TA STRONA UŻYWA COOKIE. Dowiedz się więcej o celu ich używania i zmianie ustawień cookie w przeglądarce. Korzystając ze strony wyrażasz zgodę na używanie cookie, zgodnie z aktualnymi ustawieniami przeglądarki.
Od dnia 25.05.2018 r. na terenie Unii Europejskiej wchodzi w życie Rozporządzenie Parlamentu Europejskiego w sprawie ochrony danych osobowych. Prosimy o zapoznanie się z polityką prywatności oraz regulaminem serwisu  [X]

prosze o sprawdzenie logów

Logi, zabezpieczenie komputera, danych. Programy antywirusowe antyspyware, firewall itp.
Regulamin forum
1. Każdy temat powinien odzwierciedlać treść wątku.
2. W przypadku wklejania logów; należy je wykonać od razu przynajmniej z dwóch narzędzi: FRST oraz z GMER
3. Wszelkie logi proszę publikować na przeznaczonych do tego stronach a w poście wklejać tylko link.
4. Nie wskazane jest skracanie logów, należy wkleić cały - od początku, do końca.
5. Nie wskazane jest podczepianie się do tematów innych użytkowników - proszę założyć nowy temat w dziale Bezpieczeństwo, ułatwi to pomoc sprawdzającemu.
6. Osoby nie posiadające odpowiedniej wiedzy, nie powinny sprawdzać logów, ponieważ grozi to poważnym uszkodzeniem systemu lub aplikacji zainstalowanych na komputerze.
7. Należy dokładnie opisać problem, występujące objawy oraz wszelkie podjęte działania.
8. Każdy skrypt jest unikatowy, napisany dla każdego przypadku z osobna, więc nie może być stosowany przez innych.
9. W przypadku zamieszczenia zrzutu ekranu (screenshot'a) proszę korzystać z zewnętrznego serwisu oferującego hosting zdjęć.
Wyślij odpowiedź

prosze o sprawdzenie logów

Postprzez munkk » 15 Lut 2010, 23:35

PostUA: Mozilla/5.0 (Windows; U; Windows NT 5.1; pl; rv:1.9.0.16) Gecko/2009120208 Firefox/3.0.16

http://www.wklej.eu/index.php?id=a110db58a9
munkk
munkk
Postujący
Postujący
 
Posty: 171
Dołączenie: 15 Maj 2008, 21:23
Miejscowość: Suwałki
Góra

Re: prosze o sprawdzenie

Postprzez mateo8898 » 15 Lut 2010, 23:59

PostUA: Mozilla/5.0 (Windows; U; Windows NT 5.1; pl; rv:1.9.2) Gecko/20100115 Firefox/3.6

Mało tego, że HijackThis to przestarzałe narzędzie, które nie widzi wielu infekcji, to jeszcze log ucięty :? Podaj logi z: OTL, GMER oraz System Repair Engineer
Awatar użytkownika
mateo8898
Moderator
Moderator
 
Posty: 15377
Dołączenie: 15 Maj 2009, 14:55
Pochwały: 966
Góra

Re: prosze o sprawdzenie

Postprzez munkk » 16 Lut 2010, 01:08

PostUA: Mozilla/5.0 (Windows; U; Windows NT 5.1; pl; rv:1.9.0.16) Gecko/2009120208 Firefox/3.0.16

OTL Extras logfile created on: 2010-02-15 23:56:03 - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = D:\moje filmy
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

511,00 Mb Total Physical Memory | 98,00 Mb Available Physical Memory | 19,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 42,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 36,13 Gb Total Space | 14,09 Gb Free Space | 39,01% Space Free | Partition Type: NTFS
Drive D: | 38,39 Gb Total Space | 8,12 Gb Free Space | 21,14% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-KOMP
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-73586283-789336058-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2077:UDP" = 2077:UDP:*:Enabled:Windows Media Format SDK (ipla.exe)
"2076:UDP" = 2076:UDP:*:Enabled:Windows Media Format SDK (ipla.exe)
"2079:UDP" = 2079:UDP:*:Enabled:Windows Media Format SDK (ipla.exe)
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Disabled:Gadu-Gadu 10 -- (GG Network S.A.)
"C:\Program Files\GameSpy Arcade\Aphex.exe" = C:\Program Files\GameSpy Arcade\Aphex.exe:*:Disabled:GameSpy Arcade 1.0 -- File not found
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare -- (MusicLab, LLC)
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe" = C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup -- (Nero AG)
"C:\Program Files\Freeciv-2.1.3-gtk2\civserver.exe" = C:\Program Files\Freeciv-2.1.3-gtk2\civserver.exe:*:Enabled:civserver -- ()
"C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group)
"C:\Program Files\SightSpeed\SightSpeed.exe" = C:\Program Files\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed -- (SightSpeed Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
""SubEdit-Player"" = "SubEdit-Player"
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = HydraVisio
"{4ED7D297-58F7-45C3-A9BA-A7CD6FA0D373}_is1" = SureThing CD Labeler Deluxe Trial 5
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{88561496-997E-46E6-B481-AE254E7F1045}" = Nero 7 Ultra Edition
"{9E35B051-C7EE-47CB-BA43-9A7FFD4E61DE}" = OpenOffice.org 3.1
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{B0255743-165B-4BD5-8DA8-37DFB9930012}" = Norton Ghost
"{B0F64C44-DC77-497D-9A27-C0F5BAB12493}" = muveeNow 2.0 - Creative
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{DD6C316A-FE75-4FBB-9D22-4C1920232B72}" = LightScribe System Software
"{F6C05B70-3972-11DE-AA67-005056806466}" = Google Earth Pro
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ares" = Ares 2.1.5
"Ask Toolbar_is1" = Ask Toolbar
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"Bandoo" = Bandoo
"BearShare" = BearShare
"BearShare MediaBar" = MediaBar
"BillardGL 1.75" = BillardGL 1.75
"C-Media PCI Sound" = C-Media PCI Audio
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Creative Live! Cam Center" = Creative Live! Cam Center
"Creative Live! Cam Manager" = Creative Live! Cam Manager
"Creative Live! Cam User's Guide" = Creative Live! Cam User's Guide
"Creative Photo Manager" = Creative Photo Manager
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative VF0420" = Creative Live! Cam Vista IM Driver (1.00.03.0000)
"Droppix Label Maker_is1" = Droppix Label Maker 2.x
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Freeciv-2.1.3-gtk2" = Freeciv 2.1.3 (GTK+ client)
"Gadu-Gadu 10" = Gadu-Gadu 10
"HijackThis" = HijackThis 2.0.2
"KLiteCodecPack_is1" = K-Lite Codec Pack 2.20 Full
"Lexmark 1200 Series" = Lexmark 1200 Series
"LinCity-NG_is1" = LinCity-NG 2.0
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.0.16)" = Mozilla Firefox (3.0.16)
"Picasa 3" = Picasa 3
"Pirate Ship 3D Screensaver_is1" = Pirate Ship 3D Screensaver 1.1
"Pity 2009_is1" = Pity 2009
"RealAlt_is1" = Real Alternative 1.9.0 Lite
"secretmaryo" = Secret Maryo Chronicles
"SightSpeed" = SightSpeed
"SysInfo" = Creative System Information
"Szachy 2001" = Szachy 2001
"VLC media player" = VLC media player 1.0.2
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = Archiwizator WinRAR

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 2009-12-21 13:01:34 | Computer Name = PC-KOMP | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://www491.megaupload.com/files/048d ... ol%203.iso
failed, 00000084.

Error - 2010-01-11 18:54:38 | Computer Name = PC-KOMP | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\MEMORY.DMP failed, 00000005.

Error - 2010-01-11 18:54:38 | Computer Name = PC-KOMP | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\MEMORY.DMP failed, 00000005.

[ Application Events ]
Error - 2010-01-06 07:33:20 | Computer Name = PC-KOMP | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca subedit.exe, wersja 1.0.0.4043, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2010-01-06 09:35:38 | Computer Name = PC-KOMP | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd neroexpress.exe, wersja 9.0.9.100, moduł
powodujący błąd shellmanager.dll, wersja 4.0.9.203, adres błędu 0x00004cb4.

Error - 2010-01-06 09:37:51 | Computer Name = PC-KOMP | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd nerostartsmart.exe, wersja 3.5.8.0, moduł
powodujący błąd mfc71.dll, wersja 7.10.3077.0, adres błędu 0x000347b8.

[ System Events ]
Error - 2010-01-10 21:40:37 | Computer Name = PC-KOMP | Source = Cdrom | ID = 262151
Description = W urządzeniu \Device\CdRom0 wystąpił zły blok.

Error - 2010-01-10 21:40:45 | Computer Name = PC-KOMP | Source = Cdrom | ID = 262151
Description = W urządzeniu \Device\CdRom0 wystąpił zły blok.

Error - 2010-01-10 21:40:54 | Computer Name = PC-KOMP | Source = Cdrom | ID = 262151
Description = W urządzeniu \Device\CdRom0 wystąpił zły blok.

Error - 2010-01-10 21:41:04 | Computer Name = PC-KOMP | Source = Cdrom | ID = 262151
Description = W urządzeniu \Device\CdRom0 wystąpił zły blok.

Error - 2010-01-10 21:41:13 | Computer Name = PC-KOMP | Source = Cdrom | ID = 262151
Description = W urządzeniu \Device\CdRom0 wystąpił zły blok.

Error - 2010-01-10 21:41:22 | Computer Name = PC-KOMP | Source = Cdrom | ID = 262151
Description = W urządzeniu \Device\CdRom0 wystąpił zły blok.

Error - 2010-01-10 21:41:31 | Computer Name = PC-KOMP | Source = Cdrom | ID = 262151
Description = W urządzeniu \Device\CdRom0 wystąpił zły blok.

Error - 2010-01-10 21:41:40 | Computer Name = PC-KOMP | Source = Cdrom | ID = 262151
Description = W urządzeniu \Device\CdRom0 wystąpił zły blok.

