Wirus z facebooka

Wiem że dużo jest 6tego w necie ale dalej nie wiem jak to usunąć. Chodzi o tego wirusa z facebooka, z tym linkiem niby do filmiku. Ogarnęłam to jakoś ale dalej nie działa mi facebook, przeglądarka reaguje tak jakbym źle wpisywała adres. Jak to naprawić?

Przeskanuj progr.Malwarebytes Anti-Malware

http://www.dobreprogramy.pl/Malwarebyte … 13117.html

Przed skanowaniem wykonaj RĘCZNĄ AKTUALIZACJĘ BAZY WIRUSÓW

Pokaż logi z OTL http://oldtimer.geekstogo.com/OTL.exe

Zaznacz-Wszyscy użytkownicy.Wszystkie panele-Użyj filtrowania.Zaznacz-infekcja LOP iPurity http://wstaw.org/m/2010/10/31/OTL.png.

OTL logfile created on: 2011-07-29 15:17:52 - Run 1

OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Roxana\Moje dokumenty\Downloads

Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1023,48 Mb Total Physical Memory | 304,84 Mb Available Physical Memory | 29,78% Memory free

2,40 Gb Paging File | 1,77 Gb Available in Paging File | 73,84% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 58,59 Gb Total Space | 12,68 Gb Free Space | 21,64% Space Free | Partition Type: NTFS

Drive D: | 97,65 Gb Total Space | 88,63 Gb Free Space | 90,76% Space Free | Partition Type: NTFS

Drive J: | 141,83 Gb Total Space | 141,58 Gb Free Space | 99,83% Space Free | Partition Type: NTFS

Computer Name: DOM-B216D9AEDE8 | User Name: Roxana | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-07-29 15:14:54 | 000,579,584 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Roxana\Moje dokumenty\Downloads\OTL (1).exe

PRC - [2011-07-09 06:51:19 | 001,012,792 | ---- | M] (Google Inc.) – C:\Program Files\Google\Chrome\Application\chrome.exe

PRC - [2011-07-06 19:52:38 | 001,047,656 | ---- | M] (Malwarebytes Corporation) – C:\Malwarebytes’ Anti-Malware\mbam.exe

PRC - [2011-07-06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) – C:\Malwarebytes’ Anti-Malware\mbamgui.exe

PRC - [2011-07-06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) – C:\Malwarebytes’ Anti-Malware\mbamservice.exe

PRC - [2011-06-03 10:41:38 | 019,764,728 | ---- | M] (Redefine Sp z o.o.) – C:\Program Files\ipla\ipla.exe

PRC - [2011-03-14 13:24:24 | 001,617,296 | ---- | M] (Bandoo Media Inc.) – C:\Program Files\Bandoo\Bandoo.exe

PRC - [2009-04-23 15:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd) – C:\Program Files\DAEMON Tools Lite\daemon.exe

PRC - [2008-07-03 17:51:58 | 002,150,400 | ---- | M] () – C:\Program Files\Vtune\TBPANEL.exe

PRC - [2008-04-14 22:51:18 | 002,714,112 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\explorer.exe

PRC - [2006-11-29 16:28:54 | 000,262,144 | ---- | M] (SONIX) – C:\WINDOWS\tsnpstd3.exe

PRC - [2006-09-18 14:12:12 | 000,843,776 | ---- | M] () – C:\WINDOWS\vsnpstd3.exe

PRC - [2005-03-18 13:18:56 | 000,397,312 | ---- | M] () – C:\WINDOWS\system32\zshp1020.exe

PRC - [2005-03-18 13:18:56 | 000,098,304 | R— | M] (Hewlett-Packard) – C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe

PRC - [2005-02-21 15:56:00 | 001,826,885 | ---- | M] (Stardock) – C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\ObjectDock.exe

PRC - [2004-09-20 02:27:46 | 000,065,536 | ---- | M] () – C:\Program Files\LClock\LClock.exe

PRC - [2004-02-20 17:22:50 | 000,364,544 | ---- | M] (Common Group) – C:\Program Files\MUSTEK 1248UB\Driver\WATCH.exe

PRC - [2002-09-29 15:41:00 | 000,090,112 | ---- | M] (Y’z@Home) – C:\WINDOWS\Packs\Crystal XP\YzToolbar\YzToolBar.exe

========== Modules (SafeList) ==========

MOD - [2011-07-29 15:14:54 | 000,579,584 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Roxana\Moje dokumenty\Downloads\OTL (1).exe

MOD - [2010-08-23 18:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

MOD - [2006-05-03 23:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\framedyn.dll

MOD - [2005-01-11 14:31:00 | 000,020,480 | ---- | M] () – C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\DockShellHook.dll

MOD - [2002-09-29 15:41:00 | 000,057,344 | ---- | M] () – C:\WINDOWS\Packs\Crystal XP\YzToolbar\YzToolBar.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] – -- (srviecheck)

SRV - File not found [unknown | Stopped] – -- (NAV)

SRV - File not found [Auto | Stopped] – -- (NanoServiceMain)

SRV - File not found [Auto | Stopped] – -- (AntiVirService)

SRV - File not found [Auto | Stopped] – -- (AntiVirSchedulerService)

SRV - [2011-07-06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] – C:\Malwarebytes’ Anti-Malware\mbamservice.exe – (MBAMService)

SRV - [2011-03-14 13:24:24 | 001,617,296 | ---- | M] (Bandoo Media Inc.) [Auto | Running] – C:\Program Files\Bandoo\Bandoo.exe – (Bandoo Coordinator)

SRV - [2009-02-19 18:28:28 | 000,069,120 | ---- | M] (BOONTY) [On_Demand | Stopped] – C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe – (Boonty Games)

========== Driver Services (SafeList) ==========

DRV - [2011-07-26 22:49:17 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\SYMEVENT.SYS – (SymEvent)

DRV - [2011-07-06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] – C:\WINDOWS\system32\drivers\mbam.sys – (MBAMProtector)

DRV - [2011-07-05 12:12:43 | 000,143,752 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] – C:\WINDOWS\system32\drivers\PSINAflt.sys – (PSINAflt)

DRV - [2011-06-17 12:37:08 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\avipbb.sys – (avipbb)

