P1070937.JPG

[2010-07-02 11:34:44 | 000,000,672 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Sniper Ghost Warrior.lnk

[2010-07-01 19:54:24 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2010-07-01 07:41:20 | 000,001,649 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\COMODO Firewall.lnk

[2010-06-30 20:09:36 | 000,000,648 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Episodes From Liberty City.lnk

[2010-06-30 14:39:24 | 000,000,717 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\SUPERAntiSpyware Free Edition.lnk

[2010-06-30 14:29:35 | 000,000,547 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk

[2010-06-30 14:04:20 | 000,001,503 | ---- | M] () -- C:\Documents and Settings\Gamer\Pulpit\Paint.lnk

[2010-06-30 14:00:14 | 000,000,538 | ---- | M] () -- C:\WINDOWS\win.ini

[2010-06-30 14:00:14 | 000,000,246 | ---- | M] () -- C:\WINDOWS\system.ini

[2010-06-30 14:00:14 | 000,000,223 | RHS- | M] () -- C:\boot.ini

[2010-06-30 11:55:46 | 000,000,518 | ---- | M] () -- C:\Documents and Settings\Gamer\Pulpit\RegCleaner.lnk

[2010-06-30 08:31:01 | 000,000,725 | ---- | M] () -- C:\Documents and Settings\Gamer\Pulpit\egui.lnk

[2010-06-29 13:38:57 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\The Settlers 7 - Droga do królestwa.lnk

[2010-06-29 09:31:11 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2010-06-29 08:17:00 | 000,000,643 | ---- | M] () -- C:\Documents and Settings\Gamer\Pulpit\Defraggler.lnk

[2010-06-29 08:13:56 | 000,408,561 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2010-06-27 13:34:43 | 000,000,839 | ---- | M] () -- C:\Documents and Settings\Gamer\Pulpit\Xfire.lnk

[2010-06-25 17:43:06 | 000,002,393 | ---- | M] () -- C:\Documents and Settings\Gamer\Moje dokumenty\MumbleAutomaticCertificateBackup.p12

[2010-06-25 17:38:08 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mumble.lnk

[2010-06-25 13:05:43 | 000,007,395 | ---- | M] () -- C:\Documents and Settings\Gamer\Pulpit\1756.jpg

[2010-06-23 06:07:38 | 001,070,528 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2010-06-23 06:07:38 | 000,499,854 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat

[2010-06-23 06:07:38 | 000,440,820 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2010-06-23 06:07:38 | 000,089,036 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat

[2010-06-23 06:07:38 | 000,071,138 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2010-06-21 12:47:40 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\mIRC.lnk

[2010-06-20 22:03:39 | 000,000,614 | ---- | M] () -- C:\Documents and Settings\Gamer\Pulpit\VirtualDub.lnk

[2010-06-19 09:45:49 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\PCSX2 0.9.7 (r3113).lnk

[2010-06-17 21:51:36 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk

[2010-06-15 18:17:29 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\STREET FIGHTER IV.lnk

[2010-06-10 15:59:56 | 000,000,607 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\VDownloader.lnk

[2010-06-10 06:33:14 | 000,137,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010-06-09 19:55:01 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf

[2010-06-06 18:31:04 | 000,000,601 | ---- | M] () -- C:\Documents and Settings\Gamer\Pulpit\SeriousSam.lnk

[2010-06-05 22:18:46 | 000,023,328 | ---- | M] () -- C:\Documents and Settings\Gamer\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

[2010-06-05 07:18:35 | 000,001,907 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\EA Download Manager.lnk

[2010-06-02 16:19:25 | 000,281,760 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys

[2010-05-29 15:02:35 | 000,000,629 | ---- | M] () -- C:\Documents and Settings\Gamer\Pulpit\Prince of Persia - Dusza Wojownika.lnk

[2010-05-28 23:18:45 | 000,138,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys

[2010-05-28 23:18:36 | 000,214,592 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr

[2010-05-28 22:56:54 | 000,002,560 | ---- | M] () -- C:\WINDOWS\_MSRSTRT.EXE

[2010-05-28 06:17:36 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk

[2010-05-28 02:09:00 | 000,041,872 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll

