Problem

Dla specjalistów Bezpieczeństwo
#1

OTL logfile created on: 2010-01-09 17:57:43 - Run 4

OTL by OldTimer - Version 3.1.22.0 Folder = C:\Documents and Settings\Dawid\Pulpit

Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 68,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 298,09 Gb Total Space | 266,94 Gb Free Space | 89,55% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: OPTIMUS-D4D172D

Current User Name: Dawid

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (All) ==========

PRC - [2010-01-09 17:49:37 | 00,543,232 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Dawid\Pulpit\OTL.exe

PRC - [2010-01-09 09:24:02 | 01,217,808 | ---- | M] (Valve Corporation) – C:\Program Files\Steam\Steam.exe

PRC - [2010-01-08 08:14:34 | 00,058,368 | -H-- | M] () – C:\Documents and Settings\Dawid\jygfs.exe

PRC - [2010-01-07 18:14:23 | 00,908,248 | ---- | M] (Mozilla Corporation) – C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2009-12-08 18:13:19 | 00,500,224 | ---- | M] () – C:\WINDOWS\diagnostic.exe

PRC - [2009-01-11 13:49:27 | 00,073,728 | ---- | M] () – C:\WINDOWS\system32\02nXyOB0.exe

PRC - [2008-12-24 21:03:03 | 00,173,670 | ---- | M] () – C:\WINDOWS\services.exe

PRC - [2008-04-15 13:00:00 | 02,716,672 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\explorer.exe

PRC - [2008-04-15 13:00:00 | 00,512,000 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\winlogon.exe

PRC - [2008-04-15 13:00:00 | 00,111,104 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\services.exe

PRC - [2008-04-15 13:00:00 | 00,058,880 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\spoolsv.exe

PRC - [2008-04-15 13:00:00 | 00,050,688 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\smss.exe

PRC - [2008-04-15 13:00:00 | 00,017,408 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [RPCSS]

PRC - [2008-04-15 13:00:00 | 00,017,408 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]

PRC - [2008-04-15 13:00:00 | 00,017,408 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [NETSVCS]

PRC - [2008-04-15 13:00:00 | 00,017,408 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]

PRC - [2008-04-15 13:00:00 | 00,017,408 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [imgSVC]

PRC - [2008-04-15 13:00:00 | 00,017,408 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [imgSVC]

PRC - [2008-04-15 13:00:00 | 00,017,408 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]

PRC - [2008-04-15 13:00:00 | 00,015,360 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ctfmon.exe

PRC - [2008-04-15 13:00:00 | 00,014,848 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\lsass.exe

PRC - [2008-04-15 13:00:00 | 00,006,144 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\csrss.exe

PRC - [2008-02-29 09:59:23 | 01,947,648 | ---- | M] (Microsoft Corporation) – C:\Program Files\Internet Explorer\IEXPLORE.EXE

PRC - [2007-09-20 09:35:36 | 00,118,336 | ---- | M] (Microsoft Corporation) – C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

PRC - [2006-11-29 09:55:56 | 00,009,728 | RHS- | M] () – C:\WINDOWS\system32\explorer.exe

========== Modules (All) ==========

MOD - [2010-01-09 17:49:37 | 00,543,232 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Dawid\Pulpit\OTL.exe

MOD - [2009-02-13 14:34:59 | 00,219,648 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\uxtheme.dll

MOD - [2008-04-15 13:00:00 | 29,171,712 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\shell32.dll

MOD - [2008-04-15 13:00:00 | 01,287,168 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ole32.dll

MOD - [2008-04-15 13:00:00 | 01,054,208 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll

MOD - [2008-04-15 13:00:00 | 01,018,368 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\kernel32.dll

MOD - [2008-04-15 13:00:00 | 00,997,888 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\setupapi.dll

MOD - [2008-04-15 13:00:00 | 00,714,240 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ntdll.dll

MOD - [2008-04-15 13:00:00 | 00,686,592 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\advapi32.dll

MOD - [2008-04-15 13:00:00 | 00,646,144 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\SHLWAPI.DLL

MOD - [2008-04-15 13:00:00 | 00,584,704 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\rpcrt4.dll

MOD - [2008-04-15 13:00:00 | 00,580,096 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\user32.dll

MOD - [2008-04-15 13:00:00 | 00,551,936 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\oleaut32.dll

MOD - [2008-04-15 13:00:00 | 00,343,040 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\msvcrt.dll

MOD - [2008-04-15 13:00:00 | 00,297,984 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\MSCTF.dll

MOD - [2008-04-15 13:00:00 | 00,285,184 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\gdi32.dll

MOD - [2008-04-15 13:00:00 | 00,177,152 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\MSCTFIME.IME

MOD - [2008-04-15 13:00:00 | 00,146,432 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\winspool.drv

MOD - [2008-04-15 13:00:00 | 00,110,080 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\imm32.dll

MOD - [2008-04-15 13:00:00 | 00,084,992 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\olepro32.dll

MOD - [2008-04-15 13:00:00 | 00,067,584 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\srclient.dll

MOD - [2008-04-15 13:00:00 | 00,056,320 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\secur32.dll

MOD - [2008-04-15 13:00:00 | 00,023,040 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\psapi.dll

MOD - [2008-04-15 13:00:00 | 00,018,944 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\version.dll

MOD - [2006-05-03 21:53:54 | 00,174,592 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\framedyn.dll

========== Win32 Services (SafeList) ==========

SRV - [2009-01-15 11:26:02 | 00,066,872 | ---- | M] () [Disabled | Stopped] – C:\WINDOWS\system32\PnkBstrA.exe – (PnkBstrA)

SRV - [2008-12-17 16:29:16 | 00,304,528 | ---- | M] (Protection Technology) [Auto | Stopped] – C:\WINDOWS\System32\appdrvrem01.exe – (appdrvrem01) Application Driver Auto Removal Service (01)

SRV - [2008-10-25 08:51:01 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) [Disabled | Stopped] – C:\Program Files\Java\jre6\bin\jqs.exe – (JavaQuickStarterService)

SRV - [2008-05-03 04:46:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] – C:\WINDOWS\system32\nvsvc32.exe – (NVSvc)

SRV - [2008-04-15 13:00:00 | 00,163,185 | RHS- | M] () [Auto | Stopped] – C:\WINDOWS\system32\wqpvjdad.dll – (ovsuexxo)

SRV - [2007-11-28 09:27:24 | 00,800,040 | ---- | M] (Nero AG) [Disabled | Stopped] – C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe – (NBService)

SRV - [2007-10-25 14:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Program Files\Windows Live\installer\WLSetupSvc.exe – (WLSetupSvc)

SRV - [2007-10-18 10:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Program Files\Windows Live\Messenger\usnsvc.exe – (usnjsvc)

SRV - [2007-06-27 17:04:00 | 00,279,848 | ---- | M] (Nero AG) [Disabled | Stopped] – C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe – (NMIndexingService)

SRV - [2003-07-28 19:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE – (ose)

========== Driver Services (SafeList) ==========

DRV - [2009-02-20 08:14:59 | 00,033,824 | ---- | M] () [Kernel | System | Running] – C:\WINDOWS\system32\drivers\oreans32.sys – (oreans32)

DRV - [2008-12-17 16:29:17 | 02,915,944 | ---- | M] (Protection Technology) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\appdrv01.sys – (appdrv01) Application Driver (01)

DRV - [2008-12-10 15:38:08 | 00,717,296 | ---- | M] () [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\sptd.sys – (sptd)

DRV - [2008-09-14 18:59:52 | 00,020,747 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] – C:\WINDOWS\system32\drivers\AegisP.sys – (AegisP) AEGIS Protocol (IEEE 802.1x)

DRV - [2008-05-27 18:03:51 | 00,004,716 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] – C:\WINDOWS\gdrv.sys – (gdrv)

DRV - [2008-05-03 04:46:00 | 06,554,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\nv4_mini.sys – (nv)

DRV - [2008-04-15 13:00:00 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\hdaudbus.sys – (HDAudBus)

DRV - [2008-04-15 13:00:00 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\secdrv.sys – (Secdrv)

DRV - [2008-04-15 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ptilink.sys – (Ptilink)

DRV - [2007-10-12 09:33:06 | 04,609,024 | R— | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\RtkHDAud.sys – (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2007-08-07 10:40:38 | 00,098,944 | R— | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\Rtenicxp.sys – (RTLE8023xp)

DRV - [2007-07-16 02:00:14 | 00,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Running] – C:\WINDOWS\system32\drivers\Dgivecp.Sys – (DgiVecp)

DRV - [2007-03-08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\PxHelp20.sys – (PxHelp20)

DRV - [2006-07-24 15:05:00 | 00,005,632 | ---- | M] () [File_System | System | Running] – C:\WINDOWS\system32\drivers\StarOpen.sys – (StarOpen)

DRV - [2005-08-30 16:59:00 | 00,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\ss_mdm.sys – (ss_mdm)

DRV - [2005-08-30 16:58:56 | 00,008,304 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\ss_mdfl.sys – (ss_mdfl)

DRV - [2005-08-30 16:57:18 | 00,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\ss_bus.sys – (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)

DRV - [2005-07-01 11:22:00 | 00,339,072 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\rt61.sys – (RT61)

DRV - [2003-09-06 14:37:22 | 00,062,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\prohlp02.sys – (prohlp02)

DRV - [2003-09-06 13:27:06 | 00,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\sfhlp01.sys – (sfhlp01)

DRV - [2003-09-06 13:25:52 | 00,051,744 | ---- | M] (Protection Technology) [Kernel | System | Running] – C:\WINDOWS\System32\drivers\prodrv06.sys – (prodrv06)

DRV - [2003-09-06 13:22:08 | 00,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\prosync1.sys – (prosync1)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM…\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.speedbit.com/

IE - HKCU…\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

========== FireFox ==========

FF - prefs.js…browser.search.defaultenginename: “Winamp Search”

FF - prefs.js…browser.search.defaulturl: “http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=

FF - prefs.js…browser.search.selectedEngine: “Winamp Search”

FF - prefs.js…browser.search.useDBForOrder: true

FF - prefs.js…browser.startup.homepage: “http://google.pl/

FF - prefs.js…extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:3.9.3

FF - prefs.js…extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.11.2

FF - prefs.js…extensions.enabledItems: nasanightlaunch@example.com:0.6.20091031

FF - prefs.js…keyword.URL: “http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=

FF - prefs.js…network.proxy.type: 2

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\Components: C:\Program Files\Mozilla Firefox\components [2010-01-08 17:00:36 | 00,000,000 | —D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-01-07 18:14:29 | 00,000,000 | —D | M]

[2009-02-13 15:01:19 | 00,000,000 | —D | M] – C:\Documents and Settings\Dawid\Dane aplikacji\Mozilla\Extensions

[2010-01-09 15:32:43 | 00,000,000 | —D | M] – C:\Documents and Settings\Dawid\Dane aplikacji\Mozilla\Firefox\Profiles\leo8ok0u.default\extensions

[2009-08-07 19:02:22 | 00,000,000 | —D | M] (No name found) – C:\Documents and Settings\Dawid\Dane aplikacji\Mozilla\Firefox\Profiles\leo8ok0u.default\extensions{0545b830-f0aa-4d7e-8820-50a4629a56fe}

[2009-09-11 09:05:33 | 00,000,000 | —D | M] (Winamp Toolbar) – C:\Documents and Settings\Dawid\Dane aplikacji\Mozilla\Firefox\Profiles\leo8ok0u.default\extensions{0b38152b-1b20-484d-a11f-5e04a9b0661f}

[2009-11-11 21:20:46 | 00,000,000 | —D | M] – C:\Documents and Settings\Dawid\Dane aplikacji\Mozilla\Firefox\Profiles\leo8ok0u.default\extensions\nasanightlaunch@example.com

[2009-09-11 09:05:46 | 00,001,201 | ---- | M] () – C:\Documents and Settings\Dawid\Dane aplikacji\Mozilla\Firefox\Profiles\leo8ok0u.default\searchplugins\winamp-search.xml

[2009-07-05 19:02:14 | 00,000,000 | —D | M] – C:\Program Files\Mozilla Firefox\extensions

[2009-10-30 11:49:25 | 00,002,767 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml

[2009-10-30 11:49:25 | 00,001,406 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml

[2009-10-30 11:49:25 | 00,000,917 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml

[2009-10-30 11:49:25 | 00,000,858 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml

[2009-10-30 11:49:25 | 00,001,183 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml

[2009-10-30 11:49:25 | 00,001,683 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()

O2 - BHO: (Mirar) - {1FECA34D-3ECF-47F1-9C09-CB5BF8C1EC9B} - C:\WINDOWS\system32\winob77.dll ()

O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

O2 - BHO: (My Global Search Bar BHO) - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.