DRV - [2011-06-17 12:37:08 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] – C:\WINDOWS\system32\drivers\avgntflt.sys – (avgntflt)

DRV - [2011-04-28 13:57:57 | 000,112,456 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] – C:\WINDOWS\system32\drivers\PSINProt.sys – (PSINProt)

DRV - [2011-04-28 13:57:38 | 000,129,992 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\PSINKNC.sys – (PSINKNC)

DRV - [2011-04-28 13:57:38 | 000,111,688 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] – C:\WINDOWS\system32\drivers\PSINProc.sys – (PSINProc)

DRV - [2011-04-28 13:57:38 | 000,097,096 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] – C:\WINDOWS\system32\drivers\PSINFile.sys – (PSINFile)

DRV - [2011-03-31 05:00:09 | 000,516,216 | R— | M] (Symantec Corporation) [File_System | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\NAV\1206000.01D\SRTSP.SYS – (SRTSP)

DRV - [2011-03-31 05:00:09 | 000,050,168 | R— | M] (Symantec Corporation) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\NAV\1206000.01D\SRTSPX.SYS – (SRTSPX) Symantec Real Time Storage Protection (PEL)

DRV - [2011-03-22 02:39:49 | 000,369,784 | R— | M] (Symantec Corporation) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\NAV\1206000.01D\SYMTDI.SYS – (SYMTDI)

DRV - [2011-03-15 04:31:23 | 000,744,568 | R— | M] (Symantec Corporation) [File_System | Boot | Running] – C:\WINDOWS\system32\drivers\NAV\1206000.01D\SYMEFA.SYS – (SymEFA)

DRV - [2011-01-27 08:47:10 | 000,340,088 | R— | M] (Symantec Corporation) [Kernel | Boot | Running] – C:\WINDOWS\system32\drivers\NAV\1206000.01D\SYMDS.SYS – (SymDS)

DRV - [2011-01-27 07:07:05 | 000,136,312 | R— | M] (Symantec Corporation) [Kernel | System | Stopped] – C:\WINDOWS\system32\drivers\NAV\1206000.01D\Ironx86.SYS – (SymIRON)

DRV - [2010-06-17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\ssmdrv.sys – (ssmdrv)

DRV - [2009-07-12 22:16:36 | 000,005,632 | ---- | M] () [File_System | System | Running] – C:\WINDOWS\System32\drivers\StarOpen.sys – (StarOpen)

DRV - [2009-05-23 14:59:42 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\sptd.sys – (sptd)

DRV - [2009-03-03 17:55:36 | 000,016,608 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] – C:\WINDOWS\gdrv.sys – (gdrv)

DRV - [2008-04-14 00:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\nmnt.sys – (nm)

DRV - [2008-02-14 11:04:06 | 004,676,096 | R— | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\RtkHDAud.sys – (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2008-01-14 12:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\ManyCam.sys – (ManyCam)

DRV - [2008-01-03 16:10:16 | 000,105,856 | R— | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\Rtenicxp.sys – (RTLE8023xp)

DRV - [2007-05-02 12:12:36 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\ssm_mdm.sys – (ssm_mdm)

DRV - [2007-05-02 12:12:36 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\ssm_mdfl.sys – (ssm_mdfl)

DRV - [2007-05-02 12:12:34 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\ssm_bus.sys – (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM)

DRV - [2007-05-02 12:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\ss_mdm.sys – (ss_mdm)

DRV - [2007-05-02 12:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\ss_mdfl.sys – (ss_mdfl)

DRV - [2007-05-02 12:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\ss_bus.sys – (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)

DRV - [2007-03-21 15:44:12 | 010,198,144 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\snpstd3.sys – (SNPSTD3) USB PC Camera (SNPSTD3)

DRV - [2007-03-16 11:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] – C:\WINDOWS\System32\drivers\TBPanel.sys – (TBPanel)

DRV - [2007-03-16 11:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\TBPanel.sys – (Cardex)

DRV - [2003-02-19 02:38:04 | 000,017,504 | ---- | M] ( ) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\gt680x.sys – (GT680x)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchqu.com/sidebar.html?src=ssb&sysid=101

IE - HKU.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

IE - HKU\S-1-5-21-842925246-1078145449-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

IE - HKU\S-1-5-21-842925246-1078145449-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.searchqu.com/sidebar.html?src=ssb&sysid=101

IE - HKU\S-1-5-21-842925246-1078145449-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.searchqu.com/web?src=ieb&q={searchTerms}

IE - HKU\S-1-5-21-842925246-1078145449-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

IE - HKU\S-1-5-21-842925246-1078145449-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKU\S-1-5-21-842925246-1078145449-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchqu.com/sidebar.html?src=ssb&sysid=101

IE - HKU\S-1-5-21-842925246-1078145449-725345543-1003…\URLSearchHook: {b6e58c46-0d70-4e2b-ab06-1311ea3de818} - C:\Program Files\ZenOK_Security\prxtbZenO.dll (Conduit Ltd.)

IE - HKU\S-1-5-21-842925246-1078145449-725345543-1003…\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

IE - HKU\S-1-5-21-842925246-1078145449-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

========== FireFox ==========

FF - prefs.js…browser.search.defaultenginename: “Web Search”

FF - prefs.js…browser.search.defaultthis.engineName: “ZenOK Security Customized Web Search”

FF - prefs.js…browser.search.defaulturl: “http://search.conduit.com/ResultsExt.aspx?ctid=CT2934132&SearchSource=3&q={searchTerms}

FF - prefs.js…browser.search.order.1: “Web Search”

FF - prefs.js…browser.search.selectedEngine: “ZenOK Security Customized Web Search”

FF - prefs.js…browser.startup.homepage: “http://search.conduit.com/?ctid=CT2934132&SearchSource=13

FF - prefs.js…extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3

FF - prefs.js…extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js…extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js…extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0

FF - prefs.js…extensions.enabledItems: firefox@bandoo.com:5.1

FF - prefs.js…extensions.enabledItems: {99079a25-328f-4bd4-be04-00955acaa0a7}:4.1.0.01

FF - prefs.js…extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25

FF - prefs.js…extensions.enabledItems: engine@conduit.com:3.3.3.2

FF - prefs.js…extensions.enabledItems: {b6e58c46-0d70-4e2b-ab06-1311ea3de818}:3.3.3.2