[2010-05-27 18:46:10 | 000,208,896 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll

[2010-05-27 18:46:00 | 000,155,648 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Oemdspif.dll

[2010-05-27 18:45:54 | 000,026,112 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe

[2010-05-27 18:45:48 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ati2edxx.dll

[2010-05-27 18:42:58 | 000,057,480 | ---- | M] () -- C:\WINDOWS\System32\atiapfxx.blb

[2010-05-27 18:41:06 | 000,481,456 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap

[2010-05-27 18:41:00 | 000,887,724 | ---- | M] () -- C:\WINDOWS\System32\ativva6x.dat

[2010-05-27 18:41:00 | 000,000,003 | ---- | M] () -- C:\WINDOWS\System32\ativva5x.dat

[2010-05-27 15:16:01 | 000,139,152 | ---- | M] () -- C:\Documents and Settings\Gamer\Dane aplikacji\PnkBstrK.sys

[2010-05-27 15:15:29 | 000,794,408 | ---- | M] () -- C:\WINDOWS\System32\pbsvc.exe

[2010-05-20 09:53:42 | 000,001,686 | ---- | M] () -- C:\Documents and Settings\Gamer\Pulpit\Samsung 3D LED TV.lnk

[2010-05-17 15:52:08 | 000,000,608 | ---- | M] () -- C:\Documents and Settings\Gamer\Pulpit\ePSXe.lnk

[2010-05-15 12:31:38 | 000,001,536 | ---- | M] () -- C:\Documents and Settings\Gamer\Pulpit\Raptr.lnk

[2010-05-06 21:47:02 | 000,000,763 | ---- | M] () -- C:\Documents and Settings\Gamer\Pulpit\OpenFM.lnk

[2010-05-06 21:47:02 | 000,000,734 | ---- | M] () -- C:\Documents and Settings\Gamer\Pulpit\Gadu-Gadu 10.lnk

[2010-05-06 15:07:00 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2010-05-06 12:28:42 | 000,000,561 | ---- | M] () -- C:\Documents and Settings\Gamer\Pulpit\samp.lnk

[2010-05-06 12:20:09 | 000,000,445 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\GTA San Andreas.lnk

[2010-05-05 22:11:57 | 000,000,107 | ---- | M] () -- C:\WINDOWS\System32\imon1.dat

[2010-05-04 20:35:38 | 000,021,360 | ---- | M] () -- C:\WINDOWS\atiogl.xml

[2010-05-02 15:34:32 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk

[2010-05-02 15:13:28 | 000,001,787 | ---- | M] () -- C:\WINDOWS\System32\sdbackup.reg

[2010-05-02 06:59:38 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\crash

[2010-05-01 21:49:07 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI

[2010-05-01 20:52:49 | 000,000,717 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\CPUID CPU-Z.lnk

[2010-04-29 20:20:28 | 000,000,428 | ---- | M] () -- C:\Documents and Settings\Gamer\Pulpit\Fraps.lnk

[2010-04-29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010-04-29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010-04-27 00:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl

[2010-04-22 06:41:35 | 000,000,454 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk

[2010-04-13 22:24:10 | 000,017,828 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat

[2010-04-13 20:58:55 | 000,000,262 | ---- | M] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini

[2010-04-13 20:58:54 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Ventrilo.lnk

[2010-04-13 13:02:48 | 000,001,664 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\QuickTime Player.lnk

[2010-04-06 19:54:32 | 000,203,336 | ---- | M] () -- C:\WINDOWS\System32\atiicdxx.dat

[2010-04-06 15:47:07 | 000,001,843 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT

[2010-04-04 07:28:16 | 000,000,010 | ---- | M] () -- C:\WINDOWS\WININIT.INI

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\Documents and Settings\Gamer\Dane aplikacji\*.tmp files -> C:\Documents and Settings\Gamer\Dane aplikacji\*.tmp -> ]


[color=#E56717]========== Files Created - No Company Name ==========[/color]


[2010-07-02 16:15:57 | 000,001,458 | ---- | C] () -- C:\WINDOWS\System32\LTOCX12n.INF