O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O3 - HKLM…\Toolbar: (Mirar) - {1FECA34C-3ECF-47F1-9C09-CB5BF8C1EC9B} - C:\WINDOWS\system32\winob77.dll ()

O3 - HKLM…\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKLM…\Toolbar: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)

O3 - HKLM…\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)

O3 - HKLM…\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

O3 - HKCU…\Toolbar\WebBrowser: (Mirar) - {1FECA34C-3ECF-47F1-9C09-CB5BF8C1EC9B} - C:\WINDOWS\system32\winob77.dll ()

O3 - HKCU…\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKCU…\Toolbar\WebBrowser: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)

O3 - HKCU…\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)

O3 - HKCU…\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

O4 - HKLM…\Run: [barsaka] C:\WINDOWS\System32\explorer.exe ()

O4 - HKLM…\Run: [Diagnostic] C:\WINDOWS\diagnostic.exe ()

O4 - HKLM…\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.)

O4 - HKLM…\Run: [KernelFaultCheck] File not found

O4 - HKLM…\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)

O4 - HKLM…\Run: [PPort10reminder] C:\Program Files\ScanSoft\PaperPort\EREG\Ereg.exe (ScanSoft, Inc.)

O4 - HKLM…\Run: [sSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.)

O4 - HKLM…\Run: [sXe Injected] C:\Program Files\sXe Injected\sXe Injected.exe File not found

O4 - HKLM…\Run: [unlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe File not found

O4 - HKLM…\Run: [vigi] C:\WINDOWS\System32\vigi.exe ()

O4 - HKLM…\Run: [Windows] C:\WINDOWS\services.exe ()

O4 - HKCU…\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)

O4 - HKCU…\Run: [iPLA!] C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.)

O4 - HKCU…\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe File not found

O4 - HKCU…\Run: [steam] c:\program files\steam\steam.exe (Valve Corporation)

O4 - Startup: C:\Documents and Settings\Dawid\Menu Start\Programy\Autostart\lsass.exe ()

O4 - Startup: C:\Documents and Settings\Dawid\Menu Start\Programy\Autostart\rncsys32.exe (Rvsjtej Hucfegefzom)

O4 - Startup: C:\Documents and Settings\Dawid\Menu Start\Programy\Autostart\Skrót do pcwDreamScreen.lnk = C:\Program Files\pcwDreamScreen\pcwDreamScreen.vbs ()

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()

O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)

O9 - Extra Button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra ‘Tools’ menuitem : &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc … tor/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_10)

O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_10)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_10)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s … wflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.8.1 194.204.152.34

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\System32\explorer.exe ()

O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\Dawid\jygfs.exe \s explorer.exe) - C:\Documents and Settings\Dawid\jygfs.exe \s explorer.exe File not found

O21 - SSODL: LtBcdMgju - {8CADBD4C-2607-17E6-5887-E0588FECE178} - C:\WINDOWS\system32\hm.dll ()

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2008-05-27 17:55:02 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT – [NTFS]

O33 - MountPoints2{5697c7ba-b8ac-11dd-ab19-000ee8e1ef17}\Shell\AutoRun\command - “” = E:\fooool.exe – File not found

O33 - MountPoints2{5697c7ba-b8ac-11dd-ab19-000ee8e1ef17}\Shell\explore\Command - “” = E:\fooool.exe – File not found

O33 - MountPoints2{5697c7ba-b8ac-11dd-ab19-000ee8e1ef17}\Shell\open\Command - “” = E:\fooool.exe – File not found

O33 - MountPoints2{a18d4ac4-37b9-11de-af49-000ee8e1ef17}\Shell\AutoRun\command - “” = G:\fooool.exe – File not found

O33 - MountPoints2{a18d4ac4-37b9-11de-af49-000ee8e1ef17}\Shell\explore\Command - “” = G:\fooool.exe – File not found

O33 - MountPoints2{a18d4ac4-37b9-11de-af49-000ee8e1ef17}\Shell\open\Command - “” = G:\fooool.exe – File not found

O33 - MountPoints2{bc4561d2-8332-11dd-a953-000ee8e1ef17}\Shell\AutoRun\command - “” = H:\fooool.exe – File not found

O33 - MountPoints2{bc4561d2-8332-11dd-a953-000ee8e1ef17}\Shell\explore\Command - “” = H:\fooool.exe – File not found

O33 - MountPoints2{bc4561d2-8332-11dd-a953-000ee8e1ef17}\Shell\open\Command - “” = H:\fooool.exe – File not found

O33 - MountPoints2{d576f6ca-ff83-11dd-ad77-000ee8e1ef17}\Shell\AutoRun\command - “” = G:\fooool.exe – File not found

O33 - MountPoints2{d576f6ca-ff83-11dd-ad77-000ee8e1ef17}\Shell\explore\Command - “” = G:\fooool.exe – File not found

O33 - MountPoints2{d576f6ca-ff83-11dd-ad77-000ee8e1ef17}\Shell\open\Command - “” = G:\fooool.exe – File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - comfile [open] – “%1” %*

O35 - exefile [open] – “%1” %*

NetSvcs: 6to4 - File not found

NetSvcs: Ias - C:\WINDOWS\system32\ias [2008-05-27 10:41:07 | 00,000,000 | —D | M]

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)

NetSvcs: WmdmPmSp - File not found

NetSvcs: ovsuexxo - C:\WINDOWS\system32\wqpvjdad.dll ()

MsConfig - Services: “JavaQuickStarterService”

MsConfig - Services: “AresChatServer”

MsConfig - Services: “WLSetupSvc”

MsConfig - Services: “usnjsvc”

MsConfig - Services: “PnkBstrA”

MsConfig - Services: “NVSvc”

MsConfig - Services: “NMIndexingService”

MsConfig - Services: “NBService”

MsConfig - Services: “idsvc”

MsConfig - Services: “cFosSpeedS”

MsConfig - Services: “appdrvrem01”

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Ralink Wireless Utility.lnk - C:\WINDOWS\RaUI.exe - (Ralink Technology, Corp.)

MsConfig - StartUpReg: Alcmtr - hkey= - key= - C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

MsConfig - StartUpReg: BearShare - hkey= - key= - C:\Program Files\BearShare\BearShare.exe (Free Peers, Inc.)

MsConfig - StartUpReg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - hkey= - key= - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)

MsConfig - StartUpReg: cFosSpeed - hkey= - key= - C:\Program Files\cFosSpeed\cFosSpeed.exe File not found

MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)

MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)

MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found

MsConfig - StartUpReg: NvMediaCenter - hkey= - key= - File not found

MsConfig - StartUpReg: nwiz - hkey= - key= - File not found

MsConfig - StartUpReg: RGSC - hkey= - key= - C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe File not found

MsConfig - StartUpReg: RTHDCPL - hkey= - key= - C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)

MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe File not found

MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe ()

MsConfig - State: “system.ini” - 0

MsConfig - State: “win.ini” - 0

MsConfig - State: “bootini” - 0

MsConfig - State: “services” - 2

MsConfig - State: “startup” - 2

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vga.sys - Driver

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vga.sys - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

========== Files/Folders - Created Within 30 Days ==========

[2010-01-09 17:50:27 | 00,000,000 | —D | C] – C:_OTL

[2010-01-09 17:49:17 | 00,543,232 | ---- | C] (OldTimer Tools) – C:\Documents and Settings\Dawid\Pulpit\OTL.exe

[2010-01-09 17:48:41 | 00,812,344 | ---- | C] (Trend Micro Inc.) – C:\Documents and Settings\Dawid\Pulpit\HJTInstall.exe

[2010-01-09 16:50:04 | 00,000,000 | —D | C] – C:\Program Files\Trend Micro

[2010-01-09 09:11:24 | 00,000,000 | —D | C] – C:\Program Files\Steam

[2010-01-03 19:01:49 | 00,000,000 | —D | C] – C:\Documents and Settings\Dawid\Pulpit\miki

[2010-01-02 20:12:23 | 00,000,000 | —D | C] – C:\Documents and Settings\Dawid\Pulpit\Bombsite B spray

[2009-12-28 20:14:00 | 00,000,000 | —D | C] – C:\Documents and Settings\Dawid\Moje dokumenty\Moje opisy

[2009-12-25 12:30:15 | 00,000,000 | —D | C] – C:\Program Files\HyCam2

[2009-12-24 17:25:04 | 00,000,000 | —D | C] – C:\Documents and Settings\Dawid\Pulpit\Rychu Peja SoluFka - Styl Życia Gnoja [2oo8]

[2009-12-23 19:36:26 | 00,000,000 | —D | C] – C:\vcs5BGEffects

[2009-12-23 19:35:37 | 00,000,000 | —D | C] – C:\Program Files\AV Vcs 6.0 DIAMOND

[2009-12-22 22:02:37 | 00,000,000 | —D | C] – C:\Documents and Settings\Dawid\Pulpit\films by adX

[2009-12-22 15:52:18 | 00,000,000 | —D | C] – C:\Documents and Settings\Dawid\Pulpit\muza

[2009-12-17 20:48:58 | 00,000,000 | —D | C] – C:\games

[2009-12-11 16:27:56 | 00,000,000 | —D | C] – C:\dell

[2009-12-11 08:40:35 | 00,000,000 | —D | C] – C:\Documents and Settings\Dawid\Moje dokumenty\Odebrane pliki

[2009-12-10 19:53:25 | 00,000,000 | —D | C] – C:\Documents and Settings\Dawid\Pulpit\ss

[2009-12-10 19:44:11 | 00,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\VideoMach

[2009-12-10 19:44:06 | 00,000,000 | —D | C] – C:\Program Files\VideoMach

[2009-12-10 19:27:23 | 00,000,000 | —D | C] – C:\Documents and Settings\Dawid\Moje dokumenty\Camtasia Studio

[2009-02-17 21:44:35 | 00,000,000 | —D | M] – C:\Documents and Settings\NetworkService\Dane aplikacji\Adobe

[2009-01-11 17:00:33 | 00,000,000 | —D | M] – C:\Documents and Settings\NetworkService\Dane aplikacji\Macromedia

[2009-01-11 14:00:37 | 00,000,000 | --SD | M] – C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft

[2008-05-27 17:57:42 | 00,000,000 | —D | M] – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft

[2008-05-27 17:57:16 | 00,000,000 | —D | M] – C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft

[2008-05-27 17:55:00 | 00,000,000 | --SD | M] – C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft

[3 C:\WINDOWS*.tmp files -> C:\WINDOWS*.tmp ->]

[1 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->]

========== Files - Modified Within 30 Days ==========

[2010-01-09 17:49:37 | 00,543,232 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Dawid\Pulpit\OTL.exe

[2010-01-09 17:48:49 | 00,001,734 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\HijackThis.lnk

[2010-01-09 17:48:42 | 00,812,344 | ---- | M] (Trend Micro Inc.) – C:\Documents and Settings\Dawid\Pulpit\HJTInstall.exe

[2010-01-09 17:13:55 | 11,796,480 | -H-- | M] () – C:\Documents and Settings\Dawid\NTUSER.DAT

[2010-01-09 17:04:00 | 00,000,258 | ---- | M] () – C:\WINDOWS\tasks\Sprawdź aktualizacje paska narzędzi Windows Live Toolbar.job

[2010-01-09 17:03:57 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At18.job

[2010-01-09 16:59:09 | 00,000,268 | -H-- | M] () – C:\sqmdata06.sqm

[2010-01-09 16:59:09 | 00,000,244 | -H-- | M] () – C:\sqmnoopt06.sqm

[2010-01-09 16:58:06 | 00,000,006 | -H-- | M] () – C:\WINDOWS\tasks\SA.DAT

[2010-01-09 16:58:05 | 00,002,048 | --S- | M] () – C:\WINDOWS\bootstat.dat

[2010-01-09 16:57:33 | 00,000,188 | -HS- | M] () – C:\Documents and Settings\Dawid\ntuser.ini

[2010-01-09 16:42:10 | 00,002,207 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\Steam.lnk

[2010-01-09 16:00:20 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At17.job

[2010-01-09 15:24:09 | 00,000,069 | ---- | M] () – C:\WINDOWS\NeroDigital.ini

[2010-01-09 15:24:07 | 00,067,072 | ---- | M] () – C:\Documents and Settings\Dawid\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010-01-09 15:03:58 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At16.job

[2010-01-09 14:30:37 | 00,000,268 | -H-- | M] () – C:\sqmdata05.sqm

[2010-01-09 14:30:37 | 00,000,244 | -H-- | M] () – C:\sqmnoopt05.sqm

[2010-01-09 13:00:20 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At14.job

[2010-01-09 12:18:06 | 00,000,020 | -H-- | M] () – C:\Documents and Settings\Dawid\Pulpit\STATUS.bmp.sha

[2010-01-09 12:00:20 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At13.job

[2010-01-09 11:00:20 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At12.job

[2010-01-09 10:03:57 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At11.job

[2010-01-09 09:30:34 | 00,001,614 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\Counter-Strike.lnk

[2010-01-09 09:06:22 | 00,000,268 | -H-- | M] () – C:\sqmdata04.sqm

[2010-01-09 09:06:22 | 00,000,244 | -H-- | M] () – C:\sqmnoopt04.sqm

[2010-01-09 05:03:57 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At6.job

