Baroso Napisano Kwiecień 6, 2010 Zgłoś Share Napisano Kwiecień 6, 2010 Otóż dzisiaj avast pokazał mi mnostwo malware, zatrzymalem ochrone dostepowa, nie moglem juz dlozej klikac kwarantanna. Pobrałem Malwarebytes' Anti-Malware i oto logi:(nie wiem czy to to) Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Wersja bazy: 3958 Windows 5.1.2600 Dodatek Service Pack 3 Internet Explorer 7.0.5730.13 2010-04-07 11:37:06 mbam-log-2010-04-07 (11-37-06).txt Typ skanowania: Szybkie skanowanie Przeskanowano obiektów: 104881 Upłynęło: 4 minut(y), 15 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 0 Zainfekowanych wartości rejestru: 0 Zainfekowane informacje rejestru systemowego: 1 Zainfekowanych folderów: 0 Zainfekowanych plików: 3 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: (Nie znaleziono zagrożeń) Zainfekowanych wartości rejestru: (Nie znaleziono zagrożeń) Zainfekowane informacje rejestru systemowego: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> No action taken. Zainfekowanych folderów: (Nie znaleziono zagrożeń) Zainfekowanych plików: C:\WINDOWS\system32\drivers\siajsh.sys (Rootkit.Agent) -> No action taken. C:\Documents and Settings\Właściciel\Dane aplikacji\avdrn.dat (Malware.Trace) -> No action taken. C:\Documents and Settings\Właściciel\Menu Start\Programy\Autostart\syspck32.exe (Trojan.Downloader) -> No action taken. Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Wersja bazy: 3958 Windows 5.1.2600 Dodatek Service Pack 3 Internet Explorer 7.0.5730.13 2010-04-07 11:37:14 mbam-log-2010-04-07 (11-37-14).txt Typ skanowania: Szybkie skanowanie Przeskanowano obiektów: 104881 Upłynęło: 4 minut(y), 15 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 0 Zainfekowanych wartości rejestru: 0 Zainfekowane informacje rejestru systemowego: 1 Zainfekowanych folderów: 0 Zainfekowanych plików: 3 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: (Nie znaleziono zagrożeń) Zainfekowanych wartości rejestru: (Nie znaleziono zagrożeń) Zainfekowane informacje rejestru systemowego: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> No action taken. Zainfekowanych folderów: (Nie znaleziono zagrożeń) Zainfekowanych plików: C:\WINDOWS\system32\drivers\siajsh.sys (Rootkit.Agent) -> No action taken. C:\Documents and Settings\Właściciel\Dane aplikacji\avdrn.dat (Malware.Trace) -> No action taken. C:\Documents and Settings\Właściciel\Menu Start\Programy\Autostart\syspck32.exe (Trojan.Downloader) -> No action taken. Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Wersja bazy: 3958 Windows 5.1.2600 Dodatek Service Pack 3 Internet Explorer 7.0.5730.13 2010-04-07 11:37:20 mbam-log-2010-04-07 (11-37-20).txt Typ skanowania: Szybkie skanowanie Przeskanowano obiektów: 104881 Upłynęło: 4 minut(y), 15 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 0 Zainfekowanych wartości rejestru: 0 Zainfekowane informacje rejestru systemowego: 1 Zainfekowanych folderów: 0 Zainfekowanych plików: 3 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: (Nie znaleziono zagrożeń) Zainfekowanych wartości rejestru: (Nie znaleziono zagrożeń) Zainfekowane informacje rejestru systemowego: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> No action taken. Zainfekowanych folderów: (Nie znaleziono zagrożeń) Zainfekowanych plików: C:\WINDOWS\system32\drivers\siajsh.sys (Rootkit.Agent) -> No action taken. C:\Documents and Settings\Właściciel\Dane aplikacji\avdrn.dat (Malware.Trace) -> No action taken. C:\Documents and Settings\Właściciel\Menu Start\Programy\Autostart\syspck32.exe (Trojan.Downloader) -> No action taken. Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Wersja bazy: 3958 Windows 5.1.2600 Dodatek Service Pack 3 Internet Explorer 7.0.5730.13 2010-04-07 11:37:27 mbam-log-2010-04-07 (11-37-27).txt Typ skanowania: Szybkie skanowanie Przeskanowano obiektów: 104881 Upłynęło: 4 minut(y), 15 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 0 Zainfekowanych wartości rejestru: 0 Zainfekowane informacje rejestru systemowego: 1 Zainfekowanych folderów: 0 Zainfekowanych plików: 3 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: (Nie znaleziono zagrożeń) Zainfekowanych wartości rejestru: (Nie znaleziono zagrożeń) Zainfekowane informacje rejestru systemowego: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> No action taken. Zainfekowanych folderów: (Nie znaleziono zagrożeń) Zainfekowanych plików: C:\WINDOWS\system32\drivers\siajsh.sys (Rootkit.Agent) -> No action taken. C:\Documents and Settings\Właściciel\Dane aplikacji\avdrn.dat (Malware.Trace) -> No action taken. C:\Documents and Settings\Właściciel\Menu Start\Programy\Autostart\syspck32.exe (Trojan.Downloader) -> No action taken. Co robić z tym dziadostwem? Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Kwiecień 6, 2010 Zgłoś Share Napisano Kwiecień 6, 2010 Usuń za pomocą Malwarebytes'. Następnie zrób pełny skan za pomocą tego programu, pozwól mu ponaprawiać to, co znajdzie i daj loga z tego skanowania. Do tego dorzuć logi z OTLa i GMERa. Link do komentarza Udostępnij na innych stronach More sharing options...
Baroso Napisano Kwiecień 6, 2010 Autor Zgłoś Share Napisano Kwiecień 6, 2010 Nie wiem co znowu się stało - komputer przy włączaniu strasznie zwolnił, na dyskach twardych pokazują się prawie przezroczyste foldery i pliki, które już dawno usunąłem?!? Komp się sam uruchomił ponownie... Czego to wina? Kiedy włączam GMERa to pokazuje się okienko z nie wysyłaj. Naprowadź mnie trochę co mam zaznaczyć przy skanowaniu w OTLu(w każdej zakładce 3 do wyboru co wybrać) To co mam to log z Malwarebytes' po ukończeniu skanu. Poprzednio usunąłem infekcje. Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Wersja bazy: 3958 Windows 5.1.2600 Dodatek Service Pack 3 Internet Explorer 7.0.5730.13 2010-04-07 14:02:36 mbam-log-2010-04-07 (14-02-36).txt Typ skanowania: Pełne skanowanie (C:\|D:\|E:\|) Przeskanowano obiektów: 251181 Upłynęło: 55 minut(y), 25 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 0 Zainfekowanych wartości rejestru: 0 Zainfekowane informacje rejestru systemowego: 0 Zainfekowanych folderów: 0 Zainfekowanych plików: 0 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: (Nie znaleziono zagrożeń) Zainfekowanych wartości rejestru: (Nie znaleziono zagrożeń) Zainfekowane informacje rejestru systemowego: (Nie znaleziono zagrożeń) Zainfekowanych folderów: (Nie znaleziono zagrożeń) Zainfekowanych plików: (Nie znaleziono zagrożeń) Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Kwiecień 6, 2010 Zgłoś Share Napisano Kwiecień 6, 2010 Na początek wystarczy log z OTL na domyślnych ustawieniach. Podaj pełną konfigurację sprzętową kompa, bo problem może być w innym miejscu. Sprawdź też system za pomocą Dr.Web CureIt! Link do komentarza Udostępnij na innych stronach More sharing options...