FF - prefs.js…keyword.URL: “http://www.searchqu.com/web?src=ffb&systemid=101&q=

FF - prefs.js…network.proxy.type: 2

FF - HKLM\Software\MozillaPlugins@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins@real.com/nppl3260;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Dane aplikacji\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.6.0.29\IPSFFPlgn\

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\Components: C:\Program Files\Mozilla Firefox\components [2011-03-26 16:04:19 | 000,000,000 | —D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-03-26 16:04:19 | 000,000,000 | —D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\firefox@bandoo.com: C:\Documents and Settings\Roxana\Dane aplikacji\Mozilla\Firefox\Profiles/1rsdgi5t.default\extensions\firefox@bandoo.com [2011-04-07 16:49:31 | 000,000,000 | —D | M]

[2011-04-07 16:49:58 | 000,000,000 | —D | M] (No name found) – C:\Documents and Settings\Roxana\Dane aplikacji\Mozilla\Extensions

[2011-07-26 23:03:31 | 000,000,000 | —D | M] (No name found) – C:\Documents and Settings\Roxana\Dane aplikacji\Mozilla\Firefox\Profiles\1rsdgi5t.default\extensions

[2011-04-07 16:49:55 | 000,000,000 | —D | M] (Searchqu Toolbar) – C:\Documents and Settings\Roxana\Dane aplikacji\Mozilla\Firefox\Profiles\1rsdgi5t.default\extensions{99079a25-328f-4bd4-be04-00955acaa0a7}

[2011-07-26 18:57:29 | 000,000,000 | —D | M] (ZenOK Security Community Toolbar) – C:\Documents and Settings\Roxana\Dane aplikacji\Mozilla\Firefox\Profiles\1rsdgi5t.default\extensions{b6e58c46-0d70-4e2b-ab06-1311ea3de818}

[2010-04-30 19:48:11 | 000,000,000 | —D | M] (DownloadHelper) – C:\Documents and Settings\Roxana\Dane aplikacji\Mozilla\Firefox\Profiles\1rsdgi5t.default\extensions{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2011-07-26 18:57:29 | 000,000,000 | —D | M] (Conduit Engine) – C:\Documents and Settings\Roxana\Dane aplikacji\Mozilla\Firefox\Profiles\1rsdgi5t.default\extensions\engine@conduit.com

[2011-04-07 16:49:31 | 000,000,000 | —D | M] (Bandoo for Firefox) – C:\Documents and Settings\Roxana\Dane aplikacji\Mozilla\Firefox\Profiles\1rsdgi5t.default\extensions\firefox@bandoo.com

[2011-03-17 09:57:10 | 000,000,931 | ---- | M] () – C:\Documents and Settings\Roxana\Dane aplikacji\Mozilla\Firefox\Profiles\1rsdgi5t.default\searchplugins\conduit.xml

[2010-09-02 10:09:41 | 000,005,529 | ---- | M] () – C:\Documents and Settings\Roxana\Dane aplikacji\Mozilla\Firefox\Profiles\1rsdgi5t.default\searchplugins\SearchquWebSearch.xml

[2011-07-26 23:03:31 | 000,000,000 | —D | M] (No name found) – C:\Program Files\Mozilla Firefox\extensions

[2010-08-05 22:49:11 | 000,000,000 | —D | M] (Java Console) – C:\Program Files\Mozilla Firefox\extensions{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2011-05-08 12:54:32 | 000,000,000 | —D | M] (Java Console) – C:\Program Files\Mozilla Firefox\extensions{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

[2010-08-05 22:48:56 | 000,000,000 | —D | M] (Java Quick Starter) – C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2011-04-07 16:49:58 | 000,000,000 | —D | M] (DataMngr) – C:\PROGRAM FILES\WINDOWS SEARCHQU TOOLBAR\DATAMNGR\FIREFOXEXTENSION

[2010-05-18 14:39:58 | 000,873,976 | ---- | M] (Ganymede Technologies) – C:\Program Files\mozilla firefox\plugins\NPCARDS.dll

[2011-04-14 05:08:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) – C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2011-02-17 22:02:04 | 000,002,767 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml

[2011-02-17 22:02:04 | 000,001,406 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml

[2011-02-17 22:02:04 | 000,000,917 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml

[2011-02-17 22:02:04 | 000,000,858 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml

[2010-09-02 10:09:41 | 000,005,529 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\SearchquWebSearch.xml

[2011-02-17 22:02:04 | 000,001,183 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml

[2011-02-17 22:02:04 | 000,001,683 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2011-07-26 21:21:00 | 000,203,160 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 vkontakte.ru

O1 - Hosts: 127.0.0.1 www.vkontakte.ru

O1 - Hosts: 127.0.0.1 login.vk.com

O1 - Hosts: 127.0.0.1 vk.com

O1 - Hosts: 127.0.0.1 www.vk.com

O1 - Hosts: 127.0.0.1 odnoklassniki.ru

O1 - Hosts: 127.0.0.1 www.odnoklassniki.ru

O1 - Hosts: 127.0.0.1 facebook.com

O1 - Hosts: 127.0.0.1 www.facebook.com

O1 - Hosts: 127.0.0.1 af-za.facebook.com

O1 - Hosts: 127.0.0.1 az-az.facebook.com

O1 - Hosts: 127.0.0.1 id-id.facebook.com

O1 - Hosts: 127.0.0.1 ms-my.facebook.com

O1 - Hosts: 127.0.0.1 bs-ba.facebook.com

O1 - Hosts: 127.0.0.1 ca-es.facebook.com

O1 - Hosts: 127.0.0.1 cs-cz.facebook.com

O1 - Hosts: 127.0.0.1 cy-gb.facebook.com

O1 - Hosts: 127.0.0.1 da-dk.facebook.com

O1 - Hosts: 127.0.0.1 de-de.facebook.com

O1 - Hosts: 127.0.0.1 et-ee.facebook.com

O1 - Hosts: 127.0.0.1 en-gb.facebook.com

O1 - Hosts: 127.0.0.1 es-la.facebook.com

O1 - Hosts: 127.0.0.1 eo-eo.facebook.com

O1 - Hosts: 127.0.0.1 eu-es.facebook.com

O1 - Hosts: 50060 more lines…

O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)

O2 - BHO: (no name) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - No CLSID value found.