[2010-01-09 04:57:20 | 00,000,268 | -H-- | M] () – C:\sqmdata03.sqm

[2010-01-09 04:57:20 | 00,000,244 | -H-- | M] () – C:\sqmnoopt03.sqm

[2010-01-08 21:20:04 | 02,917,056 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\spar2.gz

[2010-01-08 21:20:04 | 02,695,965 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\spar.gz

[2010-01-08 21:03:57 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At22.job

[2010-01-08 20:39:16 | 00,000,268 | -H-- | M] () – C:\sqmdata02.sqm

[2010-01-08 20:39:16 | 00,000,244 | -H-- | M] () – C:\sqmnoopt02.sqm

[2010-01-08 20:00:41 | 00,000,268 | -H-- | M] () – C:\sqmdata01.sqm

[2010-01-08 20:00:41 | 00,000,244 | -H-- | M] () – C:\sqmnoopt01.sqm

[2010-01-08 19:30:47 | 00,001,138 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\muzyjka.rtf

[2010-01-08 19:00:20 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At20.job

[2010-01-08 18:23:22 | 02,488,778 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\a2ww2h.gif

[2010-01-08 18:03:56 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At19.job

[2010-01-08 17:59:59 | 00,000,408 | ---- | M] () – C:\WINDOWS\tasks\Norton Security Scan for Dawid.job

[2010-01-08 15:46:51 | 00,000,268 | -H-- | M] () – C:\sqmdata00.sqm

[2010-01-08 15:46:51 | 00,000,244 | -H-- | M] () – C:\sqmnoopt00.sqm

[2010-01-08 14:49:21 | 06,919,858 | -H-- | M] () – C:\Documents and Settings\Dawid\Ustawienia lokalne\Dane aplikacji\IconCache.db

[2010-01-08 14:03:57 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At15.job

[2010-01-08 13:41:07 | 00,000,268 | -H-- | M] () – C:\sqmdata19.sqm

[2010-01-08 13:41:07 | 00,000,244 | -H-- | M] () – C:\sqmnoopt19.sqm

[2010-01-08 08:15:42 | 00,035,328 | ---- | M] () – C:\WINDOWS\System32\629712.exe

[2010-01-08 08:14:34 | 00,058,368 | -H-- | M] () – C:\Documents and Settings\Dawid\jygfs.exe

[2010-01-08 08:14:34 | 00,058,368 | ---- | M] () – C:\WINDOWS\System32\vigi.exe

[2010-01-08 08:13:46 | 00,000,268 | -H-- | M] () – C:\sqmdata18.sqm

[2010-01-08 08:13:46 | 00,000,244 | -H-- | M] () – C:\sqmnoopt18.sqm

[2010-01-07 20:00:20 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At21.job

[2010-01-07 18:13:56 | 00,000,268 | -H-- | M] () – C:\sqmdata17.sqm

[2010-01-07 18:13:56 | 00,000,244 | -H-- | M] () – C:\sqmnoopt17.sqm

[2010-01-07 16:47:06 | 00,000,268 | -H-- | M] () – C:\sqmdata16.sqm

[2010-01-07 16:47:06 | 00,000,244 | -H-- | M] () – C:\sqmnoopt16.sqm

[2010-01-07 09:00:42 | 00,000,268 | -H-- | M] () – C:\sqmdata15.sqm

[2010-01-07 09:00:42 | 00,000,244 | -H-- | M] () – C:\sqmnoopt15.sqm

[2010-01-06 19:43:55 | 00,000,268 | -H-- | M] () – C:\sqmdata14.sqm

[2010-01-06 19:43:54 | 00,000,244 | -H-- | M] () – C:\sqmnoopt14.sqm

[2010-01-06 14:28:06 | 00,001,044 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\esles.jpg

[2010-01-06 12:33:29 | 00,000,268 | -H-- | M] () – C:\sqmdata13.sqm

[2010-01-06 12:33:29 | 00,000,244 | -H-- | M] () – C:\sqmnoopt13.sqm

[2010-01-05 19:19:39 | 00,000,268 | -H-- | M] () – C:\sqmdata12.sqm

[2010-01-05 19:19:38 | 00,000,244 | -H-- | M] () – C:\sqmnoopt12.sqm

[2010-01-05 17:50:33 | 00,000,268 | -H-- | M] () – C:\sqmdata11.sqm

[2010-01-05 17:50:33 | 00,000,244 | -H-- | M] () – C:\sqmnoopt11.sqm

[2010-01-05 14:22:34 | 00,000,268 | -H-- | M] () – C:\sqmdata10.sqm

[2010-01-05 14:22:34 | 00,000,244 | -H-- | M] () – C:\sqmnoopt10.sqm

[2010-01-04 20:44:06 | 00,000,268 | -H-- | M] () – C:\sqmdata09.sqm

[2010-01-04 20:44:06 | 00,000,244 | -H-- | M] () – C:\sqmnoopt09.sqm

[2010-01-04 18:03:46 | 00,000,268 | -H-- | M] () – C:\sqmdata08.sqm

[2010-01-04 18:03:45 | 00,000,244 | -H-- | M] () – C:\sqmnoopt08.sqm

[2010-01-04 16:26:25 | 00,199,680 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\miki film.MSWMM

[2010-01-04 14:28:51 | 00,000,268 | -H-- | M] () – C:\sqmdata07.sqm

[2010-01-04 14:28:51 | 00,000,244 | -H-- | M] () – C:\sqmnoopt07.sqm

[2010-01-03 23:03:56 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At24.job

[2010-01-03 12:52:24 | 00,000,754 | ---- | M] () – C:\WINDOWS\WORDPAD.INI

[2010-01-02 18:26:07 | 00,000,151 | ---- | M] () – C:\WINDOWS\PhotoSnapViewer.INI

[2010-01-02 18:17:51 | 02,103,246 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\steam.bmp

[2010-01-02 14:56:36 | 03,050,716 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\three days grace - time of dying.mp3

[2010-01-02 14:55:48 | 01,060,393 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\decyfer down - fading.mp3

[2010-01-02 09:03:57 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At10.job

[2010-01-01 22:00:20 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At23.job

[2010-01-01 01:00:20 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At2.job

[2010-01-01 00:51:20 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At1.job

[2009-12-31 12:18:40 | 00,710,336 | ---- | M] () – C:\Documents and Settings\Dawid\Moje dokumenty\clip0011.avi

[2009-12-31 12:17:10 | 27,027,444 | ---- | M] () – C:\Documents and Settings\Dawid\Moje dokumenty\clip0010.avi

[2009-12-30 19:34:53 | 01,440,054 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\lolz.bmp

[2009-12-29 19:28:38 | 03,311,940 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\firma - to dla was ft. hemp gru.mp3

[2009-12-28 15:08:58 | 00,142,336 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\bug by adX.MSWMM

[2009-12-28 10:55:57 | 00,182,038 | ---- | M] () – C:\WINDOWS\System32\nvapps.xml

[2009-12-28 09:46:34 | 00,299,008 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\bh by adX.MSWMM

[2009-12-27 20:50:37 | 00,000,370 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\o.s.t.r - abc.mp3

[2009-12-26 08:00:20 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At9.job

[2009-12-26 07:03:56 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At8.job

[2009-12-25 01:04:00 | 00,000,653 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\Gadu-Gadu.lnk

[2009-12-24 17:45:51 | 03,964,791 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\peja - staszica story czworkaopularn%19.mp3

[2009-12-23 19:36:21 | 00,000,912 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\Voice Changer 6.0 Diamond.lnk

[2009-12-23 06:00:20 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At7.job

[2009-12-20 10:12:16 | 00,000,665 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\Teamspeak 2 RC2.lnk

[2009-12-15 17:17:01 | 00,035,328 | ---- | M] () – C:\WINDOWS\System32\93455.exe

[2009-12-14 20:20:29 | 00,034,304 | -H-- | M] () – C:\Documents and Settings\Dawid\wshibsd.exe

[2009-12-10 19:44:08 | 00,000,694 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\VideoMach.lnk

[2009-12-10 19:34:35 | 00,000,030 | ---- | M] () – C:\WINDOWS\TextSpy.ini

[3 C:\WINDOWS*.tmp files -> C:\WINDOWS*.tmp ->]

[1 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->]

========== Files Created - No Company Name ==========

[2010-01-09 17:48:49 | 00,001,734 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\HijackThis.lnk

[2010-01-09 12:18:06 | 00,000,020 | -H-- | C] () – C:\Documents and Settings\Dawid\Pulpit\STATUS.bmp.sha

[2010-01-09 10:47:41 | 02,917,056 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\spar2.gz

[2010-01-09 10:47:41 | 02,695,965 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\spar.gz

[2010-01-09 09:30:34 | 00,001,614 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\Counter-Strike.lnk

[2010-01-09 09:23:44 | 00,002,207 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\Steam.lnk

[2010-01-08 18:23:21 | 02,488,778 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\a2ww2h.gif

[2010-01-08 08:15:42 | 00,035,328 | ---- | C] () – C:\WINDOWS\System32\629712.exe

[2010-01-08 08:14:40 | 00,058,368 | -H-- | C] () – C:\Documents and Settings\Dawid\jygfs.exe

[2010-01-08 08:14:40 | 00,058,368 | ---- | C] () – C:\WINDOWS\System32\vigi.exe

[2010-01-06 14:17:41 | 00,001,044 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\esles.jpg

[2010-01-04 16:21:07 | 00,199,680 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\miki film.MSWMM

[2010-01-02 18:17:50 | 02,103,246 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\steam.bmp

[2010-01-02 14:54:52 | 01,060,393 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\decyfer down - fading.mp3

[2010-01-02 14:54:02 | 03,050,716 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\three days grace - time of dying.mp3

[2009-12-31 12:17:14 | 00,710,336 | ---- | C] () – C:\Documents and Settings\Dawid\Moje dokumenty\clip0011.avi

[2009-12-31 12:15:52 | 27,027,444 | ---- | C] () – C:\Documents and Settings\Dawid\Moje dokumenty\clip0010.avi

[2009-12-30 19:34:53 | 01,440,054 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\lolz.bmp

[2009-12-29 19:25:52 | 03,311,940 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\firma - to dla was ft. hemp gru.mp3

[2009-12-28 15:08:57 | 00,142,336 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\bug by adX.MSWMM

[2009-12-25 01:04:00 | 00,000,653 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\Gadu-Gadu.lnk

[2009-12-24 17:42:35 | 03,964,791 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\peja - staszica story czworkaopularn%19.mp3

[2009-12-23 19:36:21 | 00,000,912 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\Voice Changer 6.0 Diamond.lnk

[2009-12-21 21:25:14 | 03,826,448 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\04. dixon 37 - co nas ksztaltuje.mp31254311784_[mp3.teledyski.info].mp3

[2009-12-21 14:53:29 | 00,299,008 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\bh by adX.MSWMM

[2009-12-20 10:12:16 | 00,000,665 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\Teamspeak 2 RC2.lnk

[2009-12-19 20:21:35 | 00,000,370 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\o.s.t.r - abc.mp3

[2009-12-15 17:17:01 | 00,035,328 | ---- | C] () – C:\WINDOWS\System32\93455.exe

[2009-12-14 20:20:35 | 00,034,304 | -H-- | C] () – C:\Documents and Settings\Dawid\wshibsd.exe

[2009-12-13 17:37:44 | 00,001,138 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\muzyjka.rtf

[2009-12-10 19:44:08 | 00,000,694 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\VideoMach.lnk

[2009-11-11 18:43:43 | 00,046,653 | ---- | C] () – C:\Program Files\haker.jpg

[2009-09-24 18:41:55 | 00,000,115 | ---- | C] () – C:\WINDOWS\SOFTPEG.INI

[2009-07-09 11:12:52 | 00,099,456 | ---- | C] () – C:\WINDOWS\System32\drivers\177b6cd4.sys

[2009-07-09 11:12:38 | 00,000,008 | ---- | C] () – C:\Documents and Settings\Dawid\Dane aplikacji\wiaserva.log

[2009-06-19 19:19:45 | 00,000,030 | ---- | C] () – C:\WINDOWS\TextSpy.ini

[2009-06-03 08:35:13 | 00,000,047 | ---- | C] () – C:\WINDOWS\WININIT.INI

[2009-05-01 18:54:11 | 00,000,067 | ---- | C] () – C:\WINDOWS#1 Video Converter.INI

[2009-04-28 19:20:46 | 00,000,754 | ---- | C] () – C:\WINDOWS\WORDPAD.INI

[2009-04-03 20:43:50 | 00,401,408 | ---- | C] () – C:\WINDOWS\System32\winob77.dll

[2009-03-03 20:07:28 | 00,354,816 | ---- | C] () – C:\WINDOWS\System32\psisdecd.dll

[2009-02-20 08:14:59 | 00,033,824 | ---- | C] () – C:\WINDOWS\System32\drivers\oreans32.sys

[2009-02-02 17:30:46 | 00,000,033 | ---- | C] () – C:\WINDOWS\BiMonitor.ini

[2009-02-02 17:30:43 | 00,028,787 | ---- | C] () – C:\WINDOWS\maxlink.ini

[2009-02-02 17:26:19 | 00,022,723 | ---- | C] () – C:\WINDOWS\System32\xrxe1l3.dll