Baroso Napisano Kwiecień 6, 2010 Autor Zgłoś Share Napisano Kwiecień 6, 2010 Mam zasilacz IBOX 350V... moze to dlatego LOG: OTL logfile created on: 2010-04-07 16:40:02 - Run 1 OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\Właściciel\Moje dokumenty\Downloads Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 021,00 Mb Total Physical Memory | 359,00 Mb Available Physical Memory | 35,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 76,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 19,53 Gb Total Space | 2,86 Gb Free Space | 14,66% Space Free | Partition Type: NTFS Drive D: | 106,45 Gb Total Space | 19,84 Gb Free Space | 18,64% Space Free | Partition Type: NTFS Drive E: | 106,89 Gb Total Space | 20,31 Gb Free Space | 19,00% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: Y-3D3EB80801794 Current User Name: Właściciel Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010-04-07 13:51:45 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Właściciel\Moje dokumenty\Downloads\OTL.exe PRC - [2010-02-26 15:49:40 | 000,716,616 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe PRC - [2010-02-26 15:47:32 | 001,047,880 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe PRC - [2010-02-05 20:36:00 | 000,527,344 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe PRC - [2009-11-25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2009-11-25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2009-11-25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2009-11-25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2009-11-25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2009-03-05 16:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- D:\Spybot - Search & Destroy\TeaTimer.exe PRC - [2008-04-14 23:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-02-10 15:29:54 | 029,178,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe PRC - [2007-02-10 06:29:56 | 000,089,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe PRC - [2006-05-26 16:58:00 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\sttray.exe PRC - [2004-09-29 13:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe ========== Modules (SafeList) ========== MOD - [2010-04-07 13:51:45 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Właściciel\Moje dokumenty\Downloads\OTL.exe ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (NMIndexingService) SRV - File not found [On_Demand | Stopped] -- -- (gusvc) SRV - [2010-03-15 16:31:24 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2010-02-26 15:47:32 | 001,047,880 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2010-02-26 15:43:48 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp) SRV - [2009-11-25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2009-11-25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2009-11-25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2009-11-25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2007-02-10 15:29:54 | 029,178,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS) SRV - [2007-02-10 15:29:47 | 000,242,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser) SRV - [2007-02-10 06:29:56 | 000,089,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter) SRV - [2006-05-26 16:58:54 | 000,086,016 | ---- | M] (SigmaTel, Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\stacsv.exe -- (STacSV) SRV - [2005-10-14 12:50:19 | 000,045,272 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper) SRV - [2004-09-29 13:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) ========== Driver Services (SafeList) ========== DRV - [2010-02-24 14:41:50 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2010-02-03 06:52:08 | 004,605,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009-11-25 01:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2) DRV - [2009-11-25 01:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP) DRV - [2009-11-25 01:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009-11-25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi) DRV - [2009-11-25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr) DRV - [2009-11-25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2009-06-20 16:50:46 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2009-06-20 16:50:45 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009-06-02 15:26:28 | 000,099,856 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2009-03-15 12:25:46 | 000,056,268 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu) DRV - [2008-07-16 10:17:18 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2008-04-13 23:06:06 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2006-06-14 07:56:00 | 000,012,288 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO) DRV - [2006-05-26 16:59:12 | 001,177,032 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) DRV - [2004-08-03 23:59:44 | 000,095,360 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi) DRV - [2004-04-30 10:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus) DRV - [2004-04-30 10:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [2010-03-23 19:46:07 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009-09-15 16:27:12 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll [2007-03-10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll O1 HOSTS File: ([2008-08-12 18:20:54 | 000,258,364 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.1001-search.info O1 - Hosts: 127.0.0.1 1001-search.info O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.123topsearch.com O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.132.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 127.0.0.1 www.136136.net O1 - Hosts: 127.0.0.1 136136.net O1 - Hosts: 8977 more lines... O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (UrlHelper Class) - {6D023EBF-70B8-45A6-9ED5-556515FA0FE4} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll () O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll () O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BSMediaBar.dll (BearShare) O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BSMediaBar.dll (BearShare) O4 - HKLM..\Run: [avast!] D:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [sigmatelSysTrayApp] C:\WINDOWS\sttray.exe (SigmaTel, Inc.) O4 - HKCU..\Run: [spybotSD TeaTimer] D:\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data] O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogOff = 1 O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2...78f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/static/up...er_4.0.17.0.cab (Battlefield Heroes Updater) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 () - http://www.wyszkowiak.eu/images/stories/im...20/igrzyska.JPG O24 - Desktop Components:1 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{ae07955c-e184-11dc-ae7f-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{ae07955c-e184-11dc-ae7f-806d6172696f}\Shell\Auto\command - "" = C:\WINDOWS\System32\wupdmgr.exe -- [2006-03-02 14:00:00 | 000,032,256 | ---- | M] (Microsoft Corporation) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-04-07 11:31:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Malwarebytes [2010-04-07 11:31:10 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-04-07 11:31:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2010-04-07 11:31:07 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-04-07 11:31:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010-04-07 11:17:37 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\drivers\lbrtfdc.sys [2010-04-07 11:17:37 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys [2010-04-07 11:17:18 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys [2010-04-07 11:16:59 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\changer.sys [2010-04-07 11:16:59 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys [2010-04-06 10:41:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe [2010-04-04 10:27:34 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Właściciel\Moje dokumenty\Runes of Magic [2010-04-02 16:13:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Dane aplikacji\FOG Downloader [2010-04-01 12:39:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-04-01 12:39:37 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10 [2010-03-21 22:17:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Moje dokumenty\Nowy folder [2010-03-15 18:40:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-03-15 17:21:51 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll [2010-03-15 17:21:51 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll [2010-03-15 17:21:48 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll [2010-03-15 17:21:48 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll [2010-03-15 17:21:48 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll [2010-03-15 17:21:48 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll [2010-03-15 17:21:48 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll [2010-03-15 17:21:48 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax [2010-03-15 17:21:48 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax [2010-03-15 17:21:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll [2010-03-15 17:21:47 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll [2010-03-15 17:21:47 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll [2010-03-15 17:21:47 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll [2010-03-15 17:21:47 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll [2010-03-15 17:21:47 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll [2010-03-15 17:21:47 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll [2010-03-15 17:21:47 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll [2010-03-15 17:21:47 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll [2010-03-15 17:21:47 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll [2010-03-15 17:21:47 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll [2010-03-15 17:21:47 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll [2010-03-15 17:21:47 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll [2010-03-15 17:21:47 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll [2010-03-15 17:21:47 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll [2010-03-15 17:21:47 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll [2010-03-15 17:21:46 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll [2010-03-15 17:21:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll [2010-03-15 17:21:45 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll [2010-03-15 17:21:45 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll [2010-03-15 17:21:45 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll [2010-03-15 17:21:45 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll [2010-03-15 17:21:45 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll [2010-03-15 17:21:45 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe [2010-03-15 17:21:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll [2010-03-15 17:21:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll [2010-03-15 17:21:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll [2010-03-15 17:21:44 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll [2010-03-15 17:21:44 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll [2010-03-15 17:21:44 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe [2010-03-15 17:21:44 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll [2010-03-15 17:21:44 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll [2010-03-15 17:21:44 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll [2010-03-15 17:21:44 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll [2010-03-15 17:21:43 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll [2010-03-15 17:21:43 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll [2010-03-15 17:21:43 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll [2010-03-15 17:21:43 