O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\ToolBar\searchqudtx.dll ()

O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\IEBHO.dll (Discordia, LTD)

O2 - BHO: (ZenOK Security Toolbar) - {b6e58c46-0d70-4e2b-ab06-1311ea3de818} - C:\Program Files\ZenOK_Security\prxtbZenO.dll (Conduit Ltd.)

O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll (Bandoo Media Inc.)

O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found.

O3 - HKLM…\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)

O3 - HKLM…\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKLM…\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\ToolBar\searchqudtx.dll ()

O3 - HKLM…\Toolbar: (ZenOK Security Toolbar) - {b6e58c46-0d70-4e2b-ab06-1311ea3de818} - C:\Program Files\ZenOK_Security\prxtbZenO.dll (Conduit Ltd.)

O3 - HKLM…\Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.

O3 - HKLM…\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O3 - HKLM…\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKU\S-1-5-21-842925246-1078145449-725345543-1003…\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKU\S-1-5-21-842925246-1078145449-725345543-1003…\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O4 - HKLM…\Run: [DATAMNGR] C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe (Discordia, LTD)

O4 - HKLM…\Run: [LClock] C:\Program Files\LClock\LClock.exe ()

O4 - HKLM…\Run: [Malwarebytes’ Anti-Malware] C:\Malwarebytes’ Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM…\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM…\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM…\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()

O4 - HKLM…\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe (Hewlett-Packard)

O4 - HKLM…\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()

O4 - HKLM…\Run: [tray_ico] File not found

O4 - HKLM…\Run: [tray_ico4] File not found

O4 - HKLM…\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe (SONIX)

O4 - HKU\S-1-5-21-842925246-1078145449-725345543-1003…\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)

O4 - HKU\S-1-5-21-842925246-1078145449-725345543-1003…\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)

O4 - HKU\S-1-5-21-842925246-1078145449-725345543-1003…\Run: [iPLA!] C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.)

O4 - HKU\S-1-5-21-842925246-1078145449-725345543-1003…\Run: [TBPanel] C:\Program Files\Vtune\TBPanel.exe ()

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Watch.lnk = C:\Program Files\MUSTEK 1248UB\Driver\WATCH.exe (Common Group)

O4 - Startup: C:\Documents and Settings\Roxana\Menu Start\Programy\Autostart\Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\ObjectDock.exe (Stardock)

O4 - Startup: C:\Documents and Settings\Roxana\Menu Start\Programy\Autostart\Y’z Toolbar.lnk = C:\WINDOWS\Packs\Crystal XP\YzToolbar\YzToolBar.exe (Y’z@Home)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0

O7 - HKU.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-842925246-1078145449-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_25)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl … rashim.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_25)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_25)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - AppInit_DLLs: (c:\progra~1\window~4\datamngr\datamngr.dll) - c:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngr.dll (Discordia, LTD)

O20 - AppInit_DLLs: (c:\progra~1\window~4\datamngr\iebho.dll) - c:\Program Files\Windows Searchqu Toolbar\Datamngr\IEBHO.dll (Discordia, LTD)

O20 - AppInit_DLLs: (c:\progra~1\bandoo\bndhook.dll) - c:\Program Files\Bandoo\BndHook.dll (Discordia Limited)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UIHost - (vistaui.exe) - C:\WINDOWS\System32\vistaui.exe ()

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Roxana\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Roxana\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp

O31 - SafeBoot: AlternateShell - services32.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-02-13 16:36:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT – [NTFS]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM…comfile [open] – “%1” %*

O35 - HKLM…exefile [open] – “%1” %*

O37 - HKLM…com [@ = comfile] – “%1” %*

O37 - HKLM…exe [@ = exefile] – “%1” %*

========== Files/Folders - Created Within 30 Days ==========

[2011-07-29 14:38:57 | 000,000,000 | —D | C] – C:_OTL

[2011-07-29 10:56:48 | 000,000,000 | —D | C] – C:\Documents and Settings\Roxana\Pulpit\Nowy folder

[2011-07-28 14:39:03 | 000,000,000 | —D | C] – C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\ZenOK_Security

[2011-07-27 13:19:06 | 000,000,000 | —D | C] – C:\Program Files\Lavalys

[2011-07-27 13:19:06 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Menu Start\Programy\Lavalys

[2011-07-26 23:33:01 | 000,000,000 | —D | C] – C:\Documents and Settings\Roxana\Dane aplikacji\Malwarebytes

[2011-07-26 23:32:55 | 000,041,272 | ---- | C] (Malwarebytes Corporation) – C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2011-07-26 23:32:55 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes’ Anti-Malware

[2011-07-26 23:32:55 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes

[2011-07-26 23:32:51 | 000,022,712 | ---- | C] (Malwarebytes Corporation) – C:\WINDOWS\System32\drivers\mbam.sys

[2011-07-26 23:32:51 | 000,000,000 | —D | C] – C:\Malwarebytes’ Anti-Malware

[2011-07-26 22:52:18 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.tray-10-0-lnk

[2011-07-26 22:52:18 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.tray-10-0

[2011-07-26 22:49:17 | 000,126,584 | ---- | C] (Symantec Corporation) – C:\WINDOWS\System32\drivers\SYMEVENT.SYS

[2011-07-26 22:49:17 | 000,060,872 | ---- | C] (Symantec Corporation) – C:\WINDOWS\System32\S32EVNT1.DLL

[2011-07-26 22:49:17 | 000,000,000 | —D | C] – C:\Program Files\Common Files\Symantec Shared

[2011-07-26 22:49:17 | 000,000,000 | —D | C] – C:\Program Files\Symantec

[2011-07-26 22:49:08 | 000,744,568 | R— | C] (Symantec Corporation) – C:\WINDOWS\System32\drivers\NAV\1206000.01D\SymEFA.sys

[2011-07-26 22:49:08 | 000,516,216 | R— | C] (Symantec Corporation) – C:\WINDOWS\System32\drivers\NAV\1206000.01D\srtsp.sys