Error - 2010-01-10 21:41:49 | Computer Name = PC-KOMP | Source = Cdrom | ID = 262151
Description = W urządzeniu \Device\CdRom0 wystąpił zły blok.

Error - 2010-01-10 21:41:58 | Computer Name = PC-KOMP | Source = Cdrom | ID = 262151
Description = W urządzeniu \Device\CdRom0 wystąpił zły blok.


< End of report >
munkk
munkk
Postujący
Postujący
 
Posty: 171
Dołączenie: 15 Maj 2008, 21:23
Miejscowość: Suwałki
Góra

Re: prosze o sprawdzenie

Postprzez munkk » 16 Lut 2010, 01:13

PostUA: Mozilla/5.0 (Windows; U; Windows NT 5.1; pl; rv:1.9.0.16) Gecko/2009120208 Firefox/3.0.16

OTL by OldTimer - Version 3.1.28.0 Folder = D:\moje filmy
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

511,00 Mb Total Physical Memory | 98,00 Mb Available Physical Memory | 19,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 42,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 36,13 Gb Total Space | 14,09 Gb Free Space | 39,01% Space Free | Partition Type: NTFS
Drive D: | 38,39 Gb Total Space | 8,12 Gb Free Space | 21,14% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-KOMP
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010-02-15 23:52:20 | 000,549,376 | ---- | M] (OldTimer Tools) -- D:\moje filmy\OTL.exe
PRC - [2010-02-08 15:51:32 | 001,015,808 | ---- | M] (Ares Development Group) -- C:\Program Files\Ares\Ares.exe
PRC - [2009-12-27 11:04:40 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-12-21 14:49:02 | 011,850,344 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2009-12-21 13:31:34 | 000,077,824 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\spellchecker_gg.exe
PRC - [2009-12-17 00:30:46 | 001,677,760 | ---- | M] (Discordia Limited) -- C:\Program Files\Bandoo\Bandoo.exe
PRC - [2009-11-25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009-11-25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009-11-25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009-11-25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009-11-25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009-10-09 13:11:12 | 025,623,336 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2009-10-09 13:11:12 | 000,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2009-08-03 20:05:02 | 000,238,888 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
PRC - [2009-05-18 18:04:44 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2009-05-18 17:56:12 | 002,363,392 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
PRC - [2008-10-11 14:27:23 | 000,975,872 | ---- | M] (Alexander Roshal) -- C:\Program Files\WinRAR\WinRAR.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-06-07 14:01:38 | 000,155,648 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
PRC - [2007-04-30 02:00:00 | 000,032,768 | R--- | M] (Creative Technology Ltd.) -- C:\WINDOWS\V0420Mon.exe
PRC - [2007-01-15 16:01:56 | 000,266,240 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2007-01-12 21:29:14 | 036,331,520 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Core\nero.exe
PRC - [2006-12-10 17:54:22 | 007,081,984 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe
PRC - [2006-07-13 06:33:38 | 000,057,344 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
PRC - [2006-07-13 06:33:14 | 000,053,248 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
PRC - [2006-04-17 18:42:14 | 000,311,296 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\LEXBCES.EXE
PRC - [2006-04-17 18:41:24 | 000,174,592 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\LEXPPS.EXE
PRC - [2003-03-20 10:15:00 | 000,315,392 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe


========== Modules (SafeList) ==========

MOD - [2010-02-15 23:52:20 | 000,549,376 | ---- | M] (OldTimer Tools) -- D:\moje filmy\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - [2009-12-21 13:45:55 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Disabled | Stopped] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009-12-17 00:30:46 | 001,677,760 | ---- | M] (Discordia Limited) [Auto | Running] -- C:\Program Files\Bandoo\Bandoo.exe -- (Bandoo Coordinator)
SRV - [2009-11-25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009-11-25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009-11-25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009-11-25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009-11-20 12:48:58 | 000,074,392 | ---- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (SureThing Labelflash service)
SRV - [2009-08-28 16:22:38 | 000,221,184 | ---- | M] (Droppix) [On_Demand | Stopped] -- C:\Program Files\Common Files\Droppix\DxService.exe -- (Droppix Service)
SRV - [2009-05-18 18:04:44 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2008-11-20 20:18:52 | 000,136,120 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2007-03-28 20:41:24 | 003,290,728 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost)
SRV - [2007-01-15 17:14:38 | 000,774,144 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2007-01-15 16:01:56 | 000,266,240 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2006-04-17 18:42:14 | 000,311,296 | ---- | M] (Lexmark International, Inc.) [Auto | Running] -- C:\WINDOWS\system32\LEXBCES.EXE -- (LexBceS)
SRV - [2005-11-14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - [2009-11-25 00:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009-11-25 00:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009-11-25 00:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009-11-25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009-11-25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009-11-25 00:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008-11-20 20:19:06 | 000,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008-04-14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2008-04-13 22:09:18 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007-05-31 02:32:34 | 000,099,648 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0420Vid.sys -- (V0420VID) Live! Cam Vista IM (VF0420)
DRV - [2007-03-28 20:49:42 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007-03-28 20:29:12 | 000,131,944 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symsnap.sys -- (symsnap)
DRV - [2007-03-28 20:29:10 | 000,037,864 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\v2imount.sys -- (v2imount)
DRV - [2007-03-28 20:23:50 | 000,014,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vproeventmonitor.sys -- (VProEventMonitor)
DRV - [2007-03-28 20:12:18 | 000,015,664 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2005-11-25 07:39:06 | 000,203,776 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)
DRV - [2004-09-24 09:07:28 | 000,801,280 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmuda3.sys -- (cmuda3)
DRV - [2003-03-20 12:22:38 | 000,576,896 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2001-08-17 22:49:56 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2001-08-17 21:13:08 | 000,027,165 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fetnd5.sys -- (FETNDIS)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-73586283-789336058-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-73586283-789336058-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-73586283-789336058-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
IE - HKU\S-1-5-21-73586283-789336058-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-73586283-789336058-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-73586283-789336058-839522115-1003\..\URLSearchHook: {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll ()
IE - HKU\S-1-5-21-73586283-789336058-839522115-1003\S-1-5-21-73586283-789336058-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "BearShare Web Search"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: [email protected]:5.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.1
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..keyword.URL: "http://search.bearshare.com/webResults.html?src=ffb&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-02-06 14:44:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-02-07 12:01:49 | 000,000,000 | ---D | M]