[2010-07-02 16:11:10 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll

[2010-07-02 14:27:55 | 000,005,886 | ---- | C] () -- C:\Documents and Settings\Gamer\.recently-used.xbel

[2010-07-02 14:26:17 | 000,198,294 | ---- | C] () -- C:\Documents and Settings\Gamer\Pulpit\P1070938.JPG

[2010-07-02 14:26:15 | 000,204,700 | ---- | C] () -- C:\Documents and Settings\Gamer\Pulpit\P1070937.JPG

[2010-07-02 11:34:44 | 000,000,672 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Sniper Ghost Warrior.lnk

[2010-07-01 07:41:20 | 000,001,649 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\COMODO Firewall.lnk

[2010-06-30 20:09:36 | 000,000,648 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Episodes From Liberty City.lnk

[2010-06-30 14:39:24 | 000,000,717 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\SUPERAntiSpyware Free Edition.lnk

[2010-06-30 14:29:35 | 000,000,547 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk

[2010-06-30 08:31:01 | 000,000,725 | ---- | C] () -- C:\Documents and Settings\Gamer\Pulpit\egui.lnk

[2010-06-29 13:38:57 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\The Settlers 7 - Droga do królestwa.lnk

[2010-06-29 08:17:00 | 000,000,643 | ---- | C] () -- C:\Documents and Settings\Gamer\Pulpit\Defraggler.lnk

[2010-06-27 13:34:43 | 000,000,839 | ---- | C] () -- C:\Documents and Settings\Gamer\Pulpit\Xfire.lnk

[2010-06-25 17:43:06 | 000,002,393 | ---- | C] () -- C:\Documents and Settings\Gamer\Moje dokumenty\MumbleAutomaticCertificateBackup.p12

[2010-06-25 17:38:08 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mumble.lnk

[2010-06-25 13:05:38 | 000,007,395 | ---- | C] () -- C:\Documents and Settings\Gamer\Pulpit\1756.jpg

[2010-06-23 08:28:54 | 000,083,008 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat

[2010-06-21 12:47:40 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\mIRC.lnk

[2010-06-20 22:03:39 | 000,000,614 | ---- | C] () -- C:\Documents and Settings\Gamer\Pulpit\VirtualDub.lnk

[2010-06-19 09:45:49 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\PCSX2 0.9.7 (r3113).lnk

[2010-06-17 17:25:02 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat

[2010-06-17 17:25:01 | 000,203,336 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat

[2010-06-17 17:25:01 | 000,057,480 | ---- | C] () -- C:\WINDOWS\System32\atiapfxx.blb

[2010-06-17 17:25:01 | 000,021,360 | ---- | C] () -- C:\WINDOWS\atiogl.xml

[2010-06-17 17:25:01 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat

[2010-06-15 18:17:29 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\STREET FIGHTER IV.lnk

[2010-06-10 15:59:56 | 000,000,607 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\VDownloader.lnk

[2010-06-07 17:37:04 | 000,000,518 | ---- | C] () -- C:\Documents and Settings\Gamer\Pulpit\RegCleaner.lnk

[2010-06-06 18:30:37 | 000,000,601 | ---- | C] () -- C:\Documents and Settings\Gamer\Pulpit\SeriousSam.lnk

[2010-06-05 07:18:35 | 000,001,907 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\EA Download Manager.lnk

[2010-05-29 15:02:35 | 000,000,629 | ---- | C] () -- C:\Documents and Settings\Gamer\Pulpit\Prince of Persia - Dusza Wojownika.lnk

[2010-05-28 22:56:54 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE

[2010-05-28 06:16:54 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk

[2010-05-28 02:09:00 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll

[2010-05-20 09:53:15 | 000,001,686 | ---- | C] () -- C:\Documents and Settings\Gamer\Pulpit\Samsung 3D LED TV.lnk

[2010-05-17 15:52:07 | 000,000,608 | ---- | C] () -- C:\Documents and Settings\Gamer\Pulpit\ePSXe.lnk

[2010-05-15 12:31:38 | 000,001,536 | ---- | C] () -- C:\Documents and Settings\Gamer\Pulpit\Raptr.lnk

[2010-05-06 21:47:02 | 000,000,734 | ---- | C] () -- C:\Documents and Settings\Gamer\Pulpit\Gadu-Gadu 10.lnk