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll [2010-03-15 17:21:43 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll [2010-03-15 17:21:43 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll [2010-03-15 17:21:43 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll [2010-03-15 17:21:43 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe [2010-03-15 17:21:43 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll [2010-03-15 17:21:43 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll [2010-03-15 17:21:43 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe [2010-03-15 17:21:43 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe [2010-03-15 17:21:42 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll [2010-03-15 17:21:42 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax [2010-03-15 17:21:41 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll [2010-03-15 17:21:40 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe [2010-03-15 17:21:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl [2010-03-15 17:21:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas [2010-03-15 17:21:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits [2010-03-15 17:17:01 | 000,004,255 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll [2010-03-15 17:17:01 | 000,003,967 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll [2010-03-15 17:17:01 | 000,003,647 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll [2010-03-15 17:17:01 | 000,003,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll [2010-03-15 17:17:00 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys [2010-03-15 17:17:00 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys [2010-03-15 17:17:00 | 000,043,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\drivers\amdagp.sys [2010-03-15 17:17:00 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys [2010-03-15 17:17:00 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys [2010-03-15 17:17:00 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys [2010-03-15 17:17:00 | 000,003,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll [2010-03-15 17:17:00 | 000,003,711 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll [2010-03-15 17:17:00 | 000,003,135 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll [2010-03-15 17:16:59 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys [2010-03-15 17:16:59 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys [2010-03-15 17:16:59 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys [2010-03-15 17:16:59 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys [2010-03-15 17:16:59 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys [2010-03-15 17:16:59 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys [2010-03-15 17:16:59 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys [2010-03-15 17:16:59 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys [2010-03-15 17:16:59 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys [2010-03-15 17:16:59 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys [2010-03-15 17:16:59 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys [2010-03-15 17:16:59 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys [2010-03-15 17:16:59 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys [2010-03-15 17:16:58 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys [2010-03-15 17:16:58 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys [2010-03-15 17:16:58 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys [2010-03-15 17:16:58 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll [2010-03-15 17:16:58 | 000,021,183 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll [2010-03-15 17:16:58 | 000,017,279 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll [2010-03-15 17:16:58 | 000,014,143 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll [2010-03-15 17:16:58 | 000,011,359 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll [2010-03-15 17:16:57 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys [2010-03-15 17:16:57 | 000,015,423 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll [2010-03-15 17:16:54 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys [2010-03-15 17:16:54 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys [2010-03-15 17:16:54 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys [2010-03-15 17:16:54 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys [2010-03-15 17:16:54 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys [2010-03-15 17:16:53 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys [2010-03-15 17:16:53 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys [2010-03-15 17:16:53 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys [2010-03-15 17:16:53 | 000,003,901 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll [2010-03-15 17:16:52 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys [2010-03-15 17:16:52 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys [2010-03-15 17:16:52 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys [2010-03-15 17:16:52 | 000,040,960 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\sisagp.sys [2010-03-15 17:16:52 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys [2010-03-15 17:16:52 | 000,011,325 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll [2010-03-15 17:16:52 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys [2010-03-15 17:16:51 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys [2010-03-15 17:16:51 | 000,022,271 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys [2010-03-15 17:16:51 | 000,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys [2010-03-15 17:16:51 | 000,011,871 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys [2010-03-15 17:16:51 | 000,011,807 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys [2010-03-15 17:16:51 | 000,011,295 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys [2010-03-15 17:08:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$ [2010-03-15 17:08:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome [2010-03-15 16:31:26 | 000,030,536 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe [2010-03-15 16:31:00 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2010 [2010-03-15 16:30:45 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} [2010-03-15 16:29:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\5888428E699C4E71BF7194EE06B497DA.TMP [2010-03-12 21:04:40 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiapfxx.exe [2010-03-12 21:04:02 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2010-03-12 21:02:53 | 000,000,000 | ---D | C] -- C:\ATI [2010-03-12 20:43:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Rockstar Games [2010-03-12 18:42:02 | 000,019,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2010-03-09 15:19:06 | 000,000,000 | ---D | C] -- C:\Nowy folder [2010-03-06 19:02:24 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys [2010-03-06 19:02:24 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys [2009-07-04 22:53:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Xfire [2009-03-13 14:34:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Apple [2008-01-25 19:12:24 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2007-12-06 12:36:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2007-10-28 16:59:44 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010-04-07 16:35:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-04-07 15:19:24 | 012,582,912 | -H-- | M] () -- C:\Documents and Settings\Właściciel\NTUSER.DAT [2010-04-07 15:19:24 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Właściciel\ntuser.ini [2010-04-07 15:19:18 | 002,110,524 | -H-- | M] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-04-07 14:57:09 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-04-07 11:31:13 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-04-06 21:49:36 | 000,000,453 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Metin2 PL.lnk [2010-04-06 20:12:05 | 000,000,440 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Metin2.us.lnk [2010-04-05 14:17:16 | 000,159,744 | ---- | M] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-04-05 14:16:05 | 376,607,022 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 015.avi [2010-04-05 14:15:11 | 006,575,144 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 014.avi [2010-04-05 14:15:10 | 000,548,162 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 013.jpg [2010-04-05 14:15:10 | 000,385,243 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 012.jpg [2010-04-04 10:26:41 | 000,000,678 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Runes of Magic.lnk [2010-04-03 15:43:33 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-04-03 11:50:18 | 000,373,043 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\skanuj0001.jpg [2010-04-02 12:08:22 | 000,000,479 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\EVEREST Home Edition.lnk [2010-04-02 11:34:54 | 003,686,454 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\cda.bmp [2010-03-29 15:24:58 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-03-29 15:24:46 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-03-27 15:32:48 | 000,885,179 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 010.jpg [2010-03-27 15:32:48 | 000,151,785 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 011.jpg [2010-03-22 18:26:26 | 000,012,433 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\jj.docx [2010-03-17 22:11:24 | 000,000,034 | ---- | M] () -- C:\WINDOWS\System32\oeminfo.ini [2010-03-15 18:42:40 | 000,074,544 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT [2010-03-15 18:41:26 | 002,161,568 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-03-15 17:16:27 | 000,251,152 | RHS- | M] () -- C:\ntldr [2010-03-15 16:33:23 | 000,000,225 | RHS- | M] () -- C:\boot.ini [2010-03-15 16:31:23 | 000,001,771 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TuneUp Konserwacja 1 kliknięciem.lnk [2010-03-15 16:31:23 | 000,001,765 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TuneUp Utilities.lnk [2010-03-14 17:09:34 | 000,158,064 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 001.jpg [2010-03-13 19:53:35 | 003,686,454 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\69 Urban Terror.bmp [2010-03-12 21:07:15 | 000,001,779 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Play The Lord of the Rings Online? - FREE for 10 Days!.lnk [2010-03-11 14:35:47 | 001,168,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll [2010-03-11 14:35:47 | 000,832,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll [2010-03-11 14:35:47 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webcheck.dll [2010-03-11 14:35:46 | 000,671,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll [2010-03-11 14:35:46 | 000,671,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll [2010-03-11 14:35:46 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll [2010-03-11 14:35:46 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrating.dll [2010-03-11 14:35:46 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll [2010-03-11 14:35:46 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll [2010-03-11 14:35:46 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll [2010-03-11 14:35:46 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pngfilt.dll [2010-03-11 14:35:46 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pngfilt.dll [2010-03-11 14:35:45 | 003,599,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll [2010-03-11 14:35:45 | 000,477,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll [2010-03-11 14:35:44 | 000,459,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll [2010-03-11 14:35:44 | 000,459,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2010-03-11 14:35:44 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll [2010-03-11 14:35:44 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2010-03-11 