[2009-12-21 13:52:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Extensions
[2010-02-07 12:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\ahweri93.default\extensions
[2010-01-05 18:16:43 | 000,000,000 | ---D | M] (MediaBar) -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\ahweri93.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
[2009-12-21 14:30:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\ahweri93.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010-01-06 10:14:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\ahweri93.default\extensions\[email protected]
[2009-12-21 14:52:51 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\ahweri93.default\searchplugins\ask.xml
[2009-12-03 10:54:24 | 000,002,476 | ---- | M] () -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\ahweri93.default\searchplugins\BearShareWebSearch.xml
[2010-02-15 23:26:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-01-05 18:04:28 | 000,024,576 | ---- | M] (My Global Search) -- C:\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll
[2009-12-27 11:04:45 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-12-03 10:54:24 | 000,002,476 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml
[2009-12-27 11:04:45 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-12-27 11:04:45 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-12-27 11:04:45 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-12-27 11:04:45 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-12-27 11:04:45 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\MediaBar\DataMngr\IEBHO.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll (TODO: <Company name>)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Admin\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\S-1-5-21-73586283-789336058-839522115-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [BearShare] C:\Program Files\BearShare\BearShare.exe File not found
O4 - HKLM..\Run: [C:\WINDOWS\system32\V0420Cvw.dll] C:\WINDOWS\system32\V0420CVW.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [CmPCIaudio] File not found
O4 - HKLM..\Run: [Cyfro 2] C:\Program Files\Cyfro\Cyfro2.exe (Bru2soft)
O4 - HKLM..\Run: [DataMngr] C:\Program Files\BearShare Applications\MediaBar\DataMngr\DataMngrUI.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Lexmark 1200 Series] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [V0420Mon.exe] C:\WINDOWS\V0420Mon.exe (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-73586283-789336058-839522115-1003..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)
O4 - HKU\S-1-5-21-73586283-789336058-839522115-1003..\Run: [Creative Live! Cam Manager] C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-73586283-789336058-839522115-1003..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-73586283-789336058-839522115-1003..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-73586283-789336058-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~1\bearsh~2\mediabar\datamngr\datamngr.dll) - c:\Program Files\BearShare Applications\MediaBar\DataMngr\datamngr.dll ()
O20 - AppInit_DLLs: (c:\progra~1\bandoo\bndhook.dll) - c:\Program Files\Bandoo\BndHook.dll (Discordia Limited)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-12-21 14:17:04 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010-02-11 21:01:02 | 000,000,000 | ---D | C] -- C:\Program Files\Ares
[2010-02-09 16:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Help
[2010-02-09 16:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Help
[2010-02-07 22:56:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010-02-07 21:15:35 | 009,355,865 | ---- | C] (Biuro Informatyki Stosowanej FORMAT ) -- C:\Documents and Settings\Admin\Moje dokumenty\instaluj_pity2009_101.exe
[2010-02-07 15:52:19 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2010-02-07 14:41:10 | 000,000,000 | ---D | C] -- C:\Program Files\Pity 2009
[2010-02-07 14:04:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Admin\Moje dokumenty\Shareaza Downloads
[2010-02-07 14:04:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Shareaza
[2010-02-07 14:03:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\Shareaza
[2010-02-07 14:03:47 | 000,000,000 | ---D | C] -- C:\Program Files\Shareaza
[2010-02-06 14:48:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\marxio-tools
[2010-02-06 14:32:52 | 000,000,000 | ---D | C] -- C:\Program Files\Cyfro
[2010-02-06 11:01:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010-02-06 10:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\McAfee
[2010-02-06 10:56:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010-02-06 10:56:09 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010-02-06 10:51:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010-02-06 10:48:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee
[2010-02-06 10:46:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NOS
[2010-02-04 16:31:44 | 031,266,152 | ---- | C] (Droppix ) -- C:\Documents and Settings\Admin\Moje dokumenty\SetupDxLabelMaker.exe
[2010-02-04 14:02:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\Droppix
[2010-02-04 14:01:51 | 000,462,848 | ---- | C] (eHelp Corporation.) -- C:\WINDOWS\System32\HHActiveX.dll
[2010-02-04 14:01:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Admin\Moje dokumenty\Droppix Label Maker Projects
[2010-02-04 14:01:19 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atl71.dll
[2010-02-04 14:01:19 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll
[2010-02-04 14:01:19 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Admin\Moje dokumenty\Droppix Label Maker Misc
[2010-02-04 14:01:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Droppix
[2010-02-04 14:01:18 | 000,000,000 | ---D | C] -- C:\Program Files\Droppix
[2010-02-04 14:00:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Droppix
[2010-01-29 08:32:10 | 013,281,312 | ---- | C] (LightScribe ) -- C:\Documents and Settings\Admin\Moje dokumenty\LS_Update_1.18.10.2_.exe
[2010-01-29 08:32:09 | 013,927,000 | ---- | C] (MicroVision Development, Inc. ) -- C:\Documents and Settings\Admin\Moje dokumenty\stcdeval.exe
[2010-01-29 08:31:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Moje dokumenty\Szachy_2001
[2010-01-28 17:59:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Ares
[2010-01-28 12:43:36 | 000,000,000 | ---D | C] -- C:\temp
[2010-01-27 15:29:57 | 013,281,312 | ---- | C] (LightScribe ) -- C:\Documents and Settings\Admin\Moje dokumenty\LS_Update_1.18.10.2_(2).exe
[2010-01-27 10:49:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Moje dokumenty\Acoustica
[2010-01-27 10:49:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\Acoustica
[2010-01-22 17:38:20 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady
[2010-01-22 17:29:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-01-22 17:29:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010-01-22 17:07:16 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2010-01-22 17:07:16 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2010-01-22 17:07:16 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2010-01-22 17:07:11 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2010-01-22 17:07:11 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2010-01-22 17:07:10 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2010-01-22 17:07:07 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll
[2010-01-22 17:07:06 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2010-01-22 17:07:06 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2010-01-22 17:07:06 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2010-01-22 17:07:06 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2010-01-22 17:07:03 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2010-01-22 17:07:03 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2010-01-22 17:07:03 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2010-01-22 17:07:03 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2010-01-22 17:07:03 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2010-01-22 17:07:03 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2010-01-22 17:07:03 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2010-01-22 17:07:02 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2010-01-22 17:07:02 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2010-01-22 17:07:02 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2010-01-22 17:07:02 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2010-01-22 17:07:02 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2010-01-22 17:07:02 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2010-01-22 17:07:02 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2010-01-22 17:07:02 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2010-01-22 17:07:01 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2010-01-22 17:07:01 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2010-01-22 17:07:01 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2010-01-22 17:07:01 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2010-01-22 17:07:01 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2010-01-22 17:07:01 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2010-01-22 17:07:01 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2010-01-22 17:07:01 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2010-01-22 17:07:00 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2010-01-22 17:07:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2010-01-22 17:07:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2010-01-22 17:07:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2010-01-22 17:07:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2010-01-22 17:06:59 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2010-01-22 17:06:59 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2010-01-22 17:06:59 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2010-01-22 17:06:59 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2010-01-22 17:06:59 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2010-01-22 17:06:59 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2010-01-22 17:06:59 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2010-01-22 17:06:59 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2010-01-22 17:06:59 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2010-01-22 17:06:59 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2010-01-22 17:06:58 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2010-01-22 17:06:58 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2010-01-22 17:06:58 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2010-01-22 17:06:58 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2010-01-22 17:06:57 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2010-01-22 17:06:57 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2010-01-22 17:06:57 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2010-01-22 17:06:57 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2010-01-22 17:06:57 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2010-01-22 17:06:57 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2010-01-22 17:06:57 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2010-01-22 17:06:57 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2010-01-22 17:06:57 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2010-01-22 17:06:57 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2010-01-22 17:06:57 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2010-01-22 17:06:57 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2010-01-22 17:06:56 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2010-01-22 17:06:56 | 000,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2010-01-22 17:06:56 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2010-01-22 17:06:56 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2010-01-22 17:06:56 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2010-01-22 17:06:55 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2010-01-22 17:06:55 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2010-01-22 17:06:54 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2010-01-22 17:06:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl
[2010-01-22 17:06:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010-01-22 17:06:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl
[2010-01-22 17:06:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010-01-22 17:04:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010-01-22 17:04:29 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2010-01-22 17:02:52 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2010-01-22 17:02:52 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2010-01-22 17:02:52 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2010-01-22 17:02:52 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2010-01-22 17:02:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010-01-22 17:02:51 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2010-01-22 17:02:51 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2010-01-22 17:02:51 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2010-01-22 17:02:51 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2010-01-22 17:02:51 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2010-01-22 17:02:51 | 000,043,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\drivers\amdagp.sys
[2010-01-22 17:02:51 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2010-01-22 17:02:51 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2010-01-22 17:02:51 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2010-01-22 17:02:51 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2010-01-22 17:02:51 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2010-01-22 17:02:51 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2010-01-22 17:02:51 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2010-01-22 17:02:51 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2010-01-22 17:02:51 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2010-01-22 17:02:51 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2010-01-22 17:02:51 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2010-01-22 17:02:51 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2010-01-22 17:02:51 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2010-01-22 17:02:50 | 000,220,032 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfbs2s2.sys
[2010-01-22 17:02:50 | 000,144,384 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\hdaudbus.sys
[2010-01-22 17:02:50 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2010-01-22 17:02:50 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2010-01-22 17:02:50 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2010-01-22 17:02:50 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2010-01-22 17:02:50 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2010-01-22 17:02:50 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2010-01-22 17:02:50 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2010-01-22 17:02:50 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2010-01-22 17:02:50 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2010-01-22 17:02:50 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2010-01-22 17:02:50 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2010-01-22 17:02:50 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2010-01-22 17:02:50 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2010-01-22 17:02:49 | 001,897,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2010-01-22 17:02:49 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2010-01-22 17:02:49 | 001,041,536 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfdpsp2.sys
[2010-01-22 17:02:49 | 000,685,056 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfcxts2.sys
[2010-01-22 17:02:49 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2010-01-22 17:02:49 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2010-01-22 17:02:49 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2010-01-22 17:02:49 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2010-01-22 17:02:49 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2010-01-22 17:02:49 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2010-01-22 17:02:49 | 000,011,868 | ---- | C] (Conexant) -- C:\WINDOWS\System32\drivers\mdmxsdk.sys
[2010-01-22 17:02:48 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2010-01-22 17:02:48 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2010-01-22 17:02:48 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2010-01-22 17:02:48 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2010-01-22 17:02:48 | 000,040,960 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\sisagp.sys
[2010-01-22 17:02:48 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2010-01-22 17:02:48 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2010-01-22 17:02:48 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2010-01-22 17:02:48 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2010-01-22 17:02:48 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2010-01-22 17:02:47 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2010-01-22 17:02:47 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2010-01-22 17:02:47 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2010-01-22 17:02:47 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2010-01-22 17:02:47 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2010-01-22 17:02:47 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2010-01-22 17:00:51 | 000,026,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2010-01-22 16:57:16 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010-01-17 12:55:41 | 000,000,000 | ---D | C] -- C:\Program Files\TripleA
[2009-12-21 13:30:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-12-21 13:26:44 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\*.tmp files -> C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010-02-15 21:47:31 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-02-15 18:19:55 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-02-15 18:06:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-02-15 18:06:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-02-15 18:06:18 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2010-02-15 17:52:00 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-02-14 20:15:47 | 000,000,287 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2010-02-14 10:26:45 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-02-12 12:12:16 | 003,145,728 | -H-- | M] () -- C:\Documents and Settings\Admin\NTUSER.DAT
[2010-02-11 21:01:09 | 000,000,632 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Ares.lnk
[2010-02-11 21:00:42 | 002,439,433 | ---- | M] () -- C:\Documents and Settings\Admin\Moje dokumenty\aresregular215_installer_(programs.pl).exe
[2010-02-11 17:57:26 | 000,000,300 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010-02-11 17:08:49 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Admin\ntuser.ini
[2010-02-11 16:52:29 | 000,000,773 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\EVEREST Home Edition.lnk
[2010-02-07 15:43:08 | 003,186,159 | ---- | M] () -- C:\Documents and Settings\Admin\Moje dokumenty\PFCSetup(2).exe
[2010-02-07 15:42:57 | 003,186,159 | ---- | M] () -- C:\Documents and Settings\Admin\Moje dokumenty\PFCSetup.exe
[2010-02-07 14:53:06 | 000,006,100 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Deklaracje_podatkowe_2010-02-07.xml
[2010-02-07 14:41:16 | 000,000,695 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Pity 2009.lnk
[2010-02-07 14:27:26 | 009,355,865 | ---- | M] (Biuro Informatyki Stosowanej FORMAT ) -- C:\Documents and Settings\Admin\Moje dokumenty\instaluj_pity2009_101.exe
[2010-02-07 13:47:24 | 000,567,047 | ---- | M] () -- C:\Documents and Settings\Admin\Moje dokumenty\Sequoia_1.3.exe
[2010-02-07 12:01:41 | 000,131,688 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-02-06 10:57:10 | 000,001,735 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-02-04 14:02:23 | 000,026,712 | ---- | M] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-02-04 14:01:56 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Droppix Label Maker.lnk
[2010-02-04 14:01:36 | 000,001,780 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\LightScribe.lnk
[2010-02-04 13:54:48 | 031,266,152 | ---- | M] (Droppix ) -- C:\Documents and Settings\Admin\Moje dokumenty\SetupDxLabelMaker.exe
[2010-01-31 14:02:59 | 000,259,604 | -H-- | M] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-01-28 17:59:18 | 002,436,209 | ---- | M] () -- C:\Documents and Settings\Admin\Moje dokumenty\aresregular214_installer.exe
[2010-01-27 10:36:06 | 000,001,780 | ---- | M] () -- C:\Documents and Settings\Admin\Moje dokumenty\LightScribe.lnk
[2010-01-27 10:32:40 | 013,281,312 | ---- | M] (LightScribe ) -- C:\Documents and Settings\Admin\Moje dokumenty\LS_Update_1.18.10.2_(2).exe
[2010-01-22 17:31:01 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010-01-22 17:31:00 | 000,448,004 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-01-22 17:31:00 | 000,392,296 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-01-22 17:31:00 | 000,074,230 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-01-22 17:31:00 | 000,058,596 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-01-22 17:30:59 | 000,984,778 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-01-22 17:02:33 | 000,251,152 | RHS- | M] () -- C:\ntldr
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\*.tmp files -> C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010-02-12 04:36:02 | 002,439,433 | ---- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\aresregular215_installer_(programs.pl).exe
[2010-02-11 21:01:09 | 000,000,632 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Ares.lnk
[2010-02-07 21:15:36 | 003,186,159 | ---- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\PFCSetup.exe
[2010-02-07 21:15:36 | 003,186,159 | ---- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\PFCSetup(2).exe
[2010-02-07 21:15:36 | 000,567,047 | ---- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\Sequoia_1.3.exe
[2010-02-07 14:53:06 | 000,006,100 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Deklaracje_podatkowe_2010-02-07.xml
[2010-02-07 14:41:16 | 000,000,695 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Pity 2009.lnk
[2010-02-06 10:57:10 | 000,001,735 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-02-04 14:01:56 | 000,000,817 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Droppix Label Maker.lnk
[2010-02-04 14:01:36 | 000,001,780 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\LightScribe.lnk
[2010-01-29 08:32:26 | 002,436,209 | ---- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\aresregular214_installer.exe
[2010-01-27 10:51:21 | 000,299,552 | ---- | C] () -- C:\WINDOWS\wmsysprx.prx
[2010-01-22 17:07:14 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2010-01-22 17:07:14 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2010-01-22 17:07:14 | 000,001,714 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2010-01-22 17:07:13 | 000,693,932 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2010-01-22 17:07:13 | 000,071,460 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2010-01-22 17:07:13 | 000,027,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2010-01-22 17:07:13 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2010-01-22 17:07:12 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2010-01-22 17:07:12 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2010-01-22 17:07:12 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2010-01-22 17:07:12 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2010-01-22 17:07:12 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2010-01-22 17:07:12 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2010-01-22 17:07:12 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2010-01-22 17:07:12 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2010-01-22 17:07:12 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2010-01-22 17:07:12 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2010-01-22 17:07:12 | 000,058,350 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2010-01-22 17:07:12 | 000,034,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2010-01-22 17:07:12 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2010-01-22 17:07:12 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2010-01-22 17:07:12 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2010-01-22 17:07:12 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2010-01-22 17:07:12 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2010-01-22 17:07:12 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2010-01-22 17:07:12 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2010-01-22 17:07:12 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2010-01-22 17:07:12 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2010-01-22 17:07:12 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2010-01-22 17:07:12 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2010-01-22 17:07:12 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2010-01-22 17:07:12 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2010-01-22 17:07:12 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2010-01-22 17:07:12 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2010-01-22 17:07:12 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2010-01-22 17:07:12 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2010-01-22 17:07:11 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2010-01-22 17:07:11 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2010-01-22 17:07:11 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2010-01-22 17:07:11 | 000,089,253 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2010-01-22 17:07:11 | 000,066,160 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2010-01-22 17:07:11 | 000,036,644 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2010-01-22 17:07:11 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2010-01-22 17:07:11 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2010-01-22 17:07:11 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2010-01-22 17:07:11 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2010-01-22 17:07:11 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2010-01-22 17:07:11 | 000,001,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2010-01-22 17:07:11 | 000,001,482 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2010-01-22 17:07:11 | 000,001,479 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2010-01-22 17:07:11 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2010-01-22 17:07:11 | 000,001,471 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2010-01-22 17:07:11 | 000,001,463 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2010-01-22 17:07:11 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2010-01-22 17:07:11 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2010-01-22 17:07:11 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2010-01-22 17:07:11 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2010-01-22 17:07:11 | 000,001,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2010-01-22 17:07:11 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2010-01-22 17:07:11 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2010-01-22 17:07:11 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2010-01-22 17:07:11 | 000,001,041 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2010-01-22 17:07:11 | 000,000,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2010-01-22 17:07:11 | 000,000,822 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2010-01-22 17:07:11 | 000,000,808 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2010-01-22 17:07:11 | 000,000,792 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2010-01-22 17:07:11 | 000,000,786 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2010-01-22 17:07:11 | 000,000,738 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2010-01-22 17:07:11 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2010-01-22 17:07:10 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2010-01-22 17:07:10 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2010-01-22 17:07:10 | 000,184,137 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2010-01-22 17:07:10 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2010-01-22 17:07:10 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2010-01-22 17:07:10 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2010-01-22 17:07:10 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2010-01-22 17:07:10 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2010-01-22 17:07:10 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2010-01-22 17:07:10 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2010-01-22 17:07:10 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2010-01-22 17:07:10 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2010-01-22 17:07:10 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2010-01-22 17:02:50 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010-01-22 17:02:50 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010-01-22 17:02:49 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2010-01-12 13:40:02 | 000,000,300 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010-01-06 11:57:05 | 000,000,039 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2010-01-05 18:16:35 | 000,076,407 | ---- | C] () -- C:\Documents and Settings\Admin\Dane aplikacji\Smiley.ico
[2009-12-22 22:28:35 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2009-12-21 14:16:06 | 000,063,488 | ---- | C] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-12-21 14:15:11 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-12-21 13:42:26 | 000,000,287 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2009-12-21 13:42:11 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll
[2009-12-21 13:41:58 | 000,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini
[2009-12-21 13:35:38 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\CMRMDRV3.DLL
[2004-01-05 23:50:40 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\ImxEx.dll
[2003-11-18 13:50:24 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2003-09-16 17:52:30 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2003-09-16 17:41:44 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2003-05-14 16:54:02 | 000,577,536 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2001-09-17 13:20:02 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll

========== LOP Check ==========
munkk
munkk
Postujący
Postujący
 
Posty: 171
Dołączenie: 15 Maj 2008, 21:23
Miejscowość: Suwałki
Góra

Re: prosze o sprawdzenie

Postprzez munkk » 16 Lut 2010, 01:13

PostUA: Mozilla/5.0 (Windows; U; Windows NT 5.1; pl; rv:1.9.0.16) Gecko/2009120208 Firefox/3.0.16

========== LOP Check ==========

[2010-01-27 10:49:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Acoustica
[2010-01-06 10:14:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Bandoo
[2010-01-07 12:53:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\bearsharemediabartb
[2010-02-04 22:33:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\BESTplayer
[2010-02-06 11:01:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010-02-04 14:02:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Droppix
[2010-01-12 14:01:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\flightgear.org
[2010-01-12 14:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\fltk.org
[2010-01-19 17:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Gadu-Gadu 10
[2010-01-22 17:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\ipla
[2010-01-09 18:31:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\muvee Technologies
[2009-12-22 22:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\OpenFM
[2010-01-10 17:24:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Orangeline Interactive
[2010-02-08 16:07:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Shareaza
[2010-01-12 13:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\smc
[2010-01-06 10:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Bandoo
[2010-02-04 14:02:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Droppix
[2010-01-22 17:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-01-05 13:40:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe
[2009-12-21 14:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\muvee Technologies
[2010-01-11 15:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-01-09 18:29:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 16 bytes -> C:\Documents and Settings\Admin\Moje dokumenty\Shareaza Downloads:Shareaza.GUID
< End of report >
munkk
munkk
Postujący
Postujący
 
Posty: 171
Dołączenie: 15 Maj 2008, 21:23
Miejscowość: Suwałki
Góra

Re: prosze o sprawdzenie

Postprzez munkk » 16 Lut 2010, 01:14

PostUA: Mozilla/5.0 (Windows; U; Windows NT 5.1; pl; rv:1.9.0.16) Gecko/2009120208 Firefox/3.0.16

========== LOP Check ==========

[2010-01-27 10:49:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Acoustica
[2010-01-06 10:14:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Bandoo
[2010-01-07 12:53:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\bearsharemediabartb
[2010-02-04 22:33:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\BESTplayer
[2010-02-06 11:01:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010-02-04 14:02:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Droppix
[2010-01-12 14:01:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\flightgear.org
[2010-01-12 14:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\fltk.org
[2010-01-19 17:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Gadu-Gadu 10
[2010-01-22 17:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\ipla
[2010-01-09 18:31:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\muvee Technologies
[2009-12-22 22:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\OpenFM
[2010-01-10 17:24:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Orangeline Interactive
[2010-02-08 16:07:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Shareaza
[2010-01-12 13:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\smc
[2010-01-06 10:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Bandoo
[2010-02-04 14:02:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Droppix
[2010-01-22 17:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-01-05 13:40:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe
[2009-12-21 14:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\muvee Technologies
[2010-01-11 15:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-01-09 18:29:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 16 bytes -> C:\Documents and Settings\Admin\Moje dokumenty\Shareaza Downloads:Shareaza.GUID
< End of report >
munkk
munkk
Postujący
Postujący
 
Posty: 171
Dołączenie: 15 Maj 2008, 21:23
Miejscowość: Suwałki
Góra

Re: prosze o sprawdzenie

Postprzez munkk » 16 Lut 2010, 01:32

PostUA: Mozilla/5.0 (Windows; U; Windows NT 5.1; pl; rv:1.9.0.16) Gecko/2009120208 Firefox/3.0.16

System Repair Engineer ten u mnie nie działa nie wiem
munkk
munkk
Postujący
Postujący
 
Posty: 171
Dołączenie: 15 Maj 2008, 21:23
Miejscowość: Suwałki
Góra

Re: prosze o sprawdzenie

Postprzez mateo8898 » 16 Lut 2010, 09:37

PostUA: Mozilla/5.0 (Windows; U; Windows NT 5.1; pl; rv:1.9.2) Gecko/20100115 Firefox/3.6

Logi wklejasz na wklejorg lub wklejto, w poście dajesz tylko link.