[2011-07-26 22:49:08 | 000,369,784 | R— | C] (Symantec Corporation) – C:\WINDOWS\System32\drivers\NAV\1206000.01D\symtdi.sys

[2011-07-26 22:49:08 | 000,340,088 | R— | C] (Symantec Corporation) – C:\WINDOWS\System32\drivers\NAV\1206000.01D\SymDS.sys

[2011-07-26 22:49:08 | 000,331,384 | R— | C] (Symantec Corporation) – C:\WINDOWS\System32\drivers\NAV\1206000.01D\symtdiv.sys

[2011-07-26 22:49:08 | 000,296,568 | R— | C] (Symantec Corporation) – C:\WINDOWS\System32\drivers\NAV\1206000.01D\symnets.sys

[2011-07-26 22:49:08 | 000,136,312 | R— | C] (Symantec Corporation) – C:\WINDOWS\System32\drivers\NAV\1206000.01D\Ironx86.sys

[2011-07-26 22:49:08 | 000,050,168 | R— | C] (Symantec Corporation) – C:\WINDOWS\System32\drivers\NAV\1206000.01D\srtspx.sys

[2011-07-26 22:48:49 | 000,000,000 | —D | C] – C:\WINDOWS\System32\drivers\NAV

[2011-07-26 22:48:49 | 000,000,000 | —D | C] – C:\WINDOWS\System32\drivers\NAV\1206000.01D

[2011-07-26 22:48:47 | 000,000,000 | —D | C] – C:\Program Files\Windows Sidebar

[2011-07-26 22:48:47 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Menu Start\Programy\Norton AntiVirus

[2011-07-26 22:38:36 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.tray-13-0-lnk

[2011-07-26 22:38:36 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.tray-13-0

[2011-07-26 22:36:10 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Menu Start\Programy\Panda Cloud Antivirus

[2011-07-26 22:35:46 | 000,000,000 | —D | C] – C:\temp

[2011-07-26 22:24:49 | 000,000,000 | —D | C] – C:\WINDOWS\av_ico

[2011-07-26 22:23:22 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.1

[2011-07-26 22:23:14 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.tray-7-0-lnk

[2011-07-26 22:23:14 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.tray-7-0

[2011-07-26 22:20:50 | 000,309,848 | ---- | C] (AVAST Software) – C:\WINDOWS\System32\drivers\aswSP.sys

[2011-07-26 22:20:50 | 000,019,544 | ---- | C] (AVAST Software) – C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2011-07-26 22:20:50 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Menu Start\Programy\avast! Free Antivirus

[2011-07-26 22:20:48 | 000,441,176 | ---- | C] (AVAST Software) – C:\WINDOWS\System32\drivers\aswSnx.sys

[2011-07-26 22:20:48 | 000,102,616 | ---- | C] (AVAST Software) – C:\WINDOWS\System32\drivers\aswmon2.sys

[2011-07-26 22:20:48 | 000,096,344 | ---- | C] (AVAST Software) – C:\WINDOWS\System32\drivers\aswmon.sys

[2011-07-26 22:20:48 | 000,043,608 | ---- | C] (AVAST Software) – C:\WINDOWS\System32\drivers\aswTdi.sys

[2011-07-26 22:20:48 | 000,025,432 | ---- | C] (AVAST Software) – C:\WINDOWS\System32\drivers\aswRdr.sys

[2011-07-26 22:20:47 | 000,030,808 | ---- | C] (AVAST Software) – C:\WINDOWS\System32\drivers\aavmker4.sys

[2011-07-26 22:20:33 | 000,199,304 | ---- | C] (AVAST Software) – C:\WINDOWS\System32\aswBoot.exe

[2011-07-26 22:01:07 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.5.0

[2011-07-26 21:59:12 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.2

[2011-07-26 20:33:24 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.tray-8-0-lnk

[2011-07-26 20:33:24 | 000,000,000 | -H-D | C] – C:\WINDOWS\update.tray-8-0

[2011-07-26 20:30:43 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Menu Start\Programy\Avira

[2011-07-26 20:30:33 | 000,028,520 | ---- | C] (Avira GmbH) – C:\WINDOWS\System32\drivers\ssmdrv.sys

[2011-07-26 20:30:32 | 000,137,656 | ---- | C] (Avira GmbH) – C:\WINDOWS\System32\drivers\avipbb.sys

[2011-07-26 20:30:31 | 000,061,960 | ---- | C] (Avira GmbH) – C:\WINDOWS\System32\drivers\avgntflt.sys

[2011-07-26 20:30:31 | 000,045,416 | ---- | C] (Avira GmbH) – C:\WINDOWS\System32\drivers\avgntdd.sys

[2011-07-26 20:30:31 | 000,022,360 | ---- | C] (Avira GmbH) – C:\WINDOWS\System32\drivers\avgntmgr.sys

[2011-07-26 18:57:45 | 000,000,000 | —D | C] – C:\Program Files\Conduit

[2011-07-26 18:57:44 | 000,000,000 | —D | C] – C:\Documents and Settings\Roxana\Ustawienia lokalne\Dane aplikacji\ZenOK_Security

[2011-07-26 18:57:32 | 000,000,000 | —D | C] – C:\Program Files\ConduitEngine

[2011-07-26 18:57:32 | 000,000,000 | —D | C] – C:\Documents and Settings\Roxana\Ustawienia lokalne\Dane aplikacji\ConduitEngine

[2011-07-26 18:57:31 | 000,000,000 | —D | C] – C:\Program Files\ZenOK_Security

[2011-07-26 18:57:31 | 000,000,000 | —D | C] – C:\Documents and Settings\Roxana\Ustawienia lokalne\Dane aplikacji\Conduit

[2011-07-26 18:57:28 | 000,000,000 | —D | C] – C:\Program Files\ZenOKToolbar

[2011-07-26 18:57:18 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\Zen Data Safe

[2011-07-22 19:26:54 | 000,000,000 | —D | C] – C:\Documents and Settings\Roxana\Dane aplikacji\ManyCam

[2011-07-05 12:12:43 | 000,143,752 | ---- | C] (Panda Security, S.L.) – C:\WINDOWS\System32\drivers\PSINAflt.sys