14:35:44 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll [2010-03-11 14:35:44 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll [2010-03-11 14:35:43 | 006,067,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2010-03-11 14:35:43 | 001,830,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl [2010-03-11 14:35:43 | 001,830,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl [2010-03-11 14:35:43 | 000,268,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2010-03-11 14:35:43 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll [2010-03-11 14:35:43 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll [2010-03-11 14:35:43 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iernonce.dll [2010-03-11 14:35:43 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iernonce.dll [2010-03-11 14:35:41 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll [2010-03-11 14:35:41 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll [2010-03-11 14:35:41 | 000,380,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieapfltr.dll [2010-03-11 14:35:41 | 000,380,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll [2010-03-11 14:35:41 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieaksie.dll [2010-03-11 14:35:41 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieaksie.dll [2010-03-11 14:35:41 | 000,153,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieakeng.dll [2010-03-11 14:35:41 | 000,153,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakeng.dll [2010-03-11 14:35:41 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll [2010-03-11 14:35:41 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll [2010-03-11 14:35:40 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtmsft.dll [2010-03-11 14:35:40 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtmsft.dll [2010-03-11 14:35:40 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtrans.dll [2010-03-11 14:35:40 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtrans.dll [2010-03-11 14:35:40 | 000,133,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\extmgr.dll [2010-03-11 14:35:40 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advpack.dll [2010-03-11 14:35:40 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll [2010-03-11 14:35:40 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll [2010-03-11 14:35:40 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll [2010-03-10 15:21:37 | 000,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec [2010-03-10 15:21:22 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe [2010-03-10 15:21:22 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe [2010-03-10 15:21:22 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieudinit.exe [2010-03-10 15:21:22 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe [2010-03-08 20:45:25 | 000,063,901 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\bez tytułu.JPG [2010-03-08 20:17:24 | 000,091,142 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\IMG_0033.jpg [2010-03-08 20:06:20 | 000,084,737 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\IMG_0026.jpg [2010-03-08 17:42:06 | 000,147,315 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\IMG_0022.jpg [2010-03-08 17:27:53 | 000,125,998 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\IMG_0007.jpg [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010-04-07 11:31:13 | 000,000,714 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-04-07 11:15:30 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\NetworkService\Dane aplikacji\jasltw.dat [2010-04-06 21:49:32 | 000,000,453 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Metin2 PL.lnk [2010-04-06 20:12:05 | 000,000,440 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Metin2.us.lnk [2010-04-04 13:53:22 | 376,607,022 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 015.avi [2010-04-04 13:52:43 | 006,575,144 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 014.avi [2010-04-04 13:50:04 | 000,548,162 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 013.jpg [2010-04-04 13:49:43 | 000,385,243 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 012.jpg [2010-04-04 10:26:41 | 000,000,678 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Runes of Magic.lnk [2010-04-03 11:50:23 | 000,373,043 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\skanuj0001.jpg [2010-04-02 12:08:22 | 000,000,479 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\EVEREST Home Edition.lnk [2010-04-02 11:34:54 | 003,686,454 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\cda.bmp [2010-03-31 20:42:23 | 004,079,164 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\syf.pptx [2010-03-31 20:42:23 | 003,931,535 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\syf.rar [2010-03-26 16:46:53 | 000,151,785 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 011.jpg [2010-03-26 16:45:50 | 000,885,179 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 010.jpg [2010-03-16 16:54:34 | 000,193,664 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-03-15 17:16:58 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod [2010-03-15 17:16:57 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty [2010-03-15 17:16:54 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img [2010-03-15 16:31:23 | 000,001,771 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TuneUp Konserwacja 1 kliknięciem.lnk [2010-03-15 16:31:23 | 000,001,765 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TuneUp Utilities.lnk [2010-03-13 19:53:35 | 003,686,454 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\69 Urban Terror.bmp [2010-03-12 21:07:15 | 000,001,779 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Play The Lord of the Rings Online? - FREE for 10 Days!.lnk [2010-03-12 21:04:41 | 000,031,240 | ---- | C] () -- C:\WINDOWS\System32\atiapfxx.blb [2010-03-08 20:45:21 | 000,063,901 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\bez tytułu.JPG [2010-03-08 20:17:24 | 000,091,142 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\IMG_0033.jpg [2010-03-08 20:06:20 | 000,084,737 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\IMG_0026.jpg [2010-03-08 17:42:04 | 000,147,315 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\IMG_0022.jpg [2010-03-08 17:40:06 | 000,158,064 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 001.jpg [2010-03-08 17:27:53 | 000,125,998 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\IMG_0007.jpg [2010-01-27 19:44:49 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-01-27 19:44:49 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010-01-27 19:44:48 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-01-27 19:44:47 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-01-27 19:44:46 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2010-01-27 19:44:45 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-01-17 11:47:00 | 000,006,800 | ---- | C] () -- C:\WINDOWS\HWorks32.INI [2009-09-30 12:19:43 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2009-09-10 15:38:03 | 000,000,067 | ---- | C] () -- C:\WINDOWS\Easy Video to MP4 Converter.INI [2009-07-02 22:21:23 | 000,000,276 | ---- | C] () -- C:\WINDOWS\game.ini [2009-06-20 16:50:46 | 000,278,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2009-06-20 16:50:45 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2009-06-12 00:28:32 | 000,041,808 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll [2009-06-11 15:08:21 | 000,000,799 | ---- | C] () -- C:\WINDOWS\disney.ini [2009-06-08 12:09:59 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2009-04-22 00:19:06 | 000,172,173 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2008-12-19 14:06:38 | 000,000,071 | ---- | C] () -- C:\Documents and Settings\Właściciel\default.pls [2008-12-18 21:20:28 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2008-09-10 19:55:25 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2008-07-12 22:22:46 | 000,008,874 | ---- | C] () -- C:\Documents and Settings\Właściciel\.recently-used.xbel [2008-07-03 16:41:19 | 000,000,361 | ---- | C] () -- C:\Documents and Settings\Właściciel\bnupdate.log [2008-06-07 14:38:06 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2008-06-07 14:36:53 | 000,594,450 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll [2008-05-03 15:00:59 | 000,001,075 | ---- | C] () -- C:\WINDOWS\Historia.ini [2008-05-03 14:54:51 | 000,000,272 | ---- | C] () -- C:\WINDOWS\System32\Kolor2.ini [2008-05-03 14:54:51 | 000,000,272 | ---- | C] () -- C:\WINDOWS\System32\Kolor.ini [2008-05-03 14:54:51 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Prog2.ini [2008-05-03 14:54:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Kolor3.ini [2008-05-03 14:54:41 | 000,000,081 | ---- | C] () -- C:\WINDOWS\Ustawienia.ini [2008-05-03 14:53:16 | 000,000,013 | ---- | C] () -- C:\WINDOWS\Prog1.ini [2008-05-03 14:53:00 | 000,000,187 | ---- | C] () -- C:\WINDOWS\good.ini [2008-04-29 15:34:46 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2008-04-29 15:34:46 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Właściciel\Dane aplikacji\PnkBstrK.sys [2008-04-05 13:06:26 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2008-02-22 16:40:46 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\WLANUTL.dll [2008-02-19 00:07:11 | 000,018,506 | ---- | C] () -- C:\Documents and Settings\Właściciel\Dane aplikacji\Hewlett-PackardHP Officejet 5600 series1195571926_PROTOCOL.log [2008-02-19 00:07:11 | 000,003,861 | ---- | C] () -- C:\Documents and Settings\Właściciel\Dane aplikacji\Hewlett-PackardHP Officejet 5600 series1195571926_UI.log [2008-02-19 00:07:11 | 000,000,888 | ---- | C] () -- C:\Documents and Settings\Właściciel\Dane aplikacji\Hewlett-PackardHP Officejet 5600 series1195571926_API.log [2008-02-19 00:07:11 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini [2008-01-28 16:44:29 | 000,000,356 | ---- | C] () -- C:\WINDOWS\antexp.ini [2007-12-15 19:04:14 | 000,159,744 | ---- | C] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007-11-23 18:21:03 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2007-11-20 17:01:18 | 000,001,344 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2007-10-28 17:36:38 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys [2007-10-28 17:05:38 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Właściciel\ntuser.dat.LOG [2007-10-28 17:05:38 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\Właściciel\ntuser.ini [2007-10-28 17:05:36 | 012,582,912 | -H-- | C] () -- C:\Documents and Settings\Właściciel\NTUSER.DAT [2006-03-02 14:00:00 | 000,095,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys [2001-07-06 16:30:02 | 000,003,234 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI [1997-04-01 00:00:00 | 001,664,272 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL [1997-04-01 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL [1997-04-01 00:00:00 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\MSORFS.DLL [1997-04-01 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL ========== Alternate Data Streams ========== @Alternate Data Stream - 489 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF @Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:9E00596C < End of report > Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Kwiecień 6, 2010 Zgłoś Share Napisano Kwiecień 6, 2010 Zasilacz do odstrzału. Daj screena z zakłdaką Health z programu HD Tune. Uruchom OTL i w pole Custom scans/fixes wklej :Files C:\Documents and Settings\NetworkService\Dane aplikacji\jasltw.dat :Commands [emptytemp] i kliknij RunFix, wklej na forum powstały log. Wygeneruj też nowy log z OTL, tym razem pozaznaczaj opcje: Scan All Users, LOP Check, Purity Check. Zaznacz też opcję Use Safelist w Extra registry. Wklej oba wygenerowane logi. Daj też log z GMERa, tylko najpierw usuń wszystkie programy emulujące napędy oraz usuń sterownik SPTD za pomocą tego programu. Link do komentarza Udostępnij na innych stronach More sharing options...