[2010-05-06 12:28:42 | 000,000,561 | ---- | C] () -- C:\Documents and Settings\Gamer\Pulpit\samp.lnk

[2010-05-06 12:20:09 | 000,000,445 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\GTA San Andreas.lnk

[2010-05-02 15:34:32 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk

[2010-05-02 15:13:28 | 000,001,787 | ---- | C] () -- C:\WINDOWS\System32\sdbackup.reg

[2010-05-01 20:52:49 | 000,000,717 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\CPUID CPU-Z.lnk

[2010-04-13 22:24:10 | 000,017,828 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2010-04-13 20:58:54 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Ventrilo.lnk

[2010-04-13 20:58:48 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini

[2010-04-13 13:02:48 | 000,001,664 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\QuickTime Player.lnk

[2010-04-08 18:13:36 | 000,000,454 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk

[2010-04-04 07:30:51 | 000,481,456 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.cap

[2010-04-04 07:30:51 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe

[2010-04-04 07:30:51 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe

[2010-04-02 17:17:34 | 000,179,091 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat

[2010-03-13 21:05:12 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll

[2010-01-22 15:57:00 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2010-01-22 15:56:59 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini

[2010-01-22 15:56:54 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2010-01-22 15:56:54 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2010-01-22 15:56:50 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2010-01-22 15:56:50 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2010-01-10 12:53:22 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI

[2009-11-21 23:42:19 | 000,000,020 | ---- | C] () -- C:\WINDOWS\mafosav.INI

[2009-10-27 22:16:20 | 000,000,298 | ---- | C] () -- C:\WINDOWS\game.ini

[2009-10-17 15:11:19 | 000,138,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys

[2009-10-14 20:05:32 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll

[2009-10-14 20:05:32 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys

[2009-10-07 16:21:50 | 000,000,068 | ---- | C] () -- C:\WINDOWS\Awpr.ini

[2009-10-03 13:49:48 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI

[2009-10-02 21:56:26 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys

[2009-10-02 21:56:26 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys

[2009-09-30 16:46:57 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll

[2009-09-27 13:41:46 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2009-09-26 16:31:08 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys

[2009-09-26 16:27:30 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2009-09-26 15:57:10 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll

[2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll

[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll

[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll

[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll

[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll

[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll

[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll

[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll

[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll

[2008-04-14 22:50:36 | 000,056,880 | ---- | C] () -- C:\WINDOWS\System32\scvideo.dll

[2007-10-25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[2001-10-19 12:21:10 | 000,016,960 | ---- | C] () -- C:\WINDOWS\System32\mag.dll

[2001-10-19 12:21:08 | 000,148,544 | ---- | C] () -- C:\WINDOWS\System32\msvdm.dll

[1996-04-03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys


[color=#E56717]========== LOP Check ==========[/color]


[2010-01-11 18:17:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Astroburn Lite

[2010-01-11 18:06:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite

[2009-12-23 16:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EA Logs

[2010-06-28 10:56:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts

[2010-06-12 14:22:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET

[2010-05-06 21:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10

[2010-03-29 21:32:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Game Room

[2010-04-29 15:52:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations

[2010-05-22 20:26:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\InterAction studios

[2010-06-22 20:46:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM

[2009-10-11 18:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite

[2009-12-12 21:21:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PopCap Games

[2010-05-30 08:22:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung

[2010-06-02 20:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tages

[2010-02-22 01:45:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP

[2010-01-16 02:48:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft

[2009-12-27 08:06:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Valve

[2010-01-11 18:15:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\Astroburn Lite

[2010-02-21 12:24:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\Bioshock

[2009-09-27 11:49:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2010-01-11 18:10:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\DAEMON Tools Lite

[2009-10-11 19:41:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\Dark Sector

[2010-06-08 06:13:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\Dropbox

[2010-03-02 18:51:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\FOG Downloader

[2009-09-26 16:16:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\Gadu-Gadu

[2010-05-06 21:46:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\Gadu-Gadu 10

[2010-07-02 14:27:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\gtk-2.0

[2010-01-22 15:44:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\Imperium Romanum