[2011-04-07 16:40:58 | 000,172,032 | ---- | C] ( ) – C:\WINDOWS\System32\rsnpstd3.dll

[2011-04-07 16:40:58 | 000,061,440 | ---- | C] ( ) – C:\WINDOWS\System32\vsnpstd3.dll

[2011-04-07 16:40:58 | 000,053,248 | ---- | C] ( ) – C:\WINDOWS\System32\csnpstd3.dll

[2011-04-07 16:40:58 | 000,053,248 | ---- | C] ( ) – C:\WINDOWS\csnpstd3.dll

[2009-08-15 20:40:07 | 000,017,504 | ---- | C] ( ) – C:\WINDOWS\System32\drivers\gt680x.sys

========== Files - Modified Within 30 Days ==========

[2011-07-29 15:02:00 | 000,001,036 | ---- | M] () – C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2011-07-29 14:42:23 | 000,186,500 | ---- | M] () – C:\WINDOWS\System32\nvapps.xml

[2011-07-29 14:42:23 | 000,001,032 | ---- | M] () – C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2011-07-29 14:42:18 | 000,002,048 | --S- | M] () – C:\WINDOWS\bootstat.dat

[2011-07-29 10:57:55 | 000,043,330 | ---- | M] () – C:\Documents and Settings\Roxana\Pulpit\62255012_500_s.jpg

[2011-07-29 10:55:13 | 000,040,325 | ---- | M] () – C:\Documents and Settings\Roxana\Pulpit\72641635_500_s.jpg

[2011-07-29 10:54:47 | 000,071,455 | ---- | M] () – C:\Documents and Settings\Roxana\Pulpit\71465475_500_s.jpg

[2011-07-28 15:37:14 | 000,021,504 | -H-- | M] () – C:\Documents and Settings\Roxana\Moje dokumenty\photothumb.db

[2011-07-28 15:36:39 | 000,204,288 | ---- | M] () – C:\Documents and Settings\Roxana\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011-07-28 15:36:09 | 000,920,995 | ---- | M] () – C:\Documents and Settings\Roxana\Moje dokumenty\20110727032.jpg

[2011-07-28 15:36:09 | 000,846,498 | ---- | M] () – C:\Documents and Settings\Roxana\Moje dokumenty\20110727033.jpg

[2011-07-28 14:39:01 | 000,000,284 | ---- | M] () – C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2011-07-28 14:37:25 | 000,062,610 | ---- | M] () – C:\Documents and Settings\Roxana\Pulpit\100_0718.JPG

[2011-07-27 22:42:43 | 000,046,831 | ---- | M] () – C:\Documents and Settings\Roxana\Pulpit\Zdjęcie0111.jpg

[2011-07-27 22:32:37 | 000,064,991 | ---- | M] () – C:\Documents and Settings\Roxana\Pulpit\DSC00533.JPG

[2011-07-27 20:35:47 | 000,001,324 | ---- | M] () – C:\WINDOWS\System32\d3d9caps.dat

[2011-07-27 17:40:43 | 000,000,069 | ---- | M] () – C:\WINDOWS\NeroDigital.ini

[2011-07-27 14:35:07 | 000,015,019 | ---- | M] () – C:\Documents and Settings\Roxana\Pulpit\Dokument.rtf

[2011-07-27 13:19:07 | 000,000,767 | ---- | M] () – C:\Documents and Settings\Roxana\Pulpit\EVEREST Home Edition.lnk

[2011-07-27 11:11:27 | 000,000,330 | ---- | M] () – C:\Documents and Settings\Roxana\Moje dokumenty\cc_20110727_1109jgnfhuhfgfdsfghh.reg

[2011-07-27 11:08:10 | 000,000,206 | ---- | M] () – C:\Documents and Settings\Roxana\Moje dokumenty\cc_20110727_1108.reg

[2011-07-27 11:07:50 | 000,000,206 | ---- | M] () – C:\Documents and Settings\Roxana\Moje dokumenty\cc_20110727_1107hfg.reg

[2011-07-27 11:07:35 | 000,000,206 | ---- | M] () – C:\Documents and Settings\Roxana\Moje dokumenty\cc_20110727_1107.reg

[2011-07-27 11:06:55 | 000,038,702 | ---- | M] () – C:\Documents and Settings\Roxana\Moje dokumenty\cc_20110727_1106.reg

[2011-07-26 23:32:55 | 000,000,624 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\Malwarebytes’ Anti-Malware.lnk

[2011-07-26 22:54:12 | 000,001,698 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk

[2011-07-26 22:52:38 | 000,000,215 | ---- | M] () – C:\boot.ini

[2011-07-26 22:49:27 | 000,655,068 | ---- | M] () – C:\WINDOWS\System32\drivers\NAV\1206000.01D\Cat.DB

[2011-07-26 22:49:17 | 000,126,584 | ---- | M] (Symantec Corporation) – C:\WINDOWS\System32\drivers\SYMEVENT.SYS

[2011-07-26 22:49:17 | 000,060,872 | ---- | M] (Symantec Corporation) – C:\WINDOWS\System32\S32EVNT1.DLL

[2011-07-26 22:49:17 | 000,007,468 | ---- | M] () – C:\WINDOWS\System32\drivers\SYMEVENT.CAT

[2011-07-26 22:49:17 | 000,000,806 | ---- | M] () – C:\WINDOWS\System32\drivers\SYMEVENT.INF

[2011-07-26 22:36:18 | 000,000,264 | ---- | M] () – C:\WINDOWS\System32\PSUNCpl.dat

[2011-07-26 22:20:48 | 000,002,644 | ---- | M] () – C:\WINDOWS\System32\CONFIG.NT

[2011-07-26 22:13:43 | 000,125,320 | ---- | M] () – C:\WINDOWS\System32\FNTCACHE.DAT

[2011-07-26 22:11:37 | 000,000,157 | ---- | M] () – C:\WINDOWS\info1

[2011-07-26 22:00:16 | 000,000,000 | ---- | M] () – C:\WINDOWS\loader2.exe_ok

[2011-07-26 21:11:23 | 000,088,565 | ---- | M] () – C:\Documents and Settings\Roxana\Pulpit\bez tytułu.JPG