A co z logiem z GMER????

Uruchom OTL -> w oknie Custom Scans/Fixes wklej:
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
IE - HKU\S-1-5-21-73586283-789336058-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
IE - HKU\S-1-5-21-73586283-789336058-839522115-1003\..\URLSearchHook: {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll ()
FF - prefs.js..browser.search.defaultenginename: "BearShare Web Search"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.1
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..keyword.URL: "http://search.bearshare.com/webResults.html?src=ffb&q="
[2009-12-21 14:52:51 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\ahweri93.default\searchplugins\ask.xml
[2009-12-03 10:54:24 | 000,002,476 | ---- | M] () -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\ahweri93.default\searchplugins\BearShareWebSearch.xml
[2010-01-05 18:04:28 | 000,024,576 | ---- | M] (My Global Search) -- C:\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll
[2009-12-03 10:54:24 | 000,002,476 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll ()
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\MediaBar\DataMngr\IEBHO.dll ()
O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\S-1-5-21-73586283-789336058-839522115-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4 - HKLM..\Run: [DataMngr] C:\Program Files\BearShare Applications\MediaBar\DataMngr\DataMngrUI.exe ()
O20 - AppInit_DLLs: (c:\progra~1\bearsh~2\mediabar\datamngr\datamngr.dll) - c:\Program Files\BearShare Applications\MediaBar\DataMngr\datamngr.dll ()

:Files
C:\Program Files\AskSearch
C:\Program Files\BearShare Applications\MediaBar
C:\Program Files\AskBarDis
C:\temp
C:\Documents and Settings\Admin\Dane aplikacji\bearsharemediabartb

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"ATIPTA"=-
"BearShare"=-
"CmPCIaudio"=-
"KernelFaultCheck"=-
"NeroFilterCheck"=-

:Commands
[emptytemp]

Klikasz Run Fix. Dajesz log z usuwania + nowy log z OTL
Awatar użytkownika
mateo8898
Moderator
Moderator
 
Posty: 15377
Dołączenie: 15 Maj 2009, 14:55
Pochwały: 966
Góra

Re: prosze o sprawdzenie

Postprzez munkk » 16 Lut 2010, 09:59

PostUA: Mozilla/5.0 (Windows; U; Windows NT 5.1; pl; rv:1.9.0.16) Gecko/2009120208 Firefox/3.0.16

to co mi to wkleiłeś wklejam w Custom Scan/Fix i dalej to już nic nie rozumiem ,mógłbyś jakoś dosadniej nie jestem specjalisto
munkk
munkk
Postujący
Postujący
 
Posty: 171
Dołączenie: 15 Maj 2008, 21:23
Miejscowość: Suwałki
Góra

Re: prosze o sprawdzenie

Postprzez mateo8898 » 16 Lut 2010, 10:41

PostUA: Mozilla/5.0 (Windows; U; Windows NT 5.1; pl; rv:1.9.2) Gecko/20100115 Firefox/3.6

Tu nie trzeba być specjalistą, tylko wystarczy czytać ze zrozumieniem :)
Po wklejeniu podanego skryptu kliknij Run Fix, rozpocznie się usuwanie, może być potrzebny restart kompa. Po wykonaniu powstanie log, który tu podajesz. Następnie robisz nowy log opcją Run Scan i też tu dajesz.
Awatar użytkownika
mateo8898
Moderator
Moderator
 
Posty: 15377
Dołączenie: 15 Maj 2009, 14:55
Pochwały: 966
Góra

Re: prosze o sprawdzenie

Postprzez munkk » 16 Lut 2010, 11:03

PostUA: Mozilla/5.0 (Windows; U; Windows NT 5.1; pl; rv:1.9.0.16) Gecko/2009120208 Firefox/3.0.16

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Unable to set value : HKU\S-1-5-21-73586283-789336058-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E!
Registry value HKEY_USERS\S-1-5-21-73586283-789336058-839522115-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{C94E154B-1459-4A47-966B-4B843BEFC7DB} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C94E154B-1459-4A47-966B-4B843BEFC7DB}\ deleted successfully.
C:\Program Files\AskSearch\bin\DefaultSearch.dll moved successfully.
Prefs.js: "BearShare Web Search" removed from browser.search.defaultenginename
Prefs.js: "BearShare Web Search" removed from browser.search.order.1
Prefs.js: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.1 removed from extensions.enabledItems
Prefs.js: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971 removed from extensions.enabledItems
Prefs.js: "http://search.bearshare.com/webResults.html?src=ffb&q=" removed from keyword.URL
C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\ahweri93.default\searchplugins\ask.xml moved successfully.
C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\ahweri93.default\searchplugins\BearShareWebSearch.xml moved successfully.
C:\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0974BA1E-64EC-11DE-B2A5-E43756D89593}\ deleted successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
C:\Program Files\AskBarDis\bar\bin\askBar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}\ deleted successfully.
C:\Program Files\BearShare Applications\MediaBar\DataMngr\IEBHO.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0974BA1E-64EC-11DE-B2A5-E43756D89593} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0974BA1E-64EC-11DE-B2A5-E43756D89593}\ not found.
File C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ deleted successfully.
File C:\Program Files\AskBarDis\bar\bin\askBar.dll not found.
Registry value HKEY_USERS\S-1-5-21-73586283-789336058-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}\ not found.
File C:\Program Files\AskBarDis\bar\bin\askBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DataMngr deleted successfully.
C:\Program Files\BearShare Applications\MediaBar\DataMngr\DataMngrUI.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~1\bearsh~2\mediabar\datamngr\datamngr.dll deleted successfully.
c:\Program Files\BearShare Applications\MediaBar\DataMngr\datamngr.dll moved successfully.
========== FILES ==========
C:\Program Files\AskSearch\bin folder moved successfully.
C:\Program Files\AskSearch folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\components folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\chrome\skin\searchbar folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\chrome\skin\options folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\uwa folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\images folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio\css folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\radio folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\images folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels\css folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib\panels folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\chrome\skin\lib folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\chrome\skin folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217 folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227 folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\chrome\content\widgets folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\chrome\content\modules folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\chrome\content\lib folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\chrome\content\data\search folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\chrome\content\data folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\chrome\content folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar\chrome folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\ToolBar folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar\DataMngr folder moved successfully.
C:\Program Files\BearShare Applications\MediaBar folder moved successfully.
C:\Program Files\AskBarDis\bar\Settings folder moved successfully.
C:\Program Files\AskBarDis\bar\History folder moved successfully.
C:\Program Files\AskBarDis\bar\Cache folder moved successfully.
C:\Program Files\AskBarDis\bar\bin folder moved successfully.
C:\Program Files\AskBarDis\bar folder moved successfully.
C:\Program Files\AskBarDis folder moved successfully.
C:\temp folder moved successfully.
C:\Documents and Settings\Admin\Dane aplikacji\bearsharemediabartb\widgets_cache folder moved successfully.
C:\Documents and Settings\Admin\Dane aplikacji\bearsharemediabartb\weather folder moved successfully.
C:\Documents and Settings\Admin\Dane aplikacji\bearsharemediabartb\games folder moved successfully.
C:\Documents and Settings\Admin\Dane aplikacji\bearsharemediabartb folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\ATIPTA deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\BearShare deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\CmPCIaudio deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Admin
->Temp folder emptied: 43275027 bytes
->Temporary Internet Files folder emptied: 29661187 bytes
->Java cache emptied: 15392458 bytes
->FireFox cache emptied: 56586238 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2134153 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 578561 bytes
RecycleBin emptied: 43955731 bytes

Total Files Cleaned = 183,00 mb


OTL by OldTimer - Version 3.1.28.0 log created on 02162010_095419

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\Perflib_Perfdata_608.dat moved successfully.

Registry entries deleted on Reboot...
munkk
munkk
Postujący
Postujący
 
Posty: 171
Dołączenie: 15 Maj 2008, 21:23
Miejscowość: Suwałki
Góra

Re: prosze o sprawdzenie

Postprzez munkk » 16 Lut 2010, 11:09

PostUA: Mozilla/5.0 (Windows; U; Windows NT 5.1; pl; rv:1.9.0.16) Gecko/2009120208 Firefox/3.0.16

OTL logfile created on: 2010-02-16 10:04:04 - Run 2
OTL by OldTimer - Version 3.1.28.0 Folder = D:\moje filmy
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

511,00 Mb Total Physical Memory | 83,00 Mb Available Physical Memory | 16,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 36,13 Gb Total Space | 13,67 Gb Free Space | 37,84% Space Free | Partition Type: NTFS
Drive D: | 38,39 Gb Total Space | 8,11 Gb Free Space | 21,13% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-KOMP
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010-02-16 08:54:14 | 000,549,376 | ---- | M] (OldTimer Tools) -- D:\moje filmy\OTL.exe
PRC - [2010-02-08 15:51:32 | 001,015,808 | ---- | M] (Ares Development Group) -- C:\Program Files\Ares\Ares.exe
PRC - [2009-12-27 11:04:40 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-12-21 14:49:02 | 011,850,344 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2009-12-21 13:31:34 | 000,077,824 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\spellchecker_gg.exe
PRC - [2009-12-17 00:30:46 | 001,677,760 | ---- | M] (Discordia Limited) -- C:\Program Files\Bandoo\Bandoo.exe
PRC - [2009-11-25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009-11-25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009-11-25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009-11-25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009-11-25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009-05-18 18:04:44 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2009-05-18 17:56:12 | 002,363,392 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-06-07 14:01:38 | 000,155,648 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
PRC - [2007-04-30 02:00:00 | 000,032,768 | R--- | M] (Creative Technology Ltd.) -- C:\WINDOWS\V0420Mon.exe
PRC - [2006-07-13 06:33:38 | 000,057,344 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
PRC - [2006-07-13 06:33:14 | 000,053,248 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
PRC - [2006-04-17 18:42:14 | 000,311,296 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\LEXBCES.EXE
PRC - [2006-04-17 18:41:24 | 000,174,592 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\LEXPPS.EXE