Baroso Napisano Kwiecień 7, 2010 Autor Zgłoś Share Napisano Kwiecień 7, 2010 Ok mam wszystko. Czy to coś groźnego, dlaczego komputer strasznie zwolnił przy starcie i dlaczego się resetuje,(być może to przez avasta), dalej nie wiem jak pozbyć się tych niby niewidocznych plików. Pomocy. Dobrze by było gdybyś podał link do jakiegoś pewnego antywirusa. LOG-i: -GMER GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2010-04-08 15:38:23 Windows 5.1.2600 Dodatek Service Pack 3 Running: mgusmu46.exe; Driver: C:\DOCUME~1\WACICI~1\USTAWI~1\Temp\fxxdqpow.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xAC3BB6B8] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xAC3BB574] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xAC3BBA52] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xAC3BB14C] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xAC3BB64E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xAC3BB08C] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xAC3BB0F0] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xAC3BB76E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xAC3BB72E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xAC3BB8AE] ---- Kernel code sections - GMER 1.0.15 ---- .text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xF6E5F000, 0x22F0B7, 0xE8000020] .text C:\WINDOWS\system32\DRIVERS\atksgt.sys section is writeable [0xA93A4300, 0x3ACC8, 0xE8000020] .text C:\WINDOWS\system32\DRIVERS\lirsgt.sys section is writeable [0xF797A300, 0x1B7E, 0xE8000020] ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\WINDOWS\system32\services.exe[1144] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003D0002 IAT C:\WINDOWS\system32\services.exe[1144] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003D0000 ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x25 0x13 0x7B 0x80 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 D:\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xDB 0x44 0x61 0x34 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x02 0x16 0x81 0xFA ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x25 0x13 0x7B 0x80 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 D:\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xDB 0x44 0x61 0x34 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x02 0x16 0x81 0xFA ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x25 0x13 0x7B 0x80 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 D:\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xDB 0x44 0x61 0x34 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x02 0x16 0x81 0xFA ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9A7E1ACE-B59A-EB34-CD5B-C14166FF6BA4} ---- EOF - GMER 1.0.15 ---- OTL: OTL logfile created on: 2010-04-08 15:45:45 - Run 2 OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\Właściciel\Moje dokumenty\Downloads Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 021,00 Mb Total Physical Memory | 423,00 Mb Available Physical Memory | 41,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 76,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 19,53 Gb Total Space | 3,15 Gb Free Space | 16,15% Space Free | Partition Type: NTFS Drive D: | 106,45 Gb Total Space | 19,77 Gb Free Space | 18,57% Space Free | Partition Type: NTFS Drive E: | 106,89 Gb Total Space | 20,31 Gb Free Space | 19,00% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: Y-3D3EB80801794 Current User Name: Właściciel Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010-04-07 13:51:45 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Właściciel\Moje dokumenty\Downloads\OTL.exe PRC - [2010-02-26 15:49:40 | 000,716,616 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe PRC - [2010-02-26 15:47:32 | 001,047,880 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe PRC - [2010-02-05 20:36:00 | 000,527,344 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe PRC - [2009-11-25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2009-11-25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2009-11-25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2009-11-25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2009-11-25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2009-03-05 16:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- D:\Spybot - Search & Destroy\TeaTimer.exe PRC - [2008-04-14 23:51:40 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\savedump.exe PRC - [2008-04-14 23:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-02-10 15:29:54 | 029,178,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe PRC - [2007-02-10 06:29:56 | 000,089,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe PRC - [2006-05-26 16:58:00 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\sttray.exe PRC - [2004-09-29 13:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe ========== Modules (SafeList) ========== MOD - [2010-04-07 13:51:45 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Właściciel\Moje dokumenty\Downloads\OTL.exe ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (NMIndexingService) SRV - File not found [On_Demand | Stopped] -- -- (gusvc) SRV - [2010-03-15 16:31:24 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2010-02-26 15:47:32 | 001,047,880 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2010-02-26 15:43:48 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp) SRV - [2009-11-25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2009-11-25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2009-11-25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2009-11-25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2007-02-10 15:29:54 | 029,178,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS) SRV - [2007-02-10 15:29:47 | 000,242,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser) SRV - [2007-02-10 06:29:56 | 000,089,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter) SRV - [2006-05-26 16:58:54 | 000,086,016 | ---- | M] (SigmaTel, Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\stacsv.exe -- (STacSV) SRV - [2005-10-14 12:50:19 | 000,045,272 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper) SRV - [2004-09-29 13:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) ========== Driver Services (SafeList) ========== DRV - [2010-02-24 14:41:50 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2010-02-03 06:52:08 | 004,605,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009-11-25 01:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2) DRV - [2009-11-25 01:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP) DRV - [2009-11-25 01:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009-11-25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi) DRV - [2009-11-25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr) DRV - [2009-11-25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2009-06-20 16:50:46 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2009-06-20 16:50:45 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009-06-02 15:26:28 | 000,099,856 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2009-03-15 12:25:46 | 000,056,268 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu) DRV - [2008-04-13 23:06:06 | 000,144,384 | ---- | M] (Windows ? Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2006-06-14 07:56:00 | 000,012,288 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO) DRV - [2006-05-26 16:59:12 | 001,177,032 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-220523388-606747145-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-220523388-606747145-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKU\S-1-5-21-220523388-606747145-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8 IE - HKU\S-1-5-21-220523388-606747145-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ IE - HKU\S-1-5-21-220523388-606747145-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-220523388-606747145-725345543-1003\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-220523388-606747145-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [2010-03-23 19:46:07 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009-09-15 16:27:12 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll [2007-03-10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll O1 HOSTS File: ([2008-08-12 18:20:54 | 000,258,364 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.1001-search.info O1 - Hosts: 127.0.0.1 1001-search.info O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.123topsearch.com O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.132.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 127.0.0.1 www.136136.net O1 - Hosts: 127.0.0.1 136136.net O1 - Hosts: 8977 more lines... O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (UrlHelper Class) - {6D023EBF-70B8-45A6-9ED5-556515FA0FE4} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll () O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll () O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BSMediaBar.dll (BearShare) O3 - HKU\S-1-5-21-220523388-606747145-725345543-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-220523388-606747145-725345543-1003\..\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BSMediaBar.dll (BearShare) O4 - HKLM..\Run: [avast!] D:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [sigmatelSysTrayApp] C:\WINDOWS\sttray.exe (SigmaTel, Inc.) O4 - HKU\S-1-5-21-220523388-606747145-725345543-1003..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) O4 - HKU\S-1-5-21-220523388-606747145-725345543-1003..\Run: [spybotSD TeaTimer] D:\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-220523388-606747145-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data] O7 - HKU\S-1-5-21-220523388-606747145-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKU\S-1-5-21-220523388-606747145-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0 O7 - HKU\S-1-5-21-220523388-606747145-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0 O7 - HKU\S-1-5-21-220523388-606747145-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1 O7 - HKU\S-1-5-21-220523388-606747145-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogOff = 1 O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2...78f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/static/up...er_4.0.17.0.cab (Battlefield Heroes Updater) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 () - http://www.wyszkowiak.eu/images/stories/im...20/igrzyska.JPG O24 - Desktop Components:1 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{ae07955c-e184-11dc-ae7f-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{ae07955c-e184-11dc-ae7f-806d6172696f}\Shell\Auto\command - "" = C:\WINDOWS\System32\wupdmgr.exe -- [2006-03-02 14:00:00 | 000,032,256 | ---- | M] (Microsoft Corporation) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-04-08 14:13:35 | 000,000,000 | ---D | C] -- C:\_OTL [2010-04-08 14:09:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Dane aplikacji\HD Tune Pro [2010-04-07 11:31:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Malwarebytes [2010-04-07 11:31:10 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-04-07 11:31:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2010-04-07 11:31:07 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-04-07 11:31:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010-04-07 11:17:37 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\drivers\lbrtfdc.sys [2010-04-07 11:17:37 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys [2010-04-07 11:17:18 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys [2010-04-07 11:16:59 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\changer.sys [2010-04-07 11:16:59 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys [2010-04-06 10:41:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe [2010-04-04 10:27:34 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Właściciel\Moje dokumenty\Runes of Magic [2010-04-02 16:13:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Dane aplikacji\FOG Downloader [2010-04-01 12:39:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-04-01 12:39:37 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10 [2010-03-21 22:17:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Moje dokumenty\Nowy folder [2010-03-15 18:40:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2010-03-15 17:21:51 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll [2010-03-15 17:21:51 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll [2010-03-15 17:21:48 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll [2010-03-15 17:21:48 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll [2010-03-15 17:21:48 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll [2010-03-15 17:21:48 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll [2010-03-15 17:21:48 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll [2010-03-15 17:21:48 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax [2010-03-15 17:21:48 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax [2010-03-15 17:21:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll [2010-03-15 17:21:47 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll [2010-03-15 17:21:47 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll [2010-03-15 17:21:47 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll [2010-03-15 17:21:47 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll [2010-03-15 17:21:47 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll [2010-03-15 17:21:47 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll [2010-03-15 17:21:47 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll [2010-03-15 17:21:47 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll [2010-03-15 17:21:47 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll [2010-03-15 17:21:47 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll [2010-03-15 17:21:47 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll [2010-03-15 17:21:47 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll [2010-03-15 17:21:47 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll [2010-03-15 17:21:47 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll [2010-03-15 17:21:47 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll [2010-03-15 17:21:46 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll [2010-03-15 17:21:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll [2010-03-15 17:21:45 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll [2010-03-15 17:21:45 