[2011-07-26 21:10:04 | 002,506,806 | ---- | M] () – C:\Documents and Settings\Roxana\Pulpit\bez tytułu.bmp

[2011-07-26 18:36:30 | 000,008,784 | ---- | M] () – C:\Documents and Settings\Roxana\Moje dokumenty\cc_20110726_1836.reg

[2011-07-25 11:15:25 | 000,002,206 | ---- | M] () – C:\WINDOWS\System32\wpa.dbl

[2011-07-22 20:41:21 | 000,046,080 | -H-- | M] () – C:\Documents and Settings\Roxana\Pulpit\photothumb.db

[2011-07-10 18:27:32 | 000,321,876 | ---- | M] () – C:\Documents and Settings\Roxana\Pulpit\wykaz.rtf

[2011-07-06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) – C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2011-07-06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) – C:\WINDOWS\System32\drivers\mbam.sys

[2011-07-05 12:12:43 | 000,143,752 | ---- | M] (Panda Security, S.L.) – C:\WINDOWS\System32\drivers\PSINAflt.sys

[2011-07-04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) – C:\WINDOWS\avastSS.scr

[2011-07-04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) – C:\WINDOWS\System32\aswBoot.exe

[2011-07-04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) – C:\WINDOWS\System32\drivers\aswSnx.sys

[2011-07-04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) – C:\WINDOWS\System32\drivers\aswSP.sys

[2011-07-04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) – C:\WINDOWS\System32\drivers\aswTdi.sys

[2011-07-04 13:35:12 | 000,102,616 | ---- | M] (AVAST Software) – C:\WINDOWS\System32\drivers\aswmon2.sys

[2011-07-04 13:35:09 | 000,096,344 | ---- | M] (AVAST Software) – C:\WINDOWS\System32\drivers\aswmon.sys

[2011-07-04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) – C:\WINDOWS\System32\drivers\aswRdr.sys

[2011-07-04 13:32:13 | 000,030,808 | ---- | M] (AVAST Software) – C:\WINDOWS\System32\drivers\aavmker4.sys

[2011-07-04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) – C:\WINDOWS\System32\drivers\aswFsBlk.sys

========== Files Created - No Company Name ==========

[2011-07-29 10:57:57 | 000,043,330 | ---- | C] () – C:\Documents and Settings\Roxana\Pulpit\62255012_500_s.jpg

[2011-07-29 10:55:15 | 000,040,325 | ---- | C] () – C:\Documents and Settings\Roxana\Pulpit\72641635_500_s.jpg

[2011-07-29 10:54:49 | 000,071,455 | ---- | C] () – C:\Documents and Settings\Roxana\Pulpit\71465475_500_s.jpg

[2011-07-28 15:36:05 | 000,846,498 | ---- | C] () – C:\Documents and Settings\Roxana\Moje dokumenty\20110727033.jpg

[2011-07-28 15:36:04 | 000,920,995 | ---- | C] () – C:\Documents and Settings\Roxana\Moje dokumenty\20110727032.jpg

[2011-07-28 14:37:25 | 000,062,610 | ---- | C] () – C:\Documents and Settings\Roxana\Pulpit\100_0718.JPG

[2011-07-27 22:40:23 | 000,046,831 | ---- | C] () – C:\Documents and Settings\Roxana\Pulpit\Zdjęcie0111.jpg

[2011-07-27 22:32:37 | 000,064,991 | ---- | C] () – C:\Documents and Settings\Roxana\Pulpit\DSC00533.JPG

[2011-07-27 14:35:07 | 000,015,019 | ---- | C] () – C:\Documents and Settings\Roxana\Pulpit\Dokument.rtf

[2011-07-27 13:19:07 | 000,000,767 | ---- | C] () – C:\Documents and Settings\Roxana\Pulpit\EVEREST Home Edition.lnk

[2011-07-27 11:10:05 | 000,000,330 | ---- | C] () – C:\Documents and Settings\Roxana\Moje dokumenty\cc_20110727_1109jgnfhuhfgfdsfghh.reg

[2011-07-27 11:08:09 | 000,000,206 | ---- | C] () – C:\Documents and Settings\Roxana\Moje dokumenty\cc_20110727_1108.reg

[2011-07-27 11:07:49 | 000,000,206 | ---- | C] () – C:\Documents and Settings\Roxana\Moje dokumenty\cc_20110727_1107hfg.reg

[2011-07-27 11:07:04 | 000,000,206 | ---- | C] () – C:\Documents and Settings\Roxana\Moje dokumenty\cc_20110727_1107.reg

[2011-07-27 11:06:52 | 000,038,702 | ---- | C] () – C:\Documents and Settings\Roxana\Moje dokumenty\cc_20110727_1106.reg

[2011-07-26 23:32:55 | 000,000,624 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\Malwarebytes’ Anti-Malware.lnk

[2011-07-26 22:49:20 | 000,655,068 | ---- | C] () – C:\WINDOWS\System32\drivers\NAV\1206000.01D\Cat.DB

[2011-07-26 22:49:17 | 000,007,468 | ---- | C] () – C:\WINDOWS\System32\drivers\SYMEVENT.CAT

[2011-07-26 22:49:17 | 000,000,806 | ---- | C] () – C:\WINDOWS\System32\drivers\SYMEVENT.INF

[2011-07-26 22:49:08 | 000,000,000 | R— | C] () – C:\WINDOWS\System32\drivers\NAV\1206000.01D\SymDS.cat

[2011-07-26 22:49:00 | 000,003,373 | R— | C] () – C:\WINDOWS\System32\drivers\NAV\1206000.01D\SymEFA.inf

[2011-07-26 22:49:00 | 000,002,792 | R— | C] () – C:\WINDOWS\System32\drivers\NAV\1206000.01D\SymDS.inf

[2011-07-26 22:49:00 | 000,001,474 | R— | C] () – C:\WINDOWS\System32\drivers\NAV\1206000.01D\SymNetV.inf

[2011-07-26 22:49:00 | 000,001,446 | R— | C] () – C:\WINDOWS\System32\drivers\NAV\1206000.01D\SymNet.inf

[2011-07-26 22:49:00 | 000,001,389 | R— | C] () – C:\WINDOWS\System32\drivers\NAV\1206000.01D\srtspx.inf