========== Modules (SafeList) ==========

MOD - [2010-02-16 08:54:14 | 000,549,376 | ---- | M] (OldTimer Tools) -- D:\moje filmy\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - [2009-12-21 13:45:55 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Disabled | Stopped] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009-12-17 00:30:46 | 001,677,760 | ---- | M] (Discordia Limited) [Auto | Running] -- C:\Program Files\Bandoo\Bandoo.exe -- (Bandoo Coordinator)
SRV - [2009-11-25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009-11-25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009-11-25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009-11-25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009-11-20 12:48:58 | 000,074,392 | ---- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (SureThing Labelflash service)
SRV - [2009-08-28 16:22:38 | 000,221,184 | ---- | M] (Droppix) [On_Demand | Stopped] -- C:\Program Files\Common Files\Droppix\DxService.exe -- (Droppix Service)
SRV - [2009-05-18 18:04:44 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2008-11-20 20:18:52 | 000,136,120 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2007-03-28 20:41:24 | 003,290,728 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost)
SRV - [2007-01-15 17:14:38 | 000,774,144 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2007-01-15 16:01:56 | 000,266,240 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2006-04-17 18:42:14 | 000,311,296 | ---- | M] (Lexmark International, Inc.) [Auto | Running] -- C:\WINDOWS\system32\LEXBCES.EXE -- (LexBceS)
SRV - [2005-11-14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - [2009-11-25 00:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009-11-25 00:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009-11-25 00:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009-11-25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009-11-25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009-11-25 00:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008-11-20 20:19:06 | 000,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008-04-14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2008-04-13 22:09:18 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007-05-31 02:32:34 | 000,099,648 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0420Vid.sys -- (V0420VID) Live! Cam Vista IM (VF0420)
DRV - [2007-03-28 20:49:42 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007-03-28 20:29:12 | 000,131,944 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symsnap.sys -- (symsnap)
DRV - [2007-03-28 20:29:10 | 000,037,864 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\v2imount.sys -- (v2imount)
DRV - [2007-03-28 20:23:50 | 000,014,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vproeventmonitor.sys -- (VProEventMonitor)
DRV - [2007-03-28 20:12:18 | 000,015,664 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2005-11-25 07:39:06 | 000,203,776 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)
DRV - [2004-09-24 09:07:28 | 000,801,280 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmuda3.sys -- (cmuda3)
DRV - [2003-03-20 12:22:38 | 000,576,896 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2001-08-17 22:49:56 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2001-08-17 21:13:08 | 000,027,165 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fetnd5.sys -- (FETNDIS)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-02-06 14:44:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-02-16 09:54:27 | 000,000,000 | ---D | M]