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll [2010-03-15 17:21:45 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll [2010-03-15 17:21:45 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll [2010-03-15 17:21:45 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll [2010-03-15 17:21:45 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe [2010-03-15 17:21:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll [2010-03-15 17:21:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll [2010-03-15 17:21:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll [2010-03-15 17:21:44 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll [2010-03-15 17:21:44 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll [2010-03-15 17:21:44 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe [2010-03-15 17:21:44 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll [2010-03-15 17:21:44 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll [2010-03-15 17:21:44 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll [2010-03-15 17:21:44 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll [2010-03-15 17:21:43 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll [2010-03-15 17:21:43 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll [2010-03-15 17:21:43 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll [2010-03-15 17:21:43 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll [2010-03-15 17:21:43 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll [2010-03-15 17:21:43 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll [2010-03-15 17:21:43 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll [2010-03-15 17:21:43 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe [2010-03-15 17:21:43 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll [2010-03-15 17:21:43 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll [2010-03-15 17:21:43 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe [2010-03-15 17:21:43 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe [2010-03-15 17:21:42 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll [2010-03-15 17:21:42 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax [2010-03-15 17:21:41 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll [2010-03-15 17:21:40 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe [2010-03-15 17:21:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl [2010-03-15 17:21:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas [2010-03-15 17:21:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits [2010-03-15 17:17:01 | 000,004,255 | ---- | C] (Intel? Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll [2010-03-15 17:17:01 | 000,003,967 | ---- | C] (Intel? Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll [2010-03-15 17:17:01 | 000,003,647 | ---- | C] (Intel? Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll [2010-03-15 17:17:01 | 000,003,615 | ---- | C] (Intel? Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll [2010-03-15 17:17:00 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys [2010-03-15 17:17:00 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys [2010-03-15 17:17:00 | 000,043,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\drivers\amdagp.sys [2010-03-15 17:17:00 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys [2010-03-15 17:17:00 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys [2010-03-15 17:17:00 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys [2010-03-15 17:17:00 | 000,003,775 | ---- | C] (Intel? Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll [2010-03-15 17:17:00 | 000,003,711 | ---- | C] (Intel? Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll [2010-03-15 17:17:00 | 000,003,135 | ---- | C] (Intel? Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll [2010-03-15 17:16:59 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys [2010-03-15 17:16:59 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys [2010-03-15 17:16:59 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys [2010-03-15 17:16:59 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys [2010-03-15 17:16:59 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys [2010-03-15 17:16:59 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys [2010-03-15 17:16:59 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys [2010-03-15 17:16:59 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys [2010-03-15 17:16:59 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys [2010-03-15 17:16:59 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys [2010-03-15 17:16:59 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys [2010-03-15 17:16:59 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys [2010-03-15 17:16:59 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys [2010-03-15 17:16:58 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys [2010-03-15 17:16:58 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys [2010-03-15 17:16:58 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys [2010-03-15 17:16:58 | 000,025,471 | ---- | C] (Intel? Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll [2010-03-15 17:16:58 | 000,021,183 | ---- | C] (Intel? Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll [2010-03-15 17:16:58 | 000,017,279 | ---- | C] (Intel? Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll [2010-03-15 17:16:58 | 000,014,143 | ---- | C] (Intel? Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll [2010-03-15 17:16:58 | 000,011,359 | ---- | C] (Intel? Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll [2010-03-15 17:16:57 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys [2010-03-15 17:16:57 | 000,015,423 | ---- | C] (Intel? Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll [2010-03-15 17:16:54 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys [2010-03-15 17:16:54 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys [2010-03-15 17:16:54 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys [2010-03-15 17:16:54 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys [2010-03-15 17:16:54 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys [2010-03-15 17:16:53 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys [2010-03-15 17:16:53 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys [2010-03-15 17:16:53 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys [2010-03-15 17:16:53 | 000,003,901 | ---- | C] (Intel? Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll [2010-03-15 17:16:52 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys [2010-03-15 17:16:52 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys [2010-03-15 17:16:52 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys [2010-03-15 17:16:52 | 000,040,960 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\sisagp.sys [2010-03-15 17:16:52 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys [2010-03-15 17:16:52 | 000,011,325 | ---- | C] (Intel? Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll [2010-03-15 17:16:52 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys [2010-03-15 17:16:51 | 000,025,471 | ---- | C] (Intel? Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys [2010-03-15 17:16:51 | 000,022,271 | ---- | C] (Intel? Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys [2010-03-15 17:16:51 | 000,011,935 | ---- | C] (Intel? Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys [2010-03-15 17:16:51 | 000,011,871 | ---- | C] (Intel? Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys [2010-03-15 17:16:51 | 000,011,807 | ---- | C] (Intel? Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys [2010-03-15 17:16:51 | 000,011,295 | ---- | C] (Intel? Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys [2010-03-15 17:08:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$ [2010-03-15 17:08:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome [2010-03-15 16:31:26 | 000,030,536 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe [2010-03-15 16:31:00 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2010 [2010-03-15 16:30:45 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} [2010-03-12 21:04:40 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiapfxx.exe [2010-03-12 21:04:02 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2010-03-12 21:02:53 | 000,000,000 | ---D | C] -- C:\ATI [2010-03-12 20:43:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\Rockstar Games [2010-03-12 18:42:02 | 000,019,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2009-07-04 22:53:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Xfire [2009-03-13 14:34:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Apple [2008-01-25 19:12:24 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2007-12-06 12:36:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2007-10-28 16:59:44 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft ========== Files - Modified Within 30 Days ========== [2010-04-08 15:40:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-04-08 14:31:25 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-04-08 14:30:35 | 012,582,912 | -H-- | M] () -- C:\Documents and Settings\Właściciel\NTUSER.DAT [2010-04-08 14:30:35 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Właściciel\ntuser.ini [2010-04-08 14:13:37 | 001,254,880 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-04-08 14:13:37 | 000,549,910 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-04-08 14:13:37 | 000,490,432 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-04-08 14:13:37 | 000,107,934 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-04-08 14:13:37 | 000,089,624 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-04-08 14:10:51 | 000,178,740 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\scr hd tune health.JPG [2010-04-07 22:16:50 | 002,111,096 | -H-- | M] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-04-07 14:57:09 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-04-07 11:31:13 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-04-06 21:49:36 | 000,000,453 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Metin2 PL.lnk [2010-04-06 20:12:05 | 000,000,440 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Metin2.us.lnk [2010-04-05 14:17:16 | 000,159,744 | ---- | M] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-04-05 14:16:05 | 376,607,022 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 015.avi [2010-04-05 14:15:11 | 006,575,144 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 014.avi [2010-04-05 14:15:10 | 000,548,162 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 013.jpg [2010-04-05 14:15:10 | 000,385,243 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 012.jpg [2010-04-04 10:26:41 | 000,000,678 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\Runes of Magic.lnk [2010-04-03 11:50:18 | 000,373,043 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\skanuj0001.jpg [2010-04-02 12:08:22 | 000,000,479 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\EVEREST Home Edition.lnk [2010-04-02 11:34:54 | 003,686,454 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\cda.bmp [2010-03-29 15:24:58 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-03-29 15:24:46 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-03-27 15:32:48 | 000,885,179 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 010.jpg [2010-03-27 15:32:48 | 000,151,785 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 011.jpg [2010-03-22 18:26:26 | 000,012,433 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\jj.docx [2010-03-17 22:11:24 | 000,000,034 | ---- | M] () -- C:\WINDOWS\System32\oeminfo.ini [2010-03-15 18:42:40 | 000,074,544 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT [2010-03-15 18:41:26 | 002,161,568 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-03-15 17:16:27 | 000,251,152 | RHS- | M] () -- C:\ntldr [2010-03-15 16:33:23 | 000,000,225 | RHS- | M] () -- C:\boot.ini [2010-03-15 16:31:23 | 000,001,771 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TuneUp Konserwacja 1 kliknięciem.lnk [2010-03-15 16:31:23 | 000,001,765 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TuneUp Utilities.lnk [2010-03-14 17:09:34 | 000,158,064 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 001.jpg [2010-03-13 19:53:35 | 003,686,454 | ---- | M] () -- C:\Documents and Settings\Właściciel\Pulpit\69 Urban Terror.bmp [2010-03-12 21:07:15 | 000,001,779 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Play The Lord of the Rings Online? - FREE for 10 Days!.lnk [2010-03-11 14:35:47 | 001,168,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll [2010-03-11 14:35:47 | 000,832,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll [2010-03-11 14:35:47 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webcheck.dll [2010-03-11 14:35:46 | 000,671,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll [2010-03-11 14:35:46 | 000,671,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll [2010-03-11 14:35:46 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll [2010-03-11 14:35:46 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrating.dll [2010-03-11 14:35:46 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll [2010-03-11 14:35:46 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll [2010-03-11 14:35:46 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll [2010-03-11 14:35:46 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pngfilt.dll [2010-03-11 14:35:46 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pngfilt.dll [2010-03-11 14:35:45 | 003,599,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll [2010-03-11 14:35:45 | 000,477,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll [2010-03-11 14:35:44 | 000,459,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll [2010-03-11 14:35:44 | 000,459,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2010-03-11 14:35:44 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll [2010-03-11 14:35:44 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2010-03-11 14:35:44 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll [2010-03-11 14:35:44 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll [2010-03-11 14:35:43 | 006,067,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2010-03-11 14:35:43 | 001,830,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl [2010-03-11 14:35:43 | 001,830,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl [2010-03-11 14:35:43 | 