[2009-02-02 17:20:07 | 00,094,208 | ---- | C] () – C:\WINDOWS\System32\WIAIPH.dll

[2009-02-02 17:20:07 | 00,086,016 | ---- | C] () – C:\WINDOWS\System32\WIAEH.dll

[2009-02-02 17:20:07 | 00,057,344 | ---- | C] () – C:\WINDOWS\System32\Sswiadrv.dll

[2009-02-02 17:20:07 | 00,053,248 | ---- | C] () – C:\WINDOWS\System32\WIASTIIO.dll

[2009-01-11 13:49:26 | 00,118,276 | ---- | C] () – C:\WINDOWS\System32\msxml71.dll

[2009-01-10 14:13:29 | 00,053,248 | ---- | C] () – C:\WINDOWS\System32\unrar.dll

[2008-12-25 14:36:05 | 00,182,272 | ---- | C] () – C:\WINDOWS\patchw32.dll

[2008-12-10 16:14:32 | 00,313,584 | ---- | C] () – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat

[2008-12-10 15:38:07 | 00,717,296 | ---- | C] () – C:\WINDOWS\System32\drivers\sptd.sys

[2008-10-22 05:29:06 | 00,173,550 | ---- | C] () – C:\WINDOWS\System32\xlive.dll.cat

[2008-10-03 15:01:51 | 00,000,069 | ---- | C] () – C:\WINDOWS\NeroDigital.ini

[2008-10-03 08:40:37 | 00,000,151 | ---- | C] () – C:\WINDOWS\PhotoSnapViewer.INI

[2008-09-15 15:29:04 | 03,663,208 | ---- | C] () – C:\Program Files\BSINSTALLPL.exe

[2008-09-15 13:55:30 | 00,067,072 | ---- | C] () – C:\Documents and Settings\Dawid\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008-09-15 13:38:05 | 00,000,000 | ---- | C] () – C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt

[2008-09-15 13:35:49 | 00,005,632 | ---- | C] () – C:\WINDOWS\System32\drivers\StarOpen.sys

[2008-09-14 20:19:12 | 00,022,328 | ---- | C] () – C:\WINDOWS\System32\drivers\PnkBstrK.sys

[2008-09-14 20:19:12 | 00,022,328 | ---- | C] () – C:\Documents and Settings\Dawid\Dane aplikacji\PnkBstrK.sys

[2008-09-14 20:18:34 | 00,000,319 | ---- | C] () – C:\WINDOWS\game.ini

[2008-09-14 18:59:58 | 00,081,920 | ---- | C] () – C:\WINDOWS\System32\Install6x.dll

[2008-05-28 12:04:00 | 00,000,061 | ---- | C] () – C:\WINDOWS\smscfg.ini

[2008-05-03 04:46:00 | 01,703,936 | ---- | C] () – C:\WINDOWS\System32\nvwdmcpl.dll

[2008-05-03 04:46:00 | 01,486,848 | ---- | C] () – C:\WINDOWS\System32\nview.dll

[2008-05-03 04:46:00 | 01,019,904 | ---- | C] () – C:\WINDOWS\System32\nvwimg.dll

[2008-05-03 04:46:00 | 00,466,944 | ---- | C] () – C:\WINDOWS\System32\nvshell.dll

[2008-05-03 04:46:00 | 00,286,720 | ---- | C] () – C:\WINDOWS\System32\nvnt4cpl.dll

[2008-04-15 13:00:00 | 00,163,185 | RHS- | C] () – C:\WINDOWS\System32\wqpvjdad.dll

[2008-04-15 13:00:00 | 00,032,768 | ---- | C] () – C:\WINDOWS\System32\hm.dll

[2004-09-30 13:19:56 | 00,000,836 | ---- | C] () – C:\WINDOWS\System32\oeminfo.ini

[2002-05-10 16:30:08 | 00,110,592 | ---- | C] () – C:\WINDOWS\System32\JPEG32.DLL

[2001-09-28 13:44:58 | 00,257,536 | ---- | C] () – C:\WINDOWS\System32\BiImg.dll

========== Custom Scans ==========

< %systemdrive%*.* >

[2009-11-11 18:44:23 | 00,196,626 | ---- | M] () – C:\800_1_a_loading.tga

[2009-11-11 18:44:23 | 00,196,626 | ---- | M] () – C:\800_1_b_loading.tga

[2009-11-11 18:44:23 | 00,196,626 | ---- | M] () – C:\800_1_c_loading.tga

[2009-11-11 18:44:23 | 00,024,594 | ---- | M] () – C:\800_1_d_loading.tga

[2009-11-11 18:44:23 | 00,196,626 | ---- | M] () – C:\800_2_a_loading.tga

[2009-11-11 18:44:23 | 00,196,626 | ---- | M] () – C:\800_2_b_loading.tga

[2009-11-11 18:44:23 | 00,196,626 | ---- | M] () – C:\800_2_c_loading.tga

[2009-11-11 18:44:23 | 00,024,594 | ---- | M] () – C:\800_2_d_loading.tga

[2009-11-11 18:44:23 | 00,067,602 | ---- | M] () – C:\800_3_a_loading.tga

[2009-11-11 18:44:23 | 00,067,602 | ---- | M] () – C:\800_3_b_loading.tga

[2009-11-11 18:44:23 | 00,067,602 | ---- | M] () – C:\800_3_c_loading.tga

[2009-11-11 18:44:23 | 00,008,466 | ---- | M] () – C:\800_3_d_loading.tga

[2008-05-27 17:55:02 | 00,000,000 | ---- | M] () – C:\AUTOEXEC.BAT

[2009-01-08 15:21:39 | 00,000,211 | RHS- | M] () – C:\boot.ini

[2008-04-15 13:00:00 | 00,004,952 | RHS- | M] () – C:\Bootfont.bin

[2008-05-27 17:55:02 | 00,000,000 | ---- | M] () – C:\CONFIG.SYS

[2008-05-27 18:04:23 | 00,000,058 | ---- | M] () – C:\csb.log

[2007-11-07 07:00:40 | 00,017,734 | ---- | M] () – C:\eula.1028.txt

[2007-11-07 07:00:40 | 00,017,734 | ---- | M] () – C:\eula.1031.txt

[2007-11-07 07:00:40 | 00,010,134 | ---- | M] () – C:\eula.1033.txt

[2007-11-07 07:00:40 | 00,017,734 | ---- | M] () – C:\eula.1036.txt

[2007-11-07 07:00:40 | 00,017,734 | ---- | M] () – C:\eula.1040.txt

[2007-11-07 07:00:40 | 00,000,118 | ---- | M] () – C:\eula.1041.txt

[2007-11-07 07:00:40 | 00,017,734 | ---- | M] () – C:\eula.1042.txt

[2007-11-07 07:00:40 | 00,017,734 | ---- | M] () – C:\eula.2052.txt

[2007-11-07 07:00:40 | 00,017,734 | ---- | M] () – C:\eula.3082.txt

[2007-11-07 07:00:40 | 00,001,110 | ---- | M] () – C:\globdata.ini

[2007-11-07 07:03:18 | 00,562,688 | ---- | M] (Microsoft Corporation) – C:\install.exe

[2007-11-07 07:00:40 | 00,000,843 | ---- | M] () – C:\install.ini

[2007-11-07 07:03:18 | 00,076,304 | ---- | M] (Microsoft Corporation) – C:\install.res.1028.dll

[2007-11-07 07:03:18 | 00,096,272 | ---- | M] (Microsoft Corporation) – C:\install.res.1031.dll

[2007-11-07 07:03:18 | 00,091,152 | ---- | M] (Microsoft Corporation) – C:\install.res.1033.dll

[2007-11-07 07:03:18 | 00,097,296 | ---- | M] (Microsoft Corporation) – C:\install.res.1036.dll

[2007-11-07 07:03:18 | 00,095,248 | ---- | M] (Microsoft Corporation) – C:\install.res.1040.dll

[2007-11-07 07:03:18 | 00,081,424 | ---- | M] (Microsoft Corporation) – C:\install.res.1041.dll

[2007-11-07 07:03:18 | 00,079,888 | ---- | M] (Microsoft Corporation) – C:\install.res.1042.dll

[2007-11-07 07:03:18 | 00,075,792 | ---- | M] (Microsoft Corporation) – C:\install.res.2052.dll

[2007-11-07 07:03:18 | 00,096,272 | ---- | M] (Microsoft Corporation) – C:\install.res.3082.dll

[2008-05-27 17:55:02 | 00,000,000 | RHS- | M] () – C:\IO.SYS

[2008-05-27 17:55:02 | 00,000,000 | RHS- | M] () – C:\MSDOS.SYS

[2008-04-15 13:00:00 | 00,047,564 | RHS- | M] () – C:\NTDETECT.COM

[2008-04-15 13:00:00 | 00,251,152 | RHS- | M] () – C:\ntldr

[2010-01-09 16:58:03 | 21,453,86496 | -HS- | M] () – C:\pagefile.sys

[2008-05-27 18:02:48 | 00,000,423 | ---- | M] () – C:\RHDSetup.log

[2010-01-08 15:46:51 | 00,000,268 | -H-- | M] () – C:\sqmdata00.sqm

[2010-01-08 20:00:41 | 00,000,268 | -H-- | M] () – C:\sqmdata01.sqm

[2010-01-08 20:39:16 | 00,000,268 | -H-- | M] () – C:\sqmdata02.sqm

[2010-01-09 04:57:20 | 00,000,268 | -H-- | M] () – C:\sqmdata03.sqm

[2010-01-09 09:06:22 | 00,000,268 | -H-- | M] () – C:\sqmdata04.sqm

[2010-01-09 14:30:37 | 00,000,268 | -H-- | M] () – C:\sqmdata05.sqm

[2010-01-09 16:59:09 | 00,000,268 | -H-- | M] () – C:\sqmdata06.sqm

[2010-01-04 14:28:51 | 00,000,268 | -H-- | M] () – C:\sqmdata07.sqm

[2010-01-04 18:03:46 | 00,000,268 | -H-- | M] () – C:\sqmdata08.sqm

[2010-01-04 20:44:06 | 00,000,268 | -H-- | M] () – C:\sqmdata09.sqm

[2010-01-05 14:22:34 | 00,000,268 | -H-- | M] () – C:\sqmdata10.sqm

[2010-01-05 17:50:33 | 00,000,268 | -H-- | M] () – C:\sqmdata11.sqm

[2010-01-05 19:19:39 | 00,000,268 | -H-- | M] () – C:\sqmdata12.sqm

[2010-01-06 12:33:29 | 00,000,268 | -H-- | M] () – C:\sqmdata13.sqm

[2010-01-06 19:43:55 | 00,000,268 | -H-- | M] () – C:\sqmdata14.sqm

[2010-01-07 09:00:42 | 00,000,268 | -H-- | M] () – C:\sqmdata15.sqm

[2010-01-07 16:47:06 | 00,000,268 | -H-- | M] () – C:\sqmdata16.sqm

[2010-01-07 18:13:56 | 00,000,268 | -H-- | M] () – C:\sqmdata17.sqm

[2010-01-08 08:13:46 | 00,000,268 | -H-- | M] () – C:\sqmdata18.sqm

[2010-01-08 13:41:07 | 00,000,268 | -H-- | M] () – C:\sqmdata19.sqm

[2010-01-08 15:46:51 | 00,000,244 | -H-- | M] () – C:\sqmnoopt00.sqm

[2010-01-08 20:00:41 | 00,000,244 | -H-- | M] () – C:\sqmnoopt01.sqm

[2010-01-08 20:39:16 | 00,000,244 | -H-- | M] () – C:\sqmnoopt02.sqm

[2010-01-09 04:57:20 | 00,000,244 | -H-- | M] () – C:\sqmnoopt03.sqm

[2010-01-09 09:06:22 | 00,000,244 | -H-- | M] () – C:\sqmnoopt04.sqm

[2010-01-09 14:30:37 | 00,000,244 | -H-- | M] () – C:\sqmnoopt05.sqm

[2010-01-09 16:59:09 | 00,000,244 | -H-- | M] () – C:\sqmnoopt06.sqm

[2010-01-04 14:28:51 | 00,000,244 | -H-- | M] () – C:\sqmnoopt07.sqm

[2010-01-04 18:03:45 | 00,000,244 | -H-- | M] () – C:\sqmnoopt08.sqm

[2010-01-04 20:44:06 | 00,000,244 | -H-- | M] () – C:\sqmnoopt09.sqm

[2010-01-05 14:22:34 | 00,000,244 | -H-- | M] () – C:\sqmnoopt10.sqm

[2010-01-05 17:50:33 | 00,000,244 | -H-- | M] () – C:\sqmnoopt11.sqm

[2010-01-05 19:19:38 | 00,000,244 | -H-- | M] () – C:\sqmnoopt12.sqm

[2010-01-06 12:33:29 | 00,000,244 | -H-- | M] () – C:\sqmnoopt13.sqm

[2010-01-06 19:43:54 | 00,000,244 | -H-- | M] () – C:\sqmnoopt14.sqm

[2010-01-07 09:00:42 | 00,000,244 | -H-- | M] () – C:\sqmnoopt15.sqm

[2010-01-07 16:47:06 | 00,000,244 | -H-- | M] () – C:\sqmnoopt16.sqm

[2010-01-07 18:13:56 | 00,000,244 | -H-- | M] () – C:\sqmnoopt17.sqm

[2010-01-08 08:13:46 | 00,000,244 | -H-- | M] () – C:\sqmnoopt18.sqm

[2010-01-08 13:41:07 | 00,000,244 | -H-- | M] () – C:\sqmnoopt19.sqm

[2007-11-07 07:00:40 | 00,005,686 | ---- | M] () – C:\vcredist.bmp

[2007-11-07 07:09:22 | 01,442,522 | ---- | M] () – C:\VC_RED.cab

[2007-11-07 07:12:28 | 00,232,960 | ---- | M] () – C:\VC_RED.MSI

========== Alternate Data Streams ==========

@Alternate Data Stream - 487 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF

< End of report >

#2

Pokaż log z: OTL

Przestawiasz w nim Processes i Modules na All oraz wklejasz w dolne białe okienko Custom Scans/Fixes :

Klikasz Run Scan. - otl-gmer-rsit-dds-inne-instrukcje-t370405.html

Zmiana zasad wklejania logów na forum - viewtopic.php?f=16&t=253052

Zastosuj się do tego Tematu i zmień tytuł tematu na konkretny.