[2009-10-21 20:21:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\ITTerritory

[2009-11-21 01:00:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\Mount&Blade

[2010-04-06 09:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\Mount&Blade Warband

[2010-07-02 14:01:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\Mumble

[2010-05-14 20:46:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\Need for Speed World

[2010-05-14 20:46:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\Need for Speed World Online

[2010-02-25 16:51:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\Nokia

[2009-10-03 10:23:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\Nowe Gadu-Gadu

[2009-10-07 16:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\OpenFM

[2009-10-11 18:32:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\PC Suite

[2010-06-30 08:51:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\Raptr

[2010-05-30 06:56:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\runic games

[2010-06-30 12:01:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\Samsung

[2010-02-25 11:43:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\Sudeki

[2010-01-16 02:48:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\Ubisoft

[2010-07-02 00:31:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\uTorrent

[2010-03-07 23:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gamer\Dane aplikacji\vghd


[color=#E56717]========== Purity Check ==========[/color]




[color=#E56717]========== Alternate Data Streams ==========[/color]


@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF

@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:4F8F308F

< End of report >

[Sevard]

Nie widzę zagrożeń, ale system to by jednak wypadało wyczyścić ze śmieci, bo masz spory bałagan.

Wytłumacz mi jeszcze co to za wpis:

SRV - [2001-10-26 19:30:00 | 000,003,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\regedt32.exe -- (.EsetTrialReset)

[CorteXPL]

Nie wiem no regedit ale co z nim to nie wiem pamiętam że brat wyłączał wszystko co się da łącznie z antivirem żeby tylko dobrze mu wszystko chodziło -_-

[Sevard]

Regedit jako usługa i do tego fragment "--(.EsetTrialReset)", który dosyć wyraźnie mówi do czego ten regedit służy. I o wyjaśnienie tego fragmentu proszę.

[CorteXPL]

Już wiem to jest tylko zmiana rejestru w nod32 bo mam pirata i ciągle resetuje mi się trial żeby mieć bez endu. Więc nic szkodliwego.

[Sevard]

No i właśnie też tak coś mi się mocno wydawało, że ta nazwa przypadkowa nie jest. Otrzymujesz ostrzeżenie za piractwo.

[CorteXPL]

OK ostrzeżenie rozumiem ale co dalej z tym wszystkim?

[Sevard]

Tak jak pisałem, możesz powyrzucać zbędne programy, wyczyścić rejestr CCleanerem. Do tego przydałoby się przeprowadzić defragmentację i dobrze skonfigurować firewalla. Generalnie zagrożeń w logach już nie widać, ale jak znam życie, to backdoory pozostawiły po sobie śmieci w systemie. W sumie możesz spróbować przywrócić system do czasu sprzed zabaw brata, przynajmniej część powstałych dziur to załata.

Jeśli chodzi o wydajność, to ściągnij program Autoruns i zastanów się czego potrzebujesz, by uruchamiało się przy starcie. Jeśli nie wiesz za co odpowiada jakiś proces, to spytaj, bo wyłączanie na chybił trafił może się dziwnie skończyć.

[3m2oo5]

Nie widzę zagrożeń, ale system to by jednak wypadało wyczyścić ze śmieci, bo masz spory bałagan.

Wytłumacz mi jeszcze co to za wpis:

SRV - [2001-10-26 19:30:00 | 000,003,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\regedt32.exe -- (.EsetTrialReset)

O ja nie moge .. Ale się uśmiałem jak czytałem ten topic i doszedłem do tego momentu.. Dalsza część była oczywista

Ekhem ... (moralizatorsko) Patrząc, jaki syf miałeś w systemie przyłącze się do kolegów i poradze:

Zabezpiecz dobrze swój system.

1. Darmowy w 100% i w 100% legalny pakiet Comodo Internet Security - Antywirus plus Firewall a do tego Malwarebytes Antimalware prewencyjnie co jakiś czas.

albo

2. Darmowe w 100% i w 100% legalne Avira Antivir Free plus ZoneAlarm Free Firewall plus Malwarebytes.. jak wyżej.

[CorteXPL]

OK zmieniłem se pirackiego noda na comodo