000,268,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2010-03-11 14:35:43 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll [2010-03-11 14:35:43 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll [2010-03-11 14:35:43 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iernonce.dll [2010-03-11 14:35:43 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iernonce.dll [2010-03-11 14:35:41 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll [2010-03-11 14:35:41 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll [2010-03-11 14:35:41 | 000,380,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieapfltr.dll [2010-03-11 14:35:41 | 000,380,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll [2010-03-11 14:35:41 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieaksie.dll [2010-03-11 14:35:41 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieaksie.dll [2010-03-11 14:35:41 | 000,153,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieakeng.dll [2010-03-11 14:35:41 | 000,153,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakeng.dll [2010-03-11 14:35:41 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll [2010-03-11 14:35:41 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll [2010-03-11 14:35:40 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtmsft.dll [2010-03-11 14:35:40 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtmsft.dll [2010-03-11 14:35:40 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtrans.dll [2010-03-11 14:35:40 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtrans.dll [2010-03-11 14:35:40 | 000,133,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\extmgr.dll [2010-03-11 14:35:40 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advpack.dll [2010-03-11 14:35:40 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll [2010-03-11 14:35:40 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll [2010-03-11 14:35:40 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll [2010-03-10 15:21:37 | 000,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec [2010-03-10 15:21:22 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe [2010-03-10 15:21:22 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe [2010-03-10 15:21:22 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieudinit.exe [2010-03-10 15:21:22 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe ========== Files Created - No Company Name ========== [2010-04-08 14:10:51 | 000,178,740 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\scr hd tune health.JPG [2010-04-07 11:31:13 | 000,000,714 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-04-06 21:49:32 | 000,000,453 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Metin2 PL.lnk [2010-04-06 20:12:05 | 000,000,440 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Metin2.us.lnk [2010-04-04 13:53:22 | 376,607,022 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 015.avi [2010-04-04 13:52:43 | 006,575,144 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 014.avi [2010-04-04 13:50:04 | 000,548,162 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 013.jpg [2010-04-04 13:49:43 | 000,385,243 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 012.jpg [2010-04-04 10:26:41 | 000,000,678 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\Runes of Magic.lnk [2010-04-03 11:50:23 | 000,373,043 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\skanuj0001.jpg [2010-04-02 12:08:22 | 000,000,479 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\EVEREST Home Edition.lnk [2010-04-02 11:34:54 | 003,686,454 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\cda.bmp [2010-03-31 20:42:23 | 004,079,164 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\syf.pptx [2010-03-31 20:42:23 | 003,931,535 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\syf.rar [2010-03-26 16:46:53 | 000,151,785 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 011.jpg [2010-03-26 16:45:50 | 000,885,179 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\ddddd 010.jpg [2010-03-16 16:54:34 | 000,193,664 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-03-15 17:16:58 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod [2010-03-15 17:16:57 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty [2010-03-15 17:16:54 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img [2010-03-15 16:31:23 | 000,001,771 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TuneUp Konserwacja 1 kliknięciem.lnk [2010-03-15 16:31:23 | 000,001,765 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TuneUp Utilities.lnk [2010-03-13 19:53:35 | 003,686,454 | ---- | C] () -- C:\Documents and Settings\Właściciel\Pulpit\69 Urban Terror.bmp [2010-03-12 21:07:15 | 000,001,779 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Play The Lord of the Rings Online? - FREE for 10 Days!.lnk [2010-03-12 21:04:41 | 000,031,240 | ---- | C] () -- C:\WINDOWS\System32\atiapfxx.blb [2010-01-27 19:44:49 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-01-27 19:44:49 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010-01-27 19:44:48 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-01-27 19:44:47 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-01-27 19:44:46 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2010-01-27 19:44:45 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-01-17 11:47:00 | 000,006,800 | ---- | C] () -- C:\WINDOWS\HWorks32.INI [2009-09-30 12:19:43 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2009-09-10 15:38:03 | 000,000,067 | ---- | C] () -- C:\WINDOWS\Easy Video to MP4 Converter.INI [2009-07-02 22:21:23 | 000,000,276 | ---- | C] () -- C:\WINDOWS\game.ini [2009-06-20 16:50:46 | 000,278,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2009-06-20 16:50:45 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2009-06-12 00:28:32 | 000,041,808 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll [2009-06-11 15:08:21 | 000,000,799 | ---- | C] () -- C:\WINDOWS\disney.ini [2009-06-08 12:09:59 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2009-04-22 00:19:06 | 000,172,173 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2008-12-19 14:06:38 | 000,000,071 | ---- | C] () -- C:\Documents and Settings\Właściciel\default.pls [2008-12-18 21:20:28 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2008-09-10 19:55:25 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2008-07-12 22:22:46 | 000,008,874 | ---- | C] () -- C:\Documents and Settings\Właściciel\.recently-used.xbel [2008-07-03 16:41:19 | 000,000,361 | ---- | C] () -- C:\Documents and Settings\Właściciel\bnupdate.log [2008-06-07 14:38:06 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2008-06-07 14:36:53 | 000,594,450 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll [2008-05-03 15:00:59 | 000,001,075 | ---- | C] () -- C:\WINDOWS\Historia.ini [2008-05-03 14:54:51 | 000,000,272 | ---- | C] () -- C:\WINDOWS\System32\Kolor2.ini [2008-05-03 14:54:51 | 000,000,272 | ---- | C] () -- C:\WINDOWS\System32\Kolor.ini [2008-05-03 14:54:51 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Prog2.ini [2008-05-03 14:54:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Kolor3.ini [2008-05-03 14:54:41 | 000,000,081 | ---- | C] () -- C:\WINDOWS\Ustawienia.ini [2008-05-03 14:53:16 | 000,000,013 | ---- | C] () -- C:\WINDOWS\Prog1.ini [2008-05-03 14:53:00 | 000,000,187 | ---- | C] () -- C:\WINDOWS\good.ini [2008-04-29 15:34:46 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2008-04-29 15:34:46 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Właściciel\Dane aplikacji\PnkBstrK.sys [2008-02-22 16:40:46 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\WLANUTL.dll [2008-02-19 00:07:11 | 000,018,506 | ---- | C] () -- C:\Documents and Settings\Właściciel\Dane aplikacji\Hewlett-PackardHP Officejet 5600 series1195571926_PROTOCOL.log [2008-02-19 00:07:11 | 000,003,861 | ---- | C] () -- C:\Documents and Settings\Właściciel\Dane aplikacji\Hewlett-PackardHP Officejet 5600 series1195571926_UI.log [2008-02-19 00:07:11 | 000,000,888 | ---- | C] () -- C:\Documents and Settings\Właściciel\Dane aplikacji\Hewlett-PackardHP Officejet 5600 series1195571926_API.log [2008-02-19 00:07:11 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini [2008-01-28 16:44:29 | 000,000,356 | ---- | C] () -- C:\WINDOWS\antexp.ini [2007-12-15 19:04:14 | 000,159,744 | ---- | C] () -- C:\Documents and Settings\Właściciel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007-11-23 18:21:03 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2007-11-20 17:01:18 | 000,001,344 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2007-10-28 17:36:38 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys [2007-10-28 17:05:38 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Właściciel\ntuser.dat.LOG [2007-10-28 17:05:38 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\Właściciel\ntuser.ini [2007-10-28 17:05:36 | 012,582,912 | -H-- | C] () -- C:\Documents and Settings\Właściciel\NTUSER.DAT [2001-07-06 16:30:02 | 000,003,234 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI [1997-04-01 00:00:00 | 001,664,272 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL [1997-04-01 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL [1997-04-01 00:00:00 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\MSORFS.DLL [1997-04-01 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL ========== LOP Check ========== [2008-12-05 16:42:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2DBoy [2008-07-15 16:57:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Azureus [2010-04-01 12:39:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2009-12-19 13:50:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2009-11-14 19:05:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\KONAMI [2009-12-29 16:24:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2009-09-15 16:28:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files [2009-06-10 21:11:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PopCap Games [2009-03-09 23:38:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony [2010-02-27 18:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2009-09-03 19:43:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited [2010-03-15 16:30:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software [2010-03-15 16:30:45 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} [2010-04-04 10:37:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Azureus [2010-03-29 00:17:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\BearShare [2008-05-03 15:06:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\BESTplayer [2009-06-12 19:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\BlackBean [2008-07-11 12:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Blender Foundation [2009-08-04 20:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\com.adobe.ExMan [2008-04-05 13:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\DAEMON Tools [2009-06-12 17:50:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Disney Interactive Studios [2008-01-28 13:21:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\EbkReader [2010-04-03 13:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\FOG Downloader [2007-11-23 17:23:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Gadu-Gadu [2009-12-29 14:11:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Gadu-Gadu 10 [2008-07-12 22:22:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\gtk-2.0 [2010-04-08 14:09:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\HD Tune Pro [2009-09-28 13:57:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Image Zone Express [2009-12-23 21:15:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\ipla [2009-01-01 15:49:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Leadertech [2009-07-24 20:32:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\LucasArts [2010-02-05 19:50:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\mojosoft [2009-12-29 16:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\OpenFM [2009-11-29 12:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\runic games [2009-03-09 23:38:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Sony [2009-03-09 23:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Sony Setup [2010-01-02 17:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\Teleca [2008-05-02 23:01:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Właściciel\Dane aplikacji\TuneUp Software [2009-06-01 14:00:00 | 000,000,452 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 489 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF @Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:9E00596C < End of report > DRUGI OTL - tego robilem 2x bo sie komp zresetował. Być może poprzedni był inny. All processes killed Error: Unable to interpret <Files> in the current context! Error: Unable to interpret <C:\Documents and Settings\NetworkService\Dane aplikacji\jasltw.dat> in the current context! ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 81920 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Nowy folder User: Właściciel ->Temp folder emptied: 20123 bytes ->Temporary Internet Files folder emptied: 50138 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 6858103 bytes ->Flash cache emptied: 405 bytes User: W?aťciciel %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 163840 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 7,00 mb OTL by OldTimer - Version 3.2.1.0 log created on 04082010_155325 Files\Folders moved on Reboot... C:\Documents and Settings\NetworkService\Ustawienia lokalne\Temp\Perflib_Perfdata_364.dat moved successfully. File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot. C:\WINDOWS\temp\Perflib_Perfdata_154.dat moved successfully. Registry entries deleted on Reboot... Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Kwiecień 7, 2010 Zgłoś Share Napisano Kwiecień 7, 2010 Log z OTL wygląda czysto, skoro GMER nie działa (najprawdopodobniej dlatego, że nie zastosowałeś się do tego, co podkreśliłem w ostatnim poście, czyli nie usunąłeś programów emulujących napędy no ale cóż), to spróbujmy użyć bardziej brutalnych narzędzi. W pierwszej kolejności ściągnij i nagraj na płytę Dr.Web LiveCD, zbootuj ją i przeskanuj za pomocą tej płyty komputer. Płyta nie odczytuje ustawień Windowsa, więc wirus nie jest w stanie jej zablokować, czy się ukryć. Zaktualizuj IE do wersji 8, nawet jeśli tego nie używasz. Link do komentarza Udostępnij na innych stronach More sharing options...