Pozdrawiam Gutek

#3

OTL logfile created on: 2010-01-09 17:53:47 - Run 3

OTL by OldTimer - Version 3.1.22.0 Folder = C:\Documents and Settings\Dawid\Pulpit

Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 68,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 298,09 Gb Total Space | 266,94 Gb Free Space | 89,55% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: OPTIMUS-D4D172D

Current User Name: Dawid

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: On

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========

PRC - [2010-01-09 17:49:37 | 00,543,232 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Dawid\Pulpit\OTL.exe

PRC - [2010-01-09 09:24:02 | 01,217,808 | ---- | M] (Valve Corporation) – C:\Program Files\Steam\Steam.exe

PRC - [2010-01-08 08:14:34 | 00,058,368 | -H-- | M] () – C:\Documents and Settings\Dawid\jygfs.exe

PRC - [2010-01-07 18:14:23 | 00,908,248 | ---- | M] (Mozilla Corporation) – C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2009-12-08 18:13:19 | 00,500,224 | ---- | M] () – C:\WINDOWS\diagnostic.exe

PRC - [2009-01-11 13:49:27 | 00,073,728 | ---- | M] () – C:\WINDOWS\system32\02nXyOB0.exe

PRC - [2008-12-24 21:03:03 | 00,173,670 | ---- | M] () – C:\WINDOWS\services.exe

PRC - [2008-04-15 13:00:00 | 02,716,672 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\explorer.exe

PRC - [2008-02-29 09:59:23 | 01,947,648 | ---- | M] (Microsoft Corporation) – C:\Program Files\Internet Explorer\IEXPLORE.EXE

PRC - [2007-09-20 09:35:36 | 00,118,336 | ---- | M] (Microsoft Corporation) – C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

PRC - [2006-11-29 09:55:56 | 00,009,728 | RHS- | M] () – C:\WINDOWS\system32\explorer.exe

========== Modules (SafeList) ==========

MOD - [2010-01-09 17:49:37 | 00,543,232 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Dawid\Pulpit\OTL.exe

MOD - [2006-05-03 21:53:54 | 00,174,592 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\framedyn.dll

========== Win32 Services (SafeList) ==========

SRV - [2009-01-15 11:26:02 | 00,066,872 | ---- | M] () [Disabled | Stopped] – C:\WINDOWS\system32\PnkBstrA.exe – (PnkBstrA)

SRV - [2008-12-17 16:29:16 | 00,304,528 | ---- | M] (Protection Technology) [Auto | Stopped] – C:\WINDOWS\System32\appdrvrem01.exe – (appdrvrem01) Application Driver Auto Removal Service (01)

SRV - [2008-10-25 08:51:01 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) [Disabled | Stopped] – C:\Program Files\Java\jre6\bin\jqs.exe – (JavaQuickStarterService)

SRV - [2008-05-03 04:46:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] – C:\WINDOWS\system32\nvsvc32.exe – (NVSvc)

SRV - [2008-04-15 13:00:00 | 00,163,185 | RHS- | M] () [Auto | Stopped] – C:\WINDOWS\system32\wqpvjdad.dll – (ovsuexxo)

SRV - [2007-11-28 09:27:24 | 00,800,040 | ---- | M] (Nero AG) [Disabled | Stopped] – C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe – (NBService)

SRV - [2007-10-25 14:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Program Files\Windows Live\installer\WLSetupSvc.exe – (WLSetupSvc)

SRV - [2007-10-18 10:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Program Files\Windows Live\Messenger\usnsvc.exe – (usnjsvc)

SRV - [2007-06-27 17:04:00 | 00,279,848 | ---- | M] (Nero AG) [Disabled | Stopped] – C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe – (NMIndexingService)

SRV - [2003-07-28 19:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE – (ose)

========== Driver Services (SafeList) ==========

DRV - [2009-02-20 08:14:59 | 00,033,824 | ---- | M] () [Kernel | System | Running] – C:\WINDOWS\system32\drivers\oreans32.sys – (oreans32)

DRV - [2008-12-17 16:29:17 | 02,915,944 | ---- | M] (Protection Technology) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\appdrv01.sys – (appdrv01) Application Driver (01)

DRV - [2008-12-10 15:38:08 | 00,717,296 | ---- | M] () [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\sptd.sys – (sptd)

DRV - [2008-09-14 18:59:52 | 00,020,747 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] – C:\WINDOWS\system32\drivers\AegisP.sys – (AegisP) AEGIS Protocol (IEEE 802.1x)

DRV - [2008-05-27 18:03:51 | 00,004,716 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] – C:\WINDOWS\gdrv.sys – (gdrv)

DRV - [2008-05-03 04:46:00 | 06,554,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\nv4_mini.sys – (nv)

DRV - [2008-04-15 13:00:00 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\hdaudbus.sys – (HDAudBus)

DRV - [2008-04-15 13:00:00 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\secdrv.sys – (Secdrv)

DRV - [2008-04-15 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ptilink.sys – (Ptilink)

DRV - [2007-10-12 09:33:06 | 04,609,024 | R— | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\RtkHDAud.sys – (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2007-08-07 10:40:38 | 00,098,944 | R— | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\Rtenicxp.sys – (RTLE8023xp)

DRV - [2007-07-16 02:00:14 | 00,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Running] – C:\WINDOWS\system32\drivers\Dgivecp.Sys – (DgiVecp)

DRV - [2007-03-08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\PxHelp20.sys – (PxHelp20)

DRV - [2006-07-24 15:05:00 | 00,005,632 | ---- | M] () [File_System | System | Running] – C:\WINDOWS\system32\drivers\StarOpen.sys – (StarOpen)

DRV - [2005-08-30 16:59:00 | 00,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\ss_mdm.sys – (ss_mdm)

DRV - [2005-08-30 16:58:56 | 00,008,304 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\ss_mdfl.sys – (ss_mdfl)

DRV - [2005-08-30 16:57:18 | 00,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\ss_bus.sys – (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)

DRV - [2005-07-01 11:22:00 | 00,339,072 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\rt61.sys – (RT61)

DRV - [2003-09-06 14:37:22 | 00,062,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\prohlp02.sys – (prohlp02)

DRV - [2003-09-06 13:27:06 | 00,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\sfhlp01.sys – (sfhlp01)

DRV - [2003-09-06 13:25:52 | 00,051,744 | ---- | M] (Protection Technology) [Kernel | System | Running] – C:\WINDOWS\System32\drivers\prodrv06.sys – (prodrv06)

DRV - [2003-09-06 13:22:08 | 00,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\prosync1.sys – (prosync1)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM…\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.speedbit.com/

IE - HKCU…\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

========== FireFox ==========

FF - prefs.js…browser.search.defaultenginename: “Winamp Search”

FF - prefs.js…browser.search.defaulturl: “http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=

FF - prefs.js…browser.search.selectedEngine: “Winamp Search”

FF - prefs.js…browser.search.useDBForOrder: true

FF - prefs.js…browser.startup.homepage: “http://google.pl/

FF - prefs.js…extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:3.9.3

FF - prefs.js…extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.11.2

FF - prefs.js…extensions.enabledItems: nasanightlaunch@example.com:0.6.20091031

FF - prefs.js…keyword.URL: “http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=

FF - prefs.js…network.proxy.type: 2

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\Components: C:\Program Files\Mozilla Firefox\components [2010-01-08 17:00:36 | 00,000,000 | —D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-01-07 18:14:29 | 00,000,000 | —D | M]

[2009-02-13 15:01:19 | 00,000,000 | —D | M] – C:\Documents and Settings\Dawid\Dane aplikacji\Mozilla\Extensions

[2010-01-09 15:32:43 | 00,000,000 | —D | M] – C:\Documents and Settings\Dawid\Dane aplikacji\Mozilla\Firefox\Profiles\leo8ok0u.default\extensions

[2009-08-07 19:02:22 | 00,000,000 | —D | M] (No name found) – C:\Documents and Settings\Dawid\Dane aplikacji\Mozilla\Firefox\Profiles\leo8ok0u.default\extensions{0545b830-f0aa-4d7e-8820-50a4629a56fe}

[2009-09-11 09:05:33 | 00,000,000 | —D | M] (Winamp Toolbar) – C:\Documents and Settings\Dawid\Dane aplikacji\Mozilla\Firefox\Profiles\leo8ok0u.default\extensions{0b38152b-1b20-484d-a11f-5e04a9b0661f}

[2009-11-11 21:20:46 | 00,000,000 | —D | M] – C:\Documents and Settings\Dawid\Dane aplikacji\Mozilla\Firefox\Profiles\leo8ok0u.default\extensions\nasanightlaunch@example.com

[2009-09-11 09:05:46 | 00,001,201 | ---- | M] () – C:\Documents and Settings\Dawid\Dane aplikacji\Mozilla\Firefox\Profiles\leo8ok0u.default\searchplugins\winamp-search.xml

[2009-07-05 19:02:14 | 00,000,000 | —D | M] – C:\Program Files\Mozilla Firefox\extensions

[2009-10-30 11:49:25 | 00,002,767 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml

[2009-10-30 11:49:25 | 00,001,406 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml

[2009-10-30 11:49:25 | 00,000,917 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml

[2009-10-30 11:49:25 | 00,000,858 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml

[2009-10-30 11:49:25 | 00,001,183 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml

[2009-10-30 11:49:25 | 00,001,683 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (742 bytes) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()

O2 - BHO: (Mirar) - {1FECA34D-3ECF-47F1-9C09-CB5BF8C1EC9B} - C:\WINDOWS\system32\winob77.dll ()

O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

O2 - BHO: (My Global Search Bar BHO) - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.

O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O3 - HKLM…\Toolbar: (Mirar) - {1FECA34C-3ECF-47F1-9C09-CB5BF8C1EC9B} - C:\WINDOWS\system32\winob77.dll ()

O3 - HKLM…\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKLM…\Toolbar: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)

O3 - HKLM…\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)

O3 - HKLM…\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

O3 - HKCU…\Toolbar\WebBrowser: (Mirar) - {1FECA34C-3ECF-47F1-9C09-CB5BF8C1EC9B} - C:\WINDOWS\system32\winob77.dll ()

O3 - HKCU…\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKCU…\Toolbar\WebBrowser: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)

O3 - HKCU…\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)

O3 - HKCU…\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

O4 - HKLM…\Run: [barsaka] C:\WINDOWS\System32\explorer.exe ()

O4 - HKLM…\Run: [Diagnostic] C:\WINDOWS\diagnostic.exe ()

O4 - HKLM…\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.)

O4 - HKLM…\Run: [KernelFaultCheck] File not found

O4 - HKLM…\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)

O4 - HKLM…\Run: [PPort10reminder] C:\Program Files\ScanSoft\PaperPort\EREG\Ereg.exe (ScanSoft, Inc.)

O4 - HKLM…\Run: [sSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.)

O4 - HKLM…\Run: [sXe Injected] C:\Program Files\sXe Injected\sXe Injected.exe File not found

O4 - HKLM…\Run: [unlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe File not found

O4 - HKLM…\Run: [vigi] C:\WINDOWS\System32\vigi.exe ()

O4 - HKLM…\Run: [Windows] C:\WINDOWS\services.exe ()

O4 - HKCU…\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)

O4 - HKCU…\Run: [iPLA!] C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.)