[2009-12-21 13:52:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Extensions
[2010-02-07 12:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\ahweri93.default\extensions
[2010-01-05 18:16:43 | 000,000,000 | ---D | M] (MediaBar) -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\ahweri93.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
[2009-12-21 14:30:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\ahweri93.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010-01-06 10:14:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\ahweri93.default\extensions\[email protected]
[2010-02-16 10:02:28 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-12-27 11:04:45 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-12-27 11:04:45 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-12-27 11:04:45 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-12-27 11:04:45 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-12-27 11:04:45 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-12-27 11:04:45 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll (TODO: <Company name>)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Admin\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - No CLSID value found.
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [C:\WINDOWS\system32\V0420Cvw.dll] C:\WINDOWS\system32\V0420CVW.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [Cyfro 2] C:\Program Files\Cyfro\Cyfro2.exe (Bru2soft)
O4 - HKLM..\Run: [Lexmark 1200 Series] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [V0420Mon.exe] C:\WINDOWS\V0420Mon.exe (Creative Technology Ltd.)
O4 - HKCU..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)
O4 - HKCU..\Run: [Creative Live! Cam Manager] C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe (Creative Technology Ltd.)
O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~1\bandoo\bndhook.dll) - c:\Program Files\Bandoo\BndHook.dll (Discordia Limited)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-12-21 14:17:04 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010-02-16 00:37:36 | 000,000,000 | ---D | C] -- C:\Program Files\Hellboy
[2010-02-16 00:35:36 | 000,000,000 | ---D | C] -- C:\Program Files\Pearl Harbor
[2010-02-16 00:18:21 | 000,289,144 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\VCCLSID.exe
[2010-02-16 00:18:21 | 000,288,417 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\SrchSTS.exe
[2010-02-16 00:18:21 | 000,087,552 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\VACFix.exe
[2010-02-16 00:18:21 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.exe
[2010-02-16 00:18:21 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.C.exe
[2010-02-16 00:18:21 | 000,082,432 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\404Fix.exe
[2010-02-16 00:18:21 | 000,080,384 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\o4Patch.exe
[2010-02-16 00:18:21 | 000,079,360 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swxcacls.exe
[2010-02-16 00:18:21 | 000,078,336 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\Agent.OMZ.Fix.exe
[2010-02-16 00:18:20 | 000,135,168 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swreg.exe
[2010-02-16 00:18:20 | 000,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\WINDOWS\System32\Process.exe
[2010-02-16 00:16:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Pulpit\SmitfraudFix
[2010-02-11 21:01:02 | 000,000,000 | ---D | C] -- C:\Program Files\Ares
[2010-02-09 16:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Help
[2010-02-09 16:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Help
[2010-02-07 22:56:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010-02-07 21:15:35 | 009,355,865 | ---- | C] (Biuro Informatyki Stosowanej FORMAT ) -- C:\Documents and Settings\Admin\Moje dokumenty\instaluj_pity2009_101.exe
[2010-02-07 15:52:19 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2010-02-07 14:41:10 | 000,000,000 | ---D | C] -- C:\Program Files\Pity 2009
[2010-02-07 14:04:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Admin\Moje dokumenty\Shareaza Downloads
[2010-02-07 14:04:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Shareaza
[2010-02-07 14:03:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\Shareaza
[2010-02-07 14:03:47 | 000,000,000 | ---D | C] -- C:\Program Files\Shareaza
[2010-02-06 14:48:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\marxio-tools
[2010-02-06 14:32:52 | 000,000,000 | ---D | C] -- C:\Program Files\Cyfro
[2010-02-06 11:01:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010-02-06 10:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\McAfee
[2010-02-06 10:56:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010-02-06 10:56:09 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010-02-06 10:51:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010-02-06 10:48:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee
[2010-02-06 10:46:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NOS
[2010-02-04 16:31:44 | 031,266,152 | ---- | C] (Droppix ) -- C:\Documents and Settings\Admin\Moje dokumenty\SetupDxLabelMaker.exe
[2010-02-04 14:02:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\Droppix
[2010-02-04 14:01:51 | 000,462,848 | ---- | C] (eHelp Corporation.) -- C:\WINDOWS\System32\HHActiveX.dll
[2010-02-04 14:01:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Admin\Moje dokumenty\Droppix Label Maker Projects
[2010-02-04 14:01:19 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atl71.dll
[2010-02-04 14:01:19 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll
[2010-02-04 14:01:19 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Admin\Moje dokumenty\Droppix Label Maker Misc
[2010-02-04 14:01:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Droppix
[2010-02-04 14:01:18 | 000,000,000 | ---D | C] -- C:\Program Files\Droppix
[2010-02-04 14:00:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Droppix
[2010-01-29 08:32:10 | 013,281,312 | ---- | C] (LightScribe ) -- C:\Documents and Settings\Admin\Moje dokumenty\LS_Update_1.18.10.2_.exe
[2010-01-29 08:32:09 | 013,927,000 | ---- | C] (MicroVision Development, Inc. ) -- C:\Documents and Settings\Admin\Moje dokumenty\stcdeval.exe
[2010-01-29 08:31:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Moje dokumenty\Szachy_2001
[2010-01-28 17:59:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Ares
[2010-01-27 15:29:57 | 013,281,312 | ---- | C] (LightScribe ) -- C:\Documents and Settings\Admin\Moje dokumenty\LS_Update_1.18.10.2_(2).exe
[2010-01-27 10:49:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Moje dokumenty\Acoustica
[2010-01-27 10:49:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\Acoustica
[2010-01-22 17:38:20 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady
[2010-01-22 17:29:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2010-01-22 17:29:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010-01-22 17:07:16 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2010-01-22 17:07:16 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2010-01-22 17:07:16 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2010-01-22 17:07:11 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2010-01-22 17:07:11 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2010-01-22 17:07:10 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2010-01-22 17:07:07 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll
[2010-01-22 17:07:06 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2010-01-22 17:07:06 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2010-01-22 17:07:06 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2010-01-22 17:07:06 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2010-01-22 17:07:03 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2010-01-22 17:07:03 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2010-01-22 17:07:03 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2010-01-22 17:07:03 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2010-01-22 17:07:03 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2010-01-22 17:07:03 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2010-01-22 17:07:03 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2010-01-22 17:07:02 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2010-01-22 17:07:02 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2010-01-22 17:07:02 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2010-01-22 17:07:02 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2010-01-22 17:07:02 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2010-01-22 17:07:02 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2010-01-22 17:07:02 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2010-01-22 17:07:02 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2010-01-22 17:07:01 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2010-01-22 17:07:01 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2010-01-22 17:07:01 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2010-01-22 17:07:01 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2010-01-22 17:07:01 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2010-01-22 17:07:01 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2010-01-22 17:07:01 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2010-01-22 17:07:01 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2010-01-22 17:07:00 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2010-01-22 17:07:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2010-01-22 17:07:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2010-01-22 17:07:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2010-01-22 17:07:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2010-01-22 17:06:59 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2010-01-22 17:06:59 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2010-01-22 17:06:59 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2010-01-22 17:06:59 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2010-01-22 17:06:59 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2010-01-22 17:06:59 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2010-01-22 17:06:59 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2010-01-22 17:06:59 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2010-01-22 17:06:59 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2010-01-22 17:06:59 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2010-01-22 17:06:58 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2010-01-22 17:06:58 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2010-01-22 17:06:58 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2010-01-22 17:06:58 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2010-01-22 17:06:57 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2010-01-22 17:06:57 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2010-01-22 17:06:57 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2010-01-22 17:06:57 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2010-01-22 17:06:57 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2010-01-22 17:06:57 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2010-01-22 17:06:57 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2010-01-22 17:06:57 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2010-01-22 17:06:57 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2010-01-22 17:06:57 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2010-01-22 17:06:57 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2010-01-22 17:06:57 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2010-01-22 17:06:56 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2010-01-22 17:06:56 | 000,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2010-01-22 17:06:56 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2010-01-22 17:06:56 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2010-01-22 17:06:56 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2010-01-22 17:06:55 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2010-01-22 17:06:55 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2010-01-22 17:06:54 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2010-01-22 17:06:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl
[2010-01-22 17:06:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010-01-22 17:06:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl
[2010-01-22 17:06:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010-01-22 17:04:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010-01-22 17:04:29 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2010-01-22 17:02:52 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2010-01-22 17:02:52 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2010-01-22 17:02:52 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2010-01-22 17:02:52 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2010-01-22 17:02:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010-01-22 17:02:51 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2010-01-22 17:02:51 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2010-01-22 17:02:51 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2010-01-22 17:02:51 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2010-01-22 17:02:51 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2010-01-22 17:02:51 | 000,043,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\drivers\amdagp.sys
[2010-01-22 17:02:51 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2010-01-22 17:02:51 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2010-01-22 17:02:51 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2010-01-22 17:02:51 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2010-01-22 17:02:51 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2010-01-22 17:02:51 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2010-01-22 17:02:51 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2010-01-22 17:02:51 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2010-01-22 17:02:51 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2010-01-22 17:02:51 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2010-01-22 17:02:51 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2010-01-22 17:02:51 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2010-01-22 17:02:51 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2010-01-22 17:02:50 | 000,220,032 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfbs2s2.sys
[2010-01-22 17:02:50 | 000,144,384 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\hdaudbus.sys
[2010-01-22 17:02:50 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2010-01-22 17:02:50 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2010-01-22 17:02:50 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2010-01-22 17:02:50 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2010-01-22 17:02:50 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2010-01-22 17:02:50 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2010-01-22 17:02:50 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2010-01-22 17:02:50 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2010-01-22 17:02:50 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2010-01-22 17:02:50 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2010-01-22 17:02:50 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2010-01-22 17:02:50 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2010-01-22 17:02:50 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2010-01-22 17:02:49 | 001,897,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2010-01-22 17:02:49 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2010-01-22 17:02:49 | 001,041,536 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfdpsp2.sys
[2010-01-22 17:02:49 | 000,685,056 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfcxts2.sys
[2010-01-22 17:02:49 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2010-01-22 17:02:49 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2010-01-22 17:02:49 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2010-01-22 17:02:49 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2010-01-22 17:02:49 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2010-01-22 17:02:49 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2010-01-22 17:02:49 | 000,011,868 | ---- | C] (Conexant) -- C:\WINDOWS\System32\drivers\mdmxsdk.sys
[2010-01-22 17:02:48 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2010-01-22 17:02:48 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2010-01-22 17:02:48 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2010-01-22 17:02:48 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2010-01-22 17:02:48 | 000,040,960 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\sisagp.sys
[2010-01-22 17:02:48 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2010-01-22 17:02:48 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2010-01-22 17:02:48 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2010-01-22 17:02:48 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2010-01-22 17:02:48 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2010-01-22 17:02:47 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2010-01-22 17:02:47 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2010-01-22 17:02:47 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2010-01-22 17:02:47 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2010-01-22 17:02:47 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2010-01-22 17:02:47 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2010-01-22 17:00:51 | 000,026,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2010-01-22 16:57:16 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010-01-17 12:55:41 | 000,000,000 | ---D | C] -- C:\Program Files\TripleA
[2009-12-21 13:30:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-12-21 13:26:44 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[1 C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\*.tmp files -> C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010-02-16 09:57:42 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-02-16 09:57:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-02-16 09:57:33 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2010-02-16 09:56:39 | 003,145,728 | -H-- | M] () -- C:\Documents and Settings\Admin\NTUSER.DAT
[2010-02-16 09:56:39 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Admin\ntuser.ini
[2010-02-16 00:44:40 | 000,000,481 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Skrót do HiJackThis.exe.lnk
[2010-02-15 21:47:31 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2010-02-15 18:19:55 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-02-15 17:52:00 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-02-14 20:15:47 | 000,000,287 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2010-02-14 10:26:45 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-02-12 14:01:04 | 000,000,456 | -H-- | M] () -- C:\Documents and Settings\Admin\Moje dokumenty\National.Treasure.Book.Of.Secrets.2007.m-720p.BluRay.x264-PCHelpOnline.pl.mkv.ini
[2010-02-11 21:01:09 | 000,000,632 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Ares.lnk
[2010-02-11 21:00:42 | 002,439,433 | ---- | M] () -- C:\Documents and Settings\Admin\Moje dokumenty\aresregular215_installer_(programs.pl).exe
[2010-02-11 20:16:05 | 000,000,383 | -H-- | M] () -- C:\Documents and Settings\Admin\Moje dokumenty\Title_01.avi.ini
[2010-02-11 18:28:03 | 000,000,427 | -H-- | M] () -- C:\Documents and Settings\Admin\Moje dokumenty\kod da vinci (lektor pl).avi.ini
[2010-02-11 17:57:26 | 000,000,300 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010-02-11 16:52:29 | 000,000,773 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\EVEREST Home Edition.lnk
[2010-02-07 15:43:08 | 003,186,159 | ---- | M] () -- C:\Documents and Settings\Admin\Moje dokumenty\PFCSetup(2).exe
[2010-02-07 15:42:57 | 003,186,159 | ---- | M] () -- C:\Documents and Settings\Admin\Moje dokumenty\PFCSetup.exe
[2010-02-07 14:53:06 | 000,006,100 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Deklaracje_podatkowe_2010-02-07.xml
[2010-02-07 14:41:16 | 000,000,695 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Pity 2009.lnk
[2010-02-07 14:27:26 | 009,355,865 | ---- | M] (Biuro Informatyki Stosowanej FORMAT ) -- C:\Documents and Settings\Admin\Moje dokumenty\instaluj_pity2009_101.exe
[2010-02-07 13:47:24 | 000,567,047 | ---- | M] () -- C:\Documents and Settings\Admin\Moje dokumenty\Sequoia_1.3.exe
[2010-02-07 12:01:41 | 000,131,688 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-02-06 10:57:10 | 000,001,735 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-02-04 14:02:23 | 000,026,712 | ---- | M] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-02-04 14:01:56 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Droppix Label Maker.lnk
[2010-02-04 14:01:36 | 000,001,780 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\LightScribe.lnk
[2010-02-04 13:54:48 | 031,266,152 | ---- | M] (Droppix ) -- C:\Documents and Settings\Admin\Moje dokumenty\SetupDxLabelMaker.exe
[2010-01-31 14:02:59 | 000,259,604 | -H-- | M] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-01-29 20:44:51 | 000,000,399 | -H-- | M] () -- C:\Documents and Settings\Admin\Moje dokumenty\upadek [lektor pl](3).avi.ini
[2010-01-29 19:22:25 | 000,000,431 | -H-- | M] () -- C:\Documents and Settings\Admin\Moje dokumenty\pianista - dramat wojenny,biograficzny-2002 r lektor pl.avi.ini
[2010-01-28 17:59:18 | 002,436,209 | ---- | M] () -- C:\Documents and Settings\Admin\Moje dokumenty\aresregular214_installer.exe
[2010-01-27 10:36:06 | 000,001,780 | ---- | M] () -- C:\Documents and Settings\Admin\Moje dokumenty\LightScribe.lnk
[2010-01-27 10:32:40 | 013,281,312 | ---- | M] (LightScribe ) -- C:\Documents and Settings\Admin\Moje dokumenty\LS_Update_1.18.10.2_(2).exe
[2010-01-25 08:29:54 | 000,000,391 | -H-- | M] () -- C:\Documents and Settings\Admin\Moje dokumenty\John.avi.ini
[2010-01-25 00:41:05 | 000,000,405 | -H-- | M] () -- C:\Documents and Settings\Admin\Moje dokumenty\blt-ir.avi.ini
[2010-01-22 17:31:01 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010-01-22 17:31:00 | 000,448,004 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-01-22 17:31:00 | 000,392,296 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-01-22 17:31:00 | 000,074,230 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-01-22 17:31:00 | 000,058,596 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-01-22 17:30:59 | 000,984,778 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-01-22 17:02:33 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-01-20 02:23:31 | 000,000,433 | -H-- | M] () -- C:\Documents and Settings\Admin\Moje dokumenty\Underworld Bunt Lykanów (2009) DVDRip PL.avi.ini
[1 C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\*.tmp files -> C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010-02-16 00:44:40 | 000,000,481 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Skrót do HiJackThis.exe.lnk
[2010-02-16 00:43:53 | 000,000,430 | -H-- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\Transformers_zemsta_Upadlych_Up-By-sk00ti.lektor.pl.rmvb.ini
[2010-02-16 00:43:53 | 000,000,427 | -H-- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\kod da vinci (lektor pl).avi.ini
[2010-02-16 00:43:53 | 000,000,383 | -H-- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\Title_01.avi.ini
[2010-02-16 00:43:30 | 000,000,469 | -H-- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\G_I_Joe_Czas_Kobry_-_G_I_Joe_The_Rise_Of_Cobra__CD1__2009_PL_DVDRip_XViD.rmvb.ini
[2010-02-16 00:43:30 | 000,000,459 | -H-- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\G_I_Joe_Czas_Kobry_-_G_I_Joe_The_Rise_Of_Cobra__CD2__2009_PL_DVDRip_XViD.rmvb.ini
[2010-02-16 00:43:30 | 000,000,456 | -H-- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\National.Treasure.Book.Of.Secrets.2007.m-720p.BluRay.x264-PCHelpOnline.pl.mkv.ini
[2010-02-16 00:43:30 | 000,000,447 | -H-- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\Avtar 2009 TS H264 AAC-SecretMyth (Kingdom-Release)-Team-TDK.mkv.ini
[2010-02-16 00:43:30 | 000,000,433 | -H-- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\Underworld Bunt Lykanów (2009) DVDRip PL.avi.ini
[2010-02-16 00:43:30 | 000,000,431 | -H-- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\pianista - dramat wojenny,biograficzny-2002 r lektor pl.avi.ini
[2010-02-16 00:43:30 | 000,000,405 | -H-- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\blt-ir.avi.ini
[2010-02-16 00:43:30 | 000,000,399 | -H-- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\upadek [lektor pl](3).avi.ini
[2010-02-16 00:43:30 | 000,000,391 | -H-- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\John.avi.ini
[2010-02-16 00:43:30 | 000,000,390 | -H-- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\lick_lick_big.wmv.ini
[2010-02-16 00:18:21 | 000,075,776 | ---- | C] () -- C:\WINDOWS\System32\WS2Fix.exe
[2010-02-16 00:18:21 | 000,051,200 | ---- | C] () -- C:\WINDOWS\System32\dumphive.exe
[2010-02-16 00:18:21 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\swsc.exe
[2010-02-12 04:36:02 | 002,439,433 | ---- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\aresregular215_installer_(programs.pl).exe
[2010-02-11 21:01:09 | 000,000,632 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Ares.lnk
[2010-02-07 21:15:36 | 003,186,159 | ---- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\PFCSetup.exe
[2010-02-07 21:15:36 | 003,186,159 | ---- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\PFCSetup(2).exe
[2010-02-07 21:15:36 | 000,567,047 | ---- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\Sequoia_1.3.exe
[2010-02-07 14:53:06 | 000,006,100 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Deklaracje_podatkowe_2010-02-07.xml
[2010-02-07 14:41:16 | 000,000,695 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Pity 2009.lnk
[2010-02-06 10:57:10 | 000,001,735 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk
[2010-02-04 14:01:56 | 000,000,817 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Droppix Label Maker.lnk
[2010-02-04 14:01:36 | 000,001,780 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\LightScribe.lnk
[2010-01-29 08:32:26 | 002,436,209 | ---- | C] () -- C:\Documents and Settings\Admin\Moje dokumenty\aresregular214_installer.exe
[2010-01-27 10:51:21 | 000,299,552 | ---- | C] () -- C:\WINDOWS\wmsysprx.prx
[2010-01-22 17:07:14 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2010-01-22 17:07:14 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2010-01-22 17:07:14 | 000,001,714 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2010-01-22 17:07:13 | 000,693,932 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2010-01-22 17:07:13 | 000,071,460 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2010-01-22 17:07:13 | 000,027,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2010-01-22 17:07:13 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2010-01-22 17:07:12 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2010-01-22 17:07:12 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2010-01-22 17:07:12 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2010-01-22 17:07:12 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2010-01-22 17:07:12 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2010-01-22 17:07:12 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2010-01-22 17:07:12 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2010-01-22 17:07:12 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2010-01-22 17:07:12 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2010-01-22 17:07:12 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2010-01-22 17:07:12 | 000,058,350 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2010-01-22 17:07:12 | 000,034,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2010-01-22 17:07:12 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2010-01-22 17:07:12 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2010-01-22 17:07:12 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2010-01-22 17:07:12 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2010-01-22 17:07:12 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2010-01-22 17:07:12 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2010-01-22 17:07:12 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2010-01-22 17:07:12 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2010-01-22 17:07:12 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2010-01-22 17:07:12 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2010-01-22 17:07:12 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2010-01-22 17:07:12 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2010-01-22 17:07:12 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2010-01-22 17:07:12 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2010-01-22 17:07:12 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2010-01-22 17:07:12 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2010-01-22 17:07:12 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2010-01-22 17:07:11 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2010-01-22 17:07:11 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2010-01-22 17:07:11 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2010-01-22 17:07:11 | 000,089,253 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2010-01-22 17:07:11 | 000,066,160 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2010-01-22 17:07:11 | 000,036,644 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2010-01-22 17:07:11 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2010-01-22 17:07:11 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2010-01-22 17:07:11 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2010-01-22 17:07:11 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2010-01-22 17:07:11 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2010-01-22 17:07:11 | 000,001,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2010-01-22 17:07:11 | 000,001,482 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2010-01-22 17:07:11 | 000,001,479 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2010-01-22 17:07:11 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2010-01-22 17:07:11 | 000,001,471 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2010-01-22 17:07:11 | 000,001,463 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2010-01-22 17:07:11 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2010-01-22 17:07:11 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2010-01-22 17:07:11 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2010-01-22 17:07:11 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2010-01-22 17:07:11 | 000,001,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2010-01-22 17:07:11 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2010-01-22 17:07:11 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2010-01-22 17:07:11 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2010-01-22 17:07:11 | 000,001,041 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2010-01-22 17:07:11 | 000,000,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2010-01-22 17:07:11 | 000,000,822 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2010-01-22 17:07:11 | 000,000,808 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2010-01-22 17:07:11 | 000,000,792 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2010-01-22 17:07:11 | 000,000,786 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2010-01-22 17:07:11 | 000,000,738 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2010-01-22 17:07:11 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2010-01-22 17:07:10 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2010-01-22 17:07:10 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2010-01-22 17:07:10 | 000,184,137 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2010-01-22 17:07:10 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2010-01-22 17:07:10 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2010-01-22 17:07:10 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2010-01-22 17:07:10 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2010-01-22 17:07:10 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2010-01-22 17:07:10 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2010-01-22 17:07:10 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2010-01-22 17:07:10 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2010-01-22 17:07:10 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2010-01-22 17:07:10 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2010-01-22 17:02:50 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010-01-22 17:02:50 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010-01-22 17:02:49 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2010-01-12 13:40:02 | 000,000,300 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010-01-06 11:57:05 | 000,000,039 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2010-01-05 18:16:35 | 000,076,407 | ---- | C] () -- C:\Documents and Settings\Admin\Dane aplikacji\Smiley.ico
[2009-12-22 22:28:35 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2009-12-21 14:16:06 | 000,063,488 | ---- | C] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-12-21 14:15:11 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-12-21 13:42:26 | 000,000,287 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2009-12-21 13:42:11 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll
[2009-12-21 13:41:58 | 000,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini
[2009-12-21 13:35:38 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\CMRMDRV3.DLL
[2004-01-05 23:50:40 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\ImxEx.dll
[2003-11-18 13:50:24 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2003-09-16 17:52:30 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2003-09-16 17:41:44 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2003-05-14 16:54:02 | 000,577,536 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2001-09-17 13:20:02 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 16 bytes -> C:\Documents and Settings\Admin\Moje dokumenty\Shareaza Downloads:Shareaza.GUID
< End of report >
munkk
munkk
Postujący
Postujący
 