Baroso Napisano Kwiecień 8, 2010 Autor Zgłoś Share Napisano Kwiecień 8, 2010 Tak się złożyło, że zapomniałem wyjąć płyty z napędu (miałem nagrany tam już folder z tym doktorem), włączyłem komputer i automatycznie ten program odpalił z płyty. Kiedy skończyły się jakieś procesy, włączyłem skanowanie wszystkich dysków z tego programu. O dziwo, wykrył mi trojana w spajbocie!(spy bot, search and destroy). Usunąłem go, za pomocą tego programu - nie wiem czy zrobiłem to prawidłowo dlatego skanuję teraz jeszcze raz. Trojan był na "C". GMER nie działa? Chyba działa - coś ze skanu przesłałem w poprzednim poście. Jak bym mógł jeszcze prosić o jakiegoś antywirka(link). Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Kwiecień 8, 2010 Zgłoś Share Napisano Kwiecień 8, 2010 Inaczej, GMER działa, ale nie tak jak należy. Jest dużo wpisów sptd, co świadczy o tym, że te sterowniki nie zostały usunięte, a potrafią one mocno zaciemnić obraz. Napisz, czy po tym skanowaniu wszystko działa jak należy. Jeśli chodzi o antywirusa, to polecam pakiet Comodo Internet Security, lub Avirę + jakiś firewall (np. Comodo). Link do komentarza Udostępnij na innych stronach More sharing options...
Baroso Napisano Kwiecień 8, 2010 Autor Zgłoś Share Napisano Kwiecień 8, 2010 Wszystko działa jak należy, prócz tego, że system się jak by wiesza przy starcie na ok 3 min. Myślę, że jest to spowodowane Avastem, więc jeśli przy innym anty ten problem też wystąpi, dam znać. Zaciemniony obraz przez nieusunięte sterowniki? Być może - jak je usunąć? Link do komentarza Udostępnij na innych stronach More sharing options...
Gość luq92 Napisano Kwiecień 8, 2010 Zgłoś Share Napisano Kwiecień 8, 2010 Wejdź w tryb awaryjny i odpal Driver Cleaner. Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Kwiecień 8, 2010 Zgłoś Share Napisano Kwiecień 8, 2010 To nie te sterowniki. Zacytuję siebie usuń sterownik SPTD za pomocą tego programu. Avasta wymieniłbym na coś innego. Poszukaj w tym dziale było kilka dyskusji o antywirusach. Link do komentarza Udostępnij na innych stronach More sharing options...
Baroso Napisano Kwiecień 8, 2010 Autor Zgłoś Share Napisano Kwiecień 8, 2010 Ten SPTD już wcześniej usunąłem, myślałem, że chodzi o coś jeszcze. Wiec z ekranem wszystko powinno być ok. Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Kwiecień 8, 2010 Zgłoś Share Napisano Kwiecień 8, 2010 A jest z nim coś nie tak, bo się zgubiłem? Jeśli tak, to spróbuj przeinstalować sterowniki od karty graficznej. Link do komentarza Udostępnij na innych stronach More sharing options...
Baroso Napisano Kwiecień 9, 2010 Autor Zgłoś Share Napisano Kwiecień 9, 2010 Po zainstalowaniu nowego antywirusa, problem z wieszaniem się paska menu start pozostał. Pulpit działa z lekkim opóźnieniem, przez około 3 minuty. Znalazłem ten problem na innym forum, jednak bez odpowiedzi. Mam to samo co obcy forumowicz: "Nie wiem co się dzieje ale od wczoraj zaczął mi się zacinać pasek menu start, tzn. włączam komputer pojawia się pulpit z ikonkami i paskiem ale nie pojawiają mi się wszystkie ikonki w trayu (raz mi się zdarzyło że w trayu nawet był tylko sam zegarek). W każdym bądź razie jak najeżdżam na pasek kursor zmienia się w klepsydrę i nic nie mogę z paska otworzyć. Pulpit pozostaje aktywny. " - pulpit aktywny ale z opóźnioną reakcją. Jest to bardzo uciążliwe. Czy jedyna skuteczna metoda to formatowanie? Może to wina zasilacza. Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Kwiecień 9, 2010 Zgłoś Share Napisano Kwiecień 9, 2010 Nie sądzę. Trzeba by przeanalizować w takim razie start systemu. Na początek spróbuj użyć programu BootVis, żeby zoptymalizował start systemu i napisz, czy pomogło. Link do komentarza Udostępnij na innych stronach More sharing options...
Baroso Napisano Kwiecień 9, 2010 Autor Zgłoś Share Napisano Kwiecień 9, 2010 Co mam klikać krok po kroku, aby zoptymalizować? File/New/Next Boot Trace ??? Tak zrobiłem, zaznaczyłem też restart. Po restarcie Zrobiłem coś nie tak? Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Kwiecień 9, 2010 Zgłoś Share Napisano Kwiecień 9, 2010 Przeczytaj np. to. Ale takie rzeczy nie powinny się pojawić. Spróbuj jeszcze raz, jeśli to się powtórzy. Nie wyłączałeś może Harmonogramu zadań? Link do komentarza Udostępnij na innych stronach More sharing options...
Baroso Napisano Kwiecień 10, 2010 Autor Zgłoś Share Napisano Kwiecień 10, 2010 Włączyłem harmonogram i jest to samo... Do tego Tune Up wykrywa jakieś błędy. Dodam też że głos przy starcie też mam opóźniony. Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Kwiecień 15, 2010 Zgłoś Share Napisano Kwiecień 15, 2010 Ok, czyli chyba wiem o co chodzi. Wygląda na to, że coś uszkodziło sterowniki systemowe, które odpowiadają za generowanie dźwięku. Spróbuj użyć komendy sfc /scannow w wierszu poleceń uruchomionego z uprawnieniami administratora. Tu masz opis tego narzędzia. Link do komentarza Udostępnij na innych stronach More sharing options...
Baroso Napisano Kwiecień 17, 2010 Autor Zgłoś Share Napisano Kwiecień 17, 2010 Wpisałem komendę, windows sprawdzał chronione pliki sys. i w pewnym momencie poprosił o płytkę win pro., a ja mam home edition.. anulowałem. Teraz sprawdza od początku. Moze to wina tego, że zainstalowałem SP3? Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Kwiecień 17, 2010 Zgłoś Share Napisano Kwiecień 17, 2010 Nie, to nie jest wina SP3. Wrzuć do napędu tą płytę, z której instalowałeś Windowsa i musi działać. Link do komentarza Udostępnij na innych stronach More sharing options...
Baroso Napisano Kwiecień 17, 2010 Autor Zgłoś Share Napisano Kwiecień 17, 2010 Było napisane, że włożyłem do napędu niewłaściwą CD. Mam oryginalnego... Po kolejnym wpisaniu komendy, pasek doszedł do końca i nic się nie wydarzyło. Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Kwiecień 17, 2010 Zgłoś Share Napisano Kwiecień 17, 2010 Skoro doszło do końca, to zobacz jak to teraz działa. Tzn. czy działa poprawnie, czy nie. Tylko najpierw zrestartuj kompa. Link do komentarza Udostępnij na innych stronach More sharing options...