O4 - HKCU…\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe File not found

O4 - HKCU…\Run: [steam] c:\program files\steam\steam.exe (Valve Corporation)

O4 - Startup: C:\Documents and Settings\Dawid\Menu Start\Programy\Autostart\lsass.exe ()

O4 - Startup: C:\Documents and Settings\Dawid\Menu Start\Programy\Autostart\rncsys32.exe (Rvsjtej Hucfegefzom)

O4 - Startup: C:\Documents and Settings\Dawid\Menu Start\Programy\Autostart\Skrót do pcwDreamScreen.lnk = C:\Program Files\pcwDreamScreen\pcwDreamScreen.vbs ()

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()

O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)

O9 - Extra Button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra ‘Tools’ menuitem : &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc … tor/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_10)

O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_10)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_10)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s … wflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.8.1 194.204.152.34

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\System32\explorer.exe ()

O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\Dawid\jygfs.exe \s explorer.exe) - C:\Documents and Settings\Dawid\jygfs.exe \s explorer.exe File not found

O21 - SSODL: LtBcdMgju - {8CADBD4C-2607-17E6-5887-E0588FECE178} - C:\WINDOWS\system32\hm.dll ()

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2008-05-27 17:55:02 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT – [NTFS]

O33 - MountPoints2{5697c7ba-b8ac-11dd-ab19-000ee8e1ef17}\Shell\AutoRun\command - “” = E:\fooool.exe – File not found

O33 - MountPoints2{5697c7ba-b8ac-11dd-ab19-000ee8e1ef17}\Shell\explore\Command - “” = E:\fooool.exe – File not found

O33 - MountPoints2{5697c7ba-b8ac-11dd-ab19-000ee8e1ef17}\Shell\open\Command - “” = E:\fooool.exe – File not found

O33 - MountPoints2{a18d4ac4-37b9-11de-af49-000ee8e1ef17}\Shell\AutoRun\command - “” = G:\fooool.exe – File not found

O33 - MountPoints2{a18d4ac4-37b9-11de-af49-000ee8e1ef17}\Shell\explore\Command - “” = G:\fooool.exe – File not found

O33 - MountPoints2{a18d4ac4-37b9-11de-af49-000ee8e1ef17}\Shell\open\Command - “” = G:\fooool.exe – File not found

O33 - MountPoints2{bc4561d2-8332-11dd-a953-000ee8e1ef17}\Shell\AutoRun\command - “” = H:\fooool.exe – File not found

O33 - MountPoints2{bc4561d2-8332-11dd-a953-000ee8e1ef17}\Shell\explore\Command - “” = H:\fooool.exe – File not found

O33 - MountPoints2{bc4561d2-8332-11dd-a953-000ee8e1ef17}\Shell\open\Command - “” = H:\fooool.exe – File not found

O33 - MountPoints2{d576f6ca-ff83-11dd-ad77-000ee8e1ef17}\Shell\AutoRun\command - “” = G:\fooool.exe – File not found

O33 - MountPoints2{d576f6ca-ff83-11dd-ad77-000ee8e1ef17}\Shell\explore\Command - “” = G:\fooool.exe – File not found

O33 - MountPoints2{d576f6ca-ff83-11dd-ad77-000ee8e1ef17}\Shell\open\Command - “” = G:\fooool.exe – File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - comfile [open] – “%1” %*

O35 - exefile [open] – “%1” %*

NetSvcs: 6to4 - File not found

NetSvcs: Ias - C:\WINDOWS\system32\ias [2008-05-27 10:41:07 | 00,000,000 | —D | M]

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)

NetSvcs: WmdmPmSp - File not found

NetSvcs: ovsuexxo - C:\WINDOWS\system32\wqpvjdad.dll ()

MsConfig - Services: “JavaQuickStarterService”

MsConfig - Services: “AresChatServer”

MsConfig - Services: “WLSetupSvc”

MsConfig - Services: “usnjsvc”

MsConfig - Services: “PnkBstrA”

MsConfig - Services: “NVSvc”

MsConfig - Services: “NMIndexingService”

MsConfig - Services: “NBService”

MsConfig - Services: “idsvc”

MsConfig - Services: “cFosSpeedS”

MsConfig - Services: “appdrvrem01”

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Ralink Wireless Utility.lnk - C:\WINDOWS\RaUI.exe - (Ralink Technology, Corp.)

MsConfig - StartUpReg: Alcmtr - hkey= - key= - C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

MsConfig - StartUpReg: BearShare - hkey= - key= - C:\Program Files\BearShare\BearShare.exe (Free Peers, Inc.)

MsConfig - StartUpReg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - hkey= - key= - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)

MsConfig - StartUpReg: cFosSpeed - hkey= - key= - C:\Program Files\cFosSpeed\cFosSpeed.exe File not found

MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)

MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)

MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found

MsConfig - StartUpReg: NvMediaCenter - hkey= - key= - File not found

MsConfig - StartUpReg: nwiz - hkey= - key= - File not found

MsConfig - StartUpReg: RGSC - hkey= - key= - C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe File not found

MsConfig - StartUpReg: RTHDCPL - hkey= - key= - C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)

MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe File not found

MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe ()

MsConfig - State: “system.ini” - 0

MsConfig - State: “win.ini” - 0

MsConfig - State: “bootini” - 0

MsConfig - State: “services” - 2

MsConfig - State: “startup” - 2

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vga.sys - Driver

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vga.sys - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

========== Files/Folders - Created Within 30 Days ==========

[2010-01-09 17:50:27 | 00,000,000 | —D | C] – C:_OTL

[2010-01-09 17:49:17 | 00,543,232 | ---- | C] (OldTimer Tools) – C:\Documents and Settings\Dawid\Pulpit\OTL.exe

[2010-01-09 17:48:41 | 00,812,344 | ---- | C] (Trend Micro Inc.) – C:\Documents and Settings\Dawid\Pulpit\HJTInstall.exe

[2010-01-09 16:50:04 | 00,000,000 | —D | C] – C:\Program Files\Trend Micro

[2010-01-09 09:11:24 | 00,000,000 | —D | C] – C:\Program Files\Steam

[2010-01-03 19:01:49 | 00,000,000 | —D | C] – C:\Documents and Settings\Dawid\Pulpit\miki

[2010-01-02 20:12:23 | 00,000,000 | —D | C] – C:\Documents and Settings\Dawid\Pulpit\Bombsite B spray

[2009-12-28 20:14:00 | 00,000,000 | —D | C] – C:\Documents and Settings\Dawid\Moje dokumenty\Moje opisy

[2009-12-25 12:30:15 | 00,000,000 | —D | C] – C:\Program Files\HyCam2

[2009-12-24 17:25:04 | 00,000,000 | —D | C] – C:\Documents and Settings\Dawid\Pulpit\Rychu Peja SoluFka - Styl Życia Gnoja [2oo8]

[2009-12-23 19:36:26 | 00,000,000 | —D | C] – C:\vcs5BGEffects

[2009-12-23 19:35:37 | 00,000,000 | —D | C] – C:\Program Files\AV Vcs 6.0 DIAMOND

[2009-12-22 22:02:37 | 00,000,000 | —D | C] – C:\Documents and Settings\Dawid\Pulpit\films by adX

[2009-12-22 15:52:18 | 00,000,000 | —D | C] – C:\Documents and Settings\Dawid\Pulpit\muza

[2009-12-17 20:48:58 | 00,000,000 | —D | C] – C:\games

[2009-12-11 16:27:56 | 00,000,000 | —D | C] – C:\dell

[2009-12-11 08:40:35 | 00,000,000 | —D | C] – C:\Documents and Settings\Dawid\Moje dokumenty\Odebrane pliki

[2009-12-10 19:53:25 | 00,000,000 | —D | C] – C:\Documents and Settings\Dawid\Pulpit\ss

[2009-12-10 19:44:11 | 00,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\VideoMach

[2009-12-10 19:44:06 | 00,000,000 | —D | C] – C:\Program Files\VideoMach

[2009-12-10 19:27:23 | 00,000,000 | —D | C] – C:\Documents and Settings\Dawid\Moje dokumenty\Camtasia Studio

[2009-02-17 21:44:35 | 00,000,000 | —D | M] – C:\Documents and Settings\NetworkService\Dane aplikacji\Adobe

[2009-01-11 17:00:33 | 00,000,000 | —D | M] – C:\Documents and Settings\NetworkService\Dane aplikacji\Macromedia

[2009-01-11 14:00:37 | 00,000,000 | --SD | M] – C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft

[2008-05-27 17:57:42 | 00,000,000 | —D | M] – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft

[2008-05-27 17:57:16 | 00,000,000 | —D | M] – C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft

[2008-05-27 17:55:00 | 00,000,000 | --SD | M] – C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft

[3 C:\WINDOWS*.tmp files -> C:\WINDOWS*.tmp ->]

[1 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->]

========== Files - Modified Within 30 Days ==========

[2010-01-09 17:49:37 | 00,543,232 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Dawid\Pulpit\OTL.exe

[2010-01-09 17:48:49 | 00,001,734 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\HijackThis.lnk

[2010-01-09 17:48:42 | 00,812,344 | ---- | M] (Trend Micro Inc.) – C:\Documents and Settings\Dawid\Pulpit\HJTInstall.exe

[2010-01-09 17:13:55 | 11,796,480 | -H-- | M] () – C:\Documents and Settings\Dawid\NTUSER.DAT

[2010-01-09 17:04:00 | 00,000,258 | ---- | M] () – C:\WINDOWS\tasks\Sprawdź aktualizacje paska narzędzi Windows Live Toolbar.job

[2010-01-09 17:03:57 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At18.job

[2010-01-09 16:59:09 | 00,000,268 | -H-- | M] () – C:\sqmdata06.sqm

[2010-01-09 16:59:09 | 00,000,244 | -H-- | M] () – C:\sqmnoopt06.sqm

[2010-01-09 16:58:06 | 00,000,006 | -H-- | M] () – C:\WINDOWS\tasks\SA.DAT

[2010-01-09 16:58:05 | 00,002,048 | --S- | M] () – C:\WINDOWS\bootstat.dat

[2010-01-09 16:57:33 | 00,000,188 | -HS- | M] () – C:\Documents and Settings\Dawid\ntuser.ini

[2010-01-09 16:42:10 | 00,002,207 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\Steam.lnk

[2010-01-09 16:00:20 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At17.job

[2010-01-09 15:24:09 | 00,000,069 | ---- | M] () – C:\WINDOWS\NeroDigital.ini

[2010-01-09 15:24:07 | 00,067,072 | ---- | M] () – C:\Documents and Settings\Dawid\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010-01-09 15:03:58 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At16.job

[2010-01-09 14:30:37 | 00,000,268 | -H-- | M] () – C:\sqmdata05.sqm

[2010-01-09 14:30:37 | 00,000,244 | -H-- | M] () – C:\sqmnoopt05.sqm

[2010-01-09 13:00:20 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At14.job

[2010-01-09 12:18:06 | 00,000,020 | -H-- | M] () – C:\Documents and Settings\Dawid\Pulpit\STATUS.bmp.sha

[2010-01-09 12:00:20 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At13.job

[2010-01-09 11:00:20 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At12.job

[2010-01-09 10:03:57 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At11.job

[2010-01-09 09:30:34 | 00,001,614 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\Counter-Strike.lnk

[2010-01-09 09:06:22 | 00,000,268 | -H-- | M] () – C:\sqmdata04.sqm

[2010-01-09 09:06:22 | 00,000,244 | -H-- | M] () – C:\sqmnoopt04.sqm

[2010-01-09 05:03:57 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At6.job

[2010-01-09 04:57:20 | 00,000,268 | -H-- | M] () – C:\sqmdata03.sqm

[2010-01-09 04:57:20 | 00,000,244 | -H-- | M] () – C:\sqmnoopt03.sqm

[2010-01-08 21:20:04 | 02,917,056 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\spar2.gz

[2010-01-08 21:20:04 | 02,695,965 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\spar.gz

[2010-01-08 21:03:57 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At22.job

[2010-01-08 20:39:16 | 00,000,268 | -H-- | M] () – C:\sqmdata02.sqm

[2010-01-08 20:39:16 | 00,000,244 | -H-- | M] () – C:\sqmnoopt02.sqm

[2010-01-08 20:00:41 | 00,000,268 | -H-- | M] () – C:\sqmdata01.sqm

[2010-01-08 20:00:41 | 00,000,244 | -H-- | M] () – C:\sqmnoopt01.sqm

[2010-01-08 19:30:47 | 00,001,138 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\muzyjka.rtf

[2010-01-08 19:00:20 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At20.job

[2010-01-08 18:23:22 | 02,488,778 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\a2ww2h.gif

[2010-01-08 18:03:56 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At19.job

[2010-01-08 17:59:59 | 00,000,408 | ---- | M] () – C:\WINDOWS\tasks\Norton Security Scan for Dawid.job

[2010-01-08 15:46:51 | 00,000,268 | -H-- | M] () – C:\sqmdata00.sqm

[2010-01-08 15:46:51 | 00,000,244 | -H-- | M] () – C:\sqmnoopt00.sqm

[2010-01-08 14:49:21 | 06,919,858 | -H-- | M] () – C:\Documents and Settings\Dawid\Ustawienia lokalne\Dane aplikacji\IconCache.db

[2010-01-08 14:03:57 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At15.job