Posty: 171
Dołączenie: 15 Maj 2008, 21:23
Miejscowość: Suwałki
Góra

Re: prosze o sprawdzenie

Postprzez mateo8898 » 16 Lut 2010, 11:51

PostUA: Mozilla/5.0 (Windows; U; Windows NT 5.1; pl; rv:1.9.2) Gecko/20100115 Firefox/3.6

Uruchom OTL -> w oknie Custom Scans/Fixes wklej:
:OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - No CLSID value found.

Klikasz Run Fix. Następnie:

W OTL kliknij CleanUp

Przeczyść dysk oraz rejestr CCleaner

Wyłącz i włącz przywracanie systemu na wszystkich dyskach -> Instrukcja

Wykonaj pełne skanowanie Malwarebytes' Anti-Malware - jeśli coś znajdzie usuń i daj raport
Awatar użytkownika
mateo8898
Moderator
Moderator
 
Posty: 15377
Dołączenie: 15 Maj 2009, 14:55
Pochwały: 966
Góra

Re: prosze o sprawdzenie

Postprzez munkk » 16 Lut 2010, 12:39

PostUA: Mozilla/5.0 (Windows; U; Windows NT 5.1; pl; rv:1.9.0.16) Gecko/2009120208 Firefox/3.0.16

po wklejenie i po jakieś tam operacji wyskoczył komunikat po angielsku wcisnołem oki następnie wcisnołem CleanUp i komp sie zresetował
munkk
munkk
Postujący
Postujący
 
Posty: 171
Dołączenie: 15 Maj 2008, 21:23
Miejscowość: Suwałki
Góra

Re: prosze o sprawdzenie

Postprzez mateo8898 » 16 Lut 2010, 12:44

PostUA: Mozilla/5.0 (Windows; U; Windows NT 5.1; pl; rv:1.9.2) Gecko/20100115 Firefox/3.6

No to dobrze. Przejdź do następnych kroków.
Awatar użytkownika
mateo8898
Moderator
Moderator
 
Posty: 15377
Dołączenie: 15 Maj 2009, 14:55
Pochwały: 966
Góra
Następna
Wyślij odpowiedź

Powróć do Bezpieczeństwo

Kto jest na forum

Zarejestrowani użytkownicy: Bing [Bot]

Switch to mobile style
Technologię dostarcza phpBB® Forum Software © phpBB Group
Profesjonalne polskie tłumaczenie phpBB3
Korzystanie z forum oznacza akceptację polityki prywatności
cron