[2010-01-08 13:41:07 | 00,000,268 | -H-- | M] () – C:\sqmdata19.sqm

[2010-01-08 13:41:07 | 00,000,244 | -H-- | M] () – C:\sqmnoopt19.sqm

[2010-01-08 08:15:42 | 00,035,328 | ---- | M] () – C:\WINDOWS\System32\629712.exe

[2010-01-08 08:14:34 | 00,058,368 | -H-- | M] () – C:\Documents and Settings\Dawid\jygfs.exe

[2010-01-08 08:14:34 | 00,058,368 | ---- | M] () – C:\WINDOWS\System32\vigi.exe

[2010-01-08 08:13:46 | 00,000,268 | -H-- | M] () – C:\sqmdata18.sqm

[2010-01-08 08:13:46 | 00,000,244 | -H-- | M] () – C:\sqmnoopt18.sqm

[2010-01-07 20:00:20 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At21.job

[2010-01-07 18:13:56 | 00,000,268 | -H-- | M] () – C:\sqmdata17.sqm

[2010-01-07 18:13:56 | 00,000,244 | -H-- | M] () – C:\sqmnoopt17.sqm

[2010-01-07 16:47:06 | 00,000,268 | -H-- | M] () – C:\sqmdata16.sqm

[2010-01-07 16:47:06 | 00,000,244 | -H-- | M] () – C:\sqmnoopt16.sqm

[2010-01-07 09:00:42 | 00,000,268 | -H-- | M] () – C:\sqmdata15.sqm

[2010-01-07 09:00:42 | 00,000,244 | -H-- | M] () – C:\sqmnoopt15.sqm

[2010-01-06 19:43:55 | 00,000,268 | -H-- | M] () – C:\sqmdata14.sqm

[2010-01-06 19:43:54 | 00,000,244 | -H-- | M] () – C:\sqmnoopt14.sqm

[2010-01-06 14:28:06 | 00,001,044 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\esles.jpg

[2010-01-06 12:33:29 | 00,000,268 | -H-- | M] () – C:\sqmdata13.sqm

[2010-01-06 12:33:29 | 00,000,244 | -H-- | M] () – C:\sqmnoopt13.sqm

[2010-01-05 19:19:39 | 00,000,268 | -H-- | M] () – C:\sqmdata12.sqm

[2010-01-05 19:19:38 | 00,000,244 | -H-- | M] () – C:\sqmnoopt12.sqm

[2010-01-05 17:50:33 | 00,000,268 | -H-- | M] () – C:\sqmdata11.sqm

[2010-01-05 17:50:33 | 00,000,244 | -H-- | M] () – C:\sqmnoopt11.sqm

[2010-01-05 14:22:34 | 00,000,268 | -H-- | M] () – C:\sqmdata10.sqm

[2010-01-05 14:22:34 | 00,000,244 | -H-- | M] () – C:\sqmnoopt10.sqm

[2010-01-04 20:44:06 | 00,000,268 | -H-- | M] () – C:\sqmdata09.sqm

[2010-01-04 20:44:06 | 00,000,244 | -H-- | M] () – C:\sqmnoopt09.sqm

[2010-01-04 18:03:46 | 00,000,268 | -H-- | M] () – C:\sqmdata08.sqm

[2010-01-04 18:03:45 | 00,000,244 | -H-- | M] () – C:\sqmnoopt08.sqm

[2010-01-04 16:26:25 | 00,199,680 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\miki film.MSWMM

[2010-01-04 14:28:51 | 00,000,268 | -H-- | M] () – C:\sqmdata07.sqm

[2010-01-04 14:28:51 | 00,000,244 | -H-- | M] () – C:\sqmnoopt07.sqm

[2010-01-03 23:03:56 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At24.job

[2010-01-03 12:52:24 | 00,000,754 | ---- | M] () – C:\WINDOWS\WORDPAD.INI

[2010-01-02 18:26:07 | 00,000,151 | ---- | M] () – C:\WINDOWS\PhotoSnapViewer.INI

[2010-01-02 18:17:51 | 02,103,246 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\steam.bmp

[2010-01-02 14:56:36 | 03,050,716 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\three days grace - time of dying.mp3

[2010-01-02 14:55:48 | 01,060,393 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\decyfer down - fading.mp3

[2010-01-02 09:03:57 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At10.job

[2010-01-01 22:00:20 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At23.job

[2010-01-01 01:00:20 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At2.job

[2010-01-01 00:51:20 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At1.job

[2009-12-31 12:18:40 | 00,710,336 | ---- | M] () – C:\Documents and Settings\Dawid\Moje dokumenty\clip0011.avi

[2009-12-31 12:17:10 | 27,027,444 | ---- | M] () – C:\Documents and Settings\Dawid\Moje dokumenty\clip0010.avi

[2009-12-30 19:34:53 | 01,440,054 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\lolz.bmp

[2009-12-29 19:28:38 | 03,311,940 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\firma - to dla was ft. hemp gru.mp3

[2009-12-28 15:08:58 | 00,142,336 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\bug by adX.MSWMM

[2009-12-28 10:55:57 | 00,182,038 | ---- | M] () – C:\WINDOWS\System32\nvapps.xml

[2009-12-28 09:46:34 | 00,299,008 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\bh by adX.MSWMM

[2009-12-27 20:50:37 | 00,000,370 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\o.s.t.r - abc.mp3

[2009-12-26 08:00:20 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At9.job

[2009-12-26 07:03:56 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At8.job

[2009-12-25 01:04:00 | 00,000,653 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\Gadu-Gadu.lnk

[2009-12-24 17:45:51 | 03,964,791 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\peja - staszica story czworkaopularn%19.mp3

[2009-12-23 19:36:21 | 00,000,912 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\Voice Changer 6.0 Diamond.lnk

[2009-12-23 06:00:20 | 00,000,362 | ---- | M] () – C:\WINDOWS\tasks\At7.job

[2009-12-20 10:12:16 | 00,000,665 | ---- | M] () – C:\Documents and Settings\Dawid\Pulpit\Teamspeak 2 RC2.lnk

[2009-12-15 17:17:01 | 00,035,328 | ---- | M] () – C:\WINDOWS\System32\93455.exe

[2009-12-14 20:20:29 | 00,034,304 | -H-- | M] () – C:\Documents and Settings\Dawid\wshibsd.exe

[2009-12-10 19:44:08 | 00,000,694 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\VideoMach.lnk

[2009-12-10 19:34:35 | 00,000,030 | ---- | M] () – C:\WINDOWS\TextSpy.ini

[3 C:\WINDOWS*.tmp files -> C:\WINDOWS*.tmp ->]

[1 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->]

========== Files Created - No Company Name ==========

[2010-01-09 17:48:49 | 00,001,734 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\HijackThis.lnk

[2010-01-09 12:18:06 | 00,000,020 | -H-- | C] () – C:\Documents and Settings\Dawid\Pulpit\STATUS.bmp.sha

[2010-01-09 10:47:41 | 02,917,056 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\spar2.gz

[2010-01-09 10:47:41 | 02,695,965 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\spar.gz

[2010-01-09 09:30:34 | 00,001,614 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\Counter-Strike.lnk

[2010-01-09 09:23:44 | 00,002,207 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\Steam.lnk

[2010-01-08 18:23:21 | 02,488,778 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\a2ww2h.gif

[2010-01-08 08:15:42 | 00,035,328 | ---- | C] () – C:\WINDOWS\System32\629712.exe

[2010-01-08 08:14:40 | 00,058,368 | -H-- | C] () – C:\Documents and Settings\Dawid\jygfs.exe

[2010-01-08 08:14:40 | 00,058,368 | ---- | C] () – C:\WINDOWS\System32\vigi.exe

[2010-01-06 14:17:41 | 00,001,044 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\esles.jpg

[2010-01-04 16:21:07 | 00,199,680 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\miki film.MSWMM

[2010-01-02 18:17:50 | 02,103,246 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\steam.bmp

[2010-01-02 14:54:52 | 01,060,393 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\decyfer down - fading.mp3

[2010-01-02 14:54:02 | 03,050,716 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\three days grace - time of dying.mp3

[2009-12-31 12:17:14 | 00,710,336 | ---- | C] () – C:\Documents and Settings\Dawid\Moje dokumenty\clip0011.avi

[2009-12-31 12:15:52 | 27,027,444 | ---- | C] () – C:\Documents and Settings\Dawid\Moje dokumenty\clip0010.avi

[2009-12-30 19:34:53 | 01,440,054 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\lolz.bmp

[2009-12-29 19:25:52 | 03,311,940 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\firma - to dla was ft. hemp gru.mp3

[2009-12-28 15:08:57 | 00,142,336 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\bug by adX.MSWMM

[2009-12-25 01:04:00 | 00,000,653 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\Gadu-Gadu.lnk

[2009-12-24 17:42:35 | 03,964,791 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\peja - staszica story czworkaopularn%19.mp3

[2009-12-23 19:36:21 | 00,000,912 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\Voice Changer 6.0 Diamond.lnk

[2009-12-21 21:25:14 | 03,826,448 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\04. dixon 37 - co nas ksztaltuje.mp31254311784_[mp3.teledyski.info].mp3

[2009-12-21 14:53:29 | 00,299,008 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\bh by adX.MSWMM

[2009-12-20 10:12:16 | 00,000,665 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\Teamspeak 2 RC2.lnk

[2009-12-19 20:21:35 | 00,000,370 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\o.s.t.r - abc.mp3

[2009-12-15 17:17:01 | 00,035,328 | ---- | C] () – C:\WINDOWS\System32\93455.exe

[2009-12-14 20:20:35 | 00,034,304 | -H-- | C] () – C:\Documents and Settings\Dawid\wshibsd.exe

[2009-12-13 17:37:44 | 00,001,138 | ---- | C] () – C:\Documents and Settings\Dawid\Pulpit\muzyjka.rtf

[2009-12-10 19:44:08 | 00,000,694 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\VideoMach.lnk

[2009-11-11 18:43:43 | 00,046,653 | ---- | C] () – C:\Program Files\haker.jpg

[2009-09-24 18:41:55 | 00,000,115 | ---- | C] () – C:\WINDOWS\SOFTPEG.INI

[2009-07-09 11:12:52 | 00,099,456 | ---- | C] () – C:\WINDOWS\System32\drivers\177b6cd4.sys

[2009-07-09 11:12:38 | 00,000,008 | ---- | C] () – C:\Documents and Settings\Dawid\Dane aplikacji\wiaserva.log

[2009-06-19 19:19:45 | 00,000,030 | ---- | C] () – C:\WINDOWS\TextSpy.ini

[2009-06-03 08:35:13 | 00,000,047 | ---- | C] () – C:\WINDOWS\WININIT.INI

[2009-05-01 18:54:11 | 00,000,067 | ---- | C] () – C:\WINDOWS#1 Video Converter.INI

[2009-04-28 19:20:46 | 00,000,754 | ---- | C] () – C:\WINDOWS\WORDPAD.INI

[2009-04-03 20:43:50 | 00,401,408 | ---- | C] () – C:\WINDOWS\System32\winob77.dll

[2009-03-03 20:07:28 | 00,354,816 | ---- | C] () – C:\WINDOWS\System32\psisdecd.dll

[2009-02-20 08:14:59 | 00,033,824 | ---- | C] () – C:\WINDOWS\System32\drivers\oreans32.sys

[2009-02-02 17:30:46 | 00,000,033 | ---- | C] () – C:\WINDOWS\BiMonitor.ini

[2009-02-02 17:30:43 | 00,028,787 | ---- | C] () – C:\WINDOWS\maxlink.ini

[2009-02-02 17:26:19 | 00,022,723 | ---- | C] () – C:\WINDOWS\System32\xrxe1l3.dll

[2009-02-02 17:20:07 | 00,094,208 | ---- | C] () – C:\WINDOWS\System32\WIAIPH.dll

[2009-02-02 17:20:07 | 00,086,016 | ---- | C] () – C:\WINDOWS\System32\WIAEH.dll

[2009-02-02 17:20:07 | 00,057,344 | ---- | C] () – C:\WINDOWS\System32\Sswiadrv.dll

[2009-02-02 17:20:07 | 00,053,248 | ---- | C] () – C:\WINDOWS\System32\WIASTIIO.dll

[2009-01-11 13:49:26 | 00,118,276 | ---- | C] () – C:\WINDOWS\System32\msxml71.dll

[2009-01-10 14:13:29 | 00,053,248 | ---- | C] () – C:\WINDOWS\System32\unrar.dll

[2008-12-25 14:36:05 | 00,182,272 | ---- | C] () – C:\WINDOWS\patchw32.dll

[2008-12-10 16:14:32 | 00,313,584 | ---- | C] () – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat

[2008-12-10 15:38:07 | 00,717,296 | ---- | C] () – C:\WINDOWS\System32\drivers\sptd.sys

[2008-10-22 05:29:06 | 00,173,550 | ---- | C] () – C:\WINDOWS\System32\xlive.dll.cat

[2008-10-03 15:01:51 | 00,000,069 | ---- | C] () – C:\WINDOWS\NeroDigital.ini

[2008-10-03 08:40:37 | 00,000,151 | ---- | C] () – C:\WINDOWS\PhotoSnapViewer.INI

[2008-09-15 15:29:04 | 03,663,208 | ---- | C] () – C:\Program Files\BSINSTALLPL.exe

[2008-09-15 13:55:30 | 00,067,072 | ---- | C] () – C:\Documents and Settings\Dawid\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008-09-15 13:38:05 | 00,000,000 | ---- | C] () – C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt

[2008-09-15 13:35:49 | 00,005,632 | ---- | C] () – C:\WINDOWS\System32\drivers\StarOpen.sys

[2008-09-14 20:19:12 | 00,022,328 | ---- | C] () – C:\WINDOWS\System32\drivers\PnkBstrK.sys

[2008-09-14 20:19:12 | 00,022,328 | ---- | C] () – C:\Documents and Settings\Dawid\Dane aplikacji\PnkBstrK.sys

[2008-09-14 20:18:34 | 00,000,319 | ---- | C] () – C:\WINDOWS\game.ini

[2008-09-14 18:59:58 | 00,081,920 | ---- | C] () – C:\WINDOWS\System32\Install6x.dll

[2008-05-28 12:04:00 | 00,000,061 | ---- | C] () – C:\WINDOWS\smscfg.ini

[2008-05-03 04:46:00 | 01,703,936 | ---- | C] () – C:\WINDOWS\System32\nvwdmcpl.dll

[2008-05-03 04:46:00 | 01,486,848 | ---- | C] () – C:\WINDOWS\System32\nview.dll

[2008-05-03 04:46:00 | 01,019,904 | ---- | C] () – C:\WINDOWS\System32\nvwimg.dll

[2008-05-03 04:46:00 | 00,466,944 | ---- | C] () – C:\WINDOWS\System32\nvshell.dll

[2008-05-03 04:46:00 | 00,286,720 | ---- | C] () – C:\WINDOWS\System32\nvnt4cpl.dll

[2008-04-15 13:00:00 | 00,163,185 | RHS- | C] () – C:\WINDOWS\System32\wqpvjdad.dll

[2008-04-15 13:00:00 | 00,032,768 | ---- | C] () – C:\WINDOWS\System32\hm.dll

[2004-09-30 13:19:56 | 00,000,836 | ---- | C] () – C:\WINDOWS\System32\oeminfo.ini

[2002-05-10 16:30:08 | 00,110,592 | ---- | C] () – C:\WINDOWS\System32\JPEG32.DLL

[2001-09-28 13:44:58 | 00,257,536 | ---- | C] () – C:\WINDOWS\System32\BiImg.dll

========== Custom Scans ==========

< %systemdrive%*.* >

[2009-11-11 18:44:23 | 00,196,626 | ---- | M] () – C:\800_1_a_loading.tga

[2009-11-11 18:44:23 | 00,196,626 | ---- | M] () – C:\800_1_b_loading.tga

[2009-11-11 18:44:23 | 00,196,626 | ---- | M] () – C:\800_1_c_loading.tga

[2009-11-11 18:44:23 | 00,024,594 | ---- | M] () – C:\800_1_d_loading.tga

[2009-11-11 18:44:23 | 00,196,626 | ---- | M] () – C:\800_2_a_loading.tga

[2009-11-11 18:44:23 | 00,196,626 | ---- | M] () – C:\800_2_b_loading.tga

[2009-11-11 18:44:23 | 00,196,626 | ---- | M] () – C:\800_2_c_loading.tga

[2009-11-11 18:44:23 | 00,024,594 | ---- | M] () – C:\800_2_d_loading.tga

[2009-11-11 18:44:23 | 00,067,602 | ---- | M] () – C:\800_3_a_loading.tga

[2009-11-11 18:44:23 | 00,067,602 | ---- | M] () – C:\800_3_b_loading.tga

[2009-11-11 18:44:23 | 00,067,602 | ---- | M] () – C:\800_3_c_loading.tga

[2009-11-11 18:44:23 | 00,008,466 | ---- | M] () – C:\800_3_d_loading.tga

[2008-05-27 17:55:02 | 00,000,000 | ---- | M] () – C:\AUTOEXEC.BAT

[2009-01-08 15:21:39 | 00,000,211 | RHS- | M] () – C:\boot.ini

[2008-04-15 13:00:00 | 00,004,952 | RHS- | M] () – C:\Bootfont.bin

[2008-05-27 17:55:02 | 00,000,000 | ---- | M] () – C:\CONFIG.SYS

[2008-05-27 18:04:23 | 00,000,058 | ---- | M] () – C:\csb.log

[2007-11-07 07:00:40 | 00,017,734 | ---- | M] () – C:\eula.1028.txt

[2007-11-07 07:00:40 | 00,017,734 | ---- | M] () – C:\eula.1031.txt

[2007-11-07 07:00:40 | 00,010,134 | ---- | M] () – C:\eula.1033.txt

[2007-11-07 07:00:40 | 00,017,734 | ---- | M] () – C:\eula.1036.txt

[2007-11-07 07:00:40 | 00,017,734 | ---- | M] () – C:\eula.1040.txt

[2007-11-07 07:00:40 | 00,000,118 | ---- | M] () – C:\eula.1041.txt

[2007-11-07 07:00:40 | 00,017,734 | ---- | M] () – C:\eula.1042.txt

[2007-11-07 07:00:40 | 00,017,734 | ---- | M] () – C:\eula.2052.txt

[2007-11-07 07:00:40 | 00,017,734 | ---- | M] () – C:\eula.3082.txt

[2007-11-07 07:00:40 | 00,001,110 | ---- | M] () – C:\globdata.ini

[2007-11-07 07:03:18 | 00,562,688 | ---- | M] (Microsoft Corporation) – C:\install.exe

[2007-11-07 07:00:40 | 00,000,843 | ---- | M] () – C:\install.ini

[2007-11-07 07:03:18 | 00,076,304 | ---- | M] (Microsoft Corporation) – C:\install.res.1028.dll

[2007-11-07 07:03:18 | 00,096,272 | ---- | M] (Microsoft Corporation) – C:\install.res.1031.dll

[2007-11-07 07:03:18 | 00,091,152 | ---- | M] (Microsoft Corporation) – C:\install.res.1033.dll

[2007-11-07 07:03:18 | 00,097,296 | ---- | M] (Microsoft Corporation) – C:\install.res.1036.dll

[2007-11-07 07:03:18 | 00,095,248 | ---- | M] (Microsoft Corporation) – C:\install.res.1040.dll

[2007-11-07 07:03:18 | 00,081,424 | ---- | M] (Microsoft Corporation) – C:\install.res.1041.dll

[2007-11-07 07:03:18 | 00,079,888 | ---- | M] (Microsoft Corporation) – C:\install.res.1042.dll

[2007-11-07 07:03:18 | 00,075,792 | ---- | M] (Microsoft Corporation) – C:\install.res.2052.dll

[2007-11-07 07:03:18 | 00,096,272 | ---- | M] (Microsoft Corporation) – C:\install.res.3082.dll

[2008-05-27 17:55:02 | 00,000,000 | RHS- | M] () – C:\IO.SYS

[2008-05-27 17:55:02 | 00,000,000 | RHS- | M] () – C:\MSDOS.SYS

[2008-04-15 13:00:00 | 00,047,564 | RHS- | M] () – C:\NTDETECT.COM

[2008-04-15 13:00:00 | 00,251,152 | RHS- | M] () – C:\ntldr

[2010-01-09 16:58:03 | 21,453,86496 | -HS- | M] () – C:\pagefile.sys

[2008-05-27 18:02:48 | 00,000,423 | ---- | M] () – C:\RHDSetup.log

[2010-01-08 15:46:51 | 00,000,268 | -H-- | M] () – C:\sqmdata00.sqm

[2010-01-08 20:00:41 | 00,000,268 | -H-- | M] () – C:\sqmdata01.sqm

[2010-01-08 20:39:16 | 00,000,268 | -H-- | M] () – C:\sqmdata02.sqm

[2010-01-09 04:57:20 | 00,000,268 | -H-- | M] () – C:\sqmdata03.sqm

[2010-01-09 09:06:22 | 00,000,268 | -H-- | M] () – C:\sqmdata04.sqm

[2010-01-09 14:30:37 | 00,000,268 | -H-- | M] () – C:\sqmdata05.sqm

[2010-01-09 16:59:09 | 00,000,268 | -H-- | M] () – C:\sqmdata06.sqm

[2010-01-04 14:28:51 | 00,000,268 | -H-- | M] () – C:\sqmdata07.sqm

[2010-01-04 18:03:46 | 00,000,268 | -H-- | M] () – C:\sqmdata08.sqm

[2010-01-04 20:44:06 | 00,000,268 | -H-- | M] () – C:\sqmdata09.sqm

[2010-01-05 14:22:34 | 00,000,268 | -H-- | M] () – C:\sqmdata10.sqm

[2010-01-05 17:50:33 | 00,000,268 | -H-- | M] () – C:\sqmdata11.sqm

[2010-01-05 19:19:39 | 00,000,268 | -H-- | M] () – C:\sqmdata12.sqm

[2010-01-06 12:33:29 | 00,000,268 | -H-- | M] () – C:\sqmdata13.sqm

[2010-01-06 19:43:55 | 00,000,268 | -H-- | M] () – C:\sqmdata14.sqm

[2010-01-07 09:00:42 | 00,000,268 | -H-- | M] () – C:\sqmdata15.sqm

[2010-01-07 16:47:06 | 00,000,268 | -H-- | M] () – C:\sqmdata16.sqm

[2010-01-07 18:13:56 | 00,000,268 | -H-- | M] () – C:\sqmdata17.sqm

[2010-01-08 08:13:46 | 00,000,268 | -H-- | M] () – C:\sqmdata18.sqm

[2010-01-08 13:41:07 | 00,000,268 | -H-- | M] () – C:\sqmdata19.sqm

[2010-01-08 15:46:51 | 00,000,244 | -H-- | M] () – C:\sqmnoopt00.sqm

[2010-01-08 20:00:41 | 00,000,244 | -H-- | M] () – C:\sqmnoopt01.sqm

[2010-01-08 20:39:16 | 00,000,244 | -H-- | M] () – C:\sqmnoopt02.sqm

[2010-01-09 04:57:20 | 00,000,244 | -H-- | M] () – C:\sqmnoopt03.sqm

[2010-01-09 09:06:22 | 00,000,244 | -H-- | M] () – C:\sqmnoopt04.sqm

[2010-01-09 14:30:37 | 00,000,244 | -H-- | M] () – C:\sqmnoopt05.sqm

[2010-01-09 16:59:09 | 00,000,244 | -H-- | M] () – C:\sqmnoopt06.sqm

[2010-01-04 14:28:51 | 00,000,244 | -H-- | M] () – C:\sqmnoopt07.sqm

[2010-01-04 18:03:45 | 00,000,244 | -H-- | M] () – C:\sqmnoopt08.sqm

[2010-01-04 20:44:06 | 00,000,244 | -H-- | M] () – C:\sqmnoopt09.sqm

[2010-01-05 14:22:34 | 00,000,244 | -H-- | M] () – C:\sqmnoopt10.sqm

[2010-01-05 17:50:33 | 00,000,244 | -H-- | M] () – C:\sqmnoopt11.sqm

[2010-01-05 19:19:38 | 00,000,244 | -H-- | M] () – C:\sqmnoopt12.sqm

[2010-01-06 12:33:29 | 00,000,244 | -H-- | M] () – C:\sqmnoopt13.sqm

[2010-01-06 19:43:54 | 00,000,244 | -H-- | M] () – C:\sqmnoopt14.sqm

[2010-01-07 09:00:42 | 00,000,244 | -H-- | M] () – C:\sqmnoopt15.sqm

[2010-01-07 16:47:06 | 00,000,244 | -H-- | M] () – C:\sqmnoopt16.sqm

[2010-01-07 18:13:56 | 00,000,244 | -H-- | M] () – C:\sqmnoopt17.sqm

[2010-01-08 08:13:46 | 00,000,244 | -H-- | M] () – C:\sqmnoopt18.sqm

[2010-01-08 13:41:07 | 00,000,244 | -H-- | M] () – C:\sqmnoopt19.sqm

[2007-11-07 07:00:40 | 00,005,686 | ---- | M] () – C:\vcredist.bmp

[2007-11-07 07:09:22 | 01,442,522 | ---- | M] () – C:\VC_RED.cab

[2007-11-07 07:12:28 | 00,232,960 | ---- | M] () – C:\VC_RED.MSI

========== Alternate Data Streams ==========

@Alternate Data Stream - 487 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF

< End of report >

#4

OT - kosz.

popraw tytuł tematu, używając przycisku ac7a4cd89050aa6e.gif

#5

Uruchom OTL i w oknie Custom Scans/Fixes wklej to:

Kliknij w Run Fix. Zatwierdź restart komputera.

Następnie uruchom OTL ponownie, tym razem kliknij “Run Scan”.

Pokaż nowy log OTL.txt oraz log z usuwania.

Log wklej na http://wklejto.pl/, a w poście daj tylko link.(czyli skopiuj adres z paska adresów)

jessi