[2011-07-26 22:49:00 | 000,001,383 | R— | C] () – C:\WINDOWS\System32\drivers\NAV\1206000.01D\srtsp.inf

[2011-07-26 22:49:00 | 000,000,742 | R— | C] () – C:\WINDOWS\System32\drivers\NAV\1206000.01D\Iron.inf

[2011-07-26 22:48:49 | 000,007,877 | R— | C] () – C:\WINDOWS\System32\drivers\NAV\1206000.01D\symnetv.cat

[2011-07-26 22:48:49 | 000,007,528 | R— | C] () – C:\WINDOWS\System32\drivers\NAV\1206000.01D\iron.cat

[2011-07-26 22:48:49 | 000,007,458 | R— | C] () – C:\WINDOWS\System32\drivers\NAV\1206000.01D\SymNet.cat

[2011-07-26 22:48:49 | 000,007,456 | R— | C] () – C:\WINDOWS\System32\drivers\NAV\1206000.01D\SymEFA.cat

[2011-07-26 22:48:49 | 000,007,454 | R— | C] () – C:\WINDOWS\System32\drivers\NAV\1206000.01D\srtspx.cat

[2011-07-26 22:48:49 | 000,007,450 | R— | C] () – C:\WINDOWS\System32\drivers\NAV\1206000.01D\srtsp.cat

[2011-07-26 22:48:49 | 000,000,172 | ---- | C] () – C:\WINDOWS\System32\drivers\NAV\1206000.01D\isolate.ini

[2011-07-26 22:36:18 | 000,000,264 | ---- | C] () – C:\WINDOWS\System32\PSUNCpl.dat

[2011-07-26 22:20:50 | 000,001,698 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk

[2011-07-26 22:01:07 | 000,000,157 | ---- | C] () – C:\WINDOWS\info1

[2011-07-26 22:00:16 | 000,000,000 | ---- | C] () – C:\WINDOWS\loader2.exe_ok

[2011-07-26 21:11:23 | 000,088,565 | ---- | C] () – C:\Documents and Settings\Roxana\Pulpit\bez tytułu.JPG

[2011-07-26 21:10:04 | 002,506,806 | ---- | C] () – C:\Documents and Settings\Roxana\Pulpit\bez tytułu.bmp

[2011-07-26 18:36:17 | 000,008,784 | ---- | C] () – C:\Documents and Settings\Roxana\Moje dokumenty\cc_20110726_1836.reg

[2011-07-10 18:27:31 | 000,321,876 | ---- | C] () – C:\Documents and Settings\Roxana\Pulpit\wykaz.rtf

[2011-04-07 16:49:21 | 001,524,112 | ---- | C] () – C:\WINDOWS\System32\bandoolmx.dll

[2011-04-07 16:41:43 | 000,032,344 | ---- | C] () – C:\WINDOWS\unvpeye.ini

[2011-04-07 16:41:01 | 000,843,776 | ---- | C] () – C:\WINDOWS\vsnpstd3.exe

[2011-04-07 16:41:01 | 000,015,498 | ---- | C] () – C:\WINDOWS\snpstd3.ini

[2011-02-27 12:43:25 | 000,017,920 | R— | C] () – C:\WINDOWS\System32\IMPLODE.DLL

[2010-12-18 21:13:26 | 000,548,864 | ---- | C] () – C:\WINDOWS\System32\JWinAPI.dll

[2010-08-05 22:53:08 | 000,000,004 | ---- | C] () – C:\WINDOWS\System32\proc-1830267680.bin

[2010-07-31 11:36:39 | 000,397,312 | ---- | C] () – C:\WINDOWS\System32\zshp1020.exe

[2010-07-31 11:36:39 | 000,106,496 | R— | C] () – C:\WINDOWS\System32\vshp1020.dll

[2010-06-20 10:51:20 | 000,000,864 | ---- | C] () – C:\WINDOWS\HISCORES.DAT

[2010-06-20 10:48:31 | 000,000,166 | ---- | C] () – C:\WINDOWS\sierra.ini

[2010-01-05 20:24:31 | 000,000,000 | ---- | C] () – C:\WINDOWS\WATCH.INI

[2009-10-28 16:00:01 | 000,000,000 | ---- | C] () – C:\WINDOWS\nsreg.dat

[2009-09-13 21:00:59 | 000,000,056 | -H-- | C] () – C:\WINDOWS\System32\ezsidmv.dat

[2009-08-15 20:40:45 | 000,118,784 | ---- | C] () – C:\WINDOWS\System32\MKCoInstaller.dll

[2009-03-07 15:16:38 | 000,000,076 | ---- | C] () – C:\WINDOWS\System32\gwDat.dat

[2009-03-07 15:16:20 | 000,000,114 | ---- | C] () – C:\WINDOWS\System32\gwhig2.dat

[2009-03-07 15:16:20 | 000,000,114 | ---- | C] () – C:\WINDOWS\System32\gwhig1.dat

[2009-03-07 15:16:20 | 000,000,113 | ---- | C] () – C:\WINDOWS\System32\gwhig0.dat

[2009-03-04 21:04:58 | 000,000,033 | ---- | C] () – C:\WINDOWS\Multimedia manager.INI

[2009-03-03 18:06:02 | 001,630,208 | ---- | C] () – C:\WINDOWS\System32\nwiz.exe

[2009-03-03 18:06:02 | 001,339,392 | ---- | C] () – C:\WINDOWS\System32\nvdspsch.exe

[2009-03-03 18:06:02 | 000,442,368 | ---- | C] () – C:\WINDOWS\System32\nvappbar.exe

[2009-03-03 18:06:02 | 000,425,984 | ---- | C] () – C:\WINDOWS\System32\keystone.exe

[2009-03-03 18:05:57 | 001,703,936 | ---- | C] () – C:\WINDOWS\System32\nvwdmcpl.dll

[2009-03-03 18:05:57 | 001,019,904 | ---- | C] () – C:\WINDOWS\System32\nvwimg.dll

[2009-03-03 18:05:56 | 001,486,848 | ---- | C] () – C:\WINDOWS\System32\nview.dll

[2009-03-03 18:05:56 | 000,466,944 | ---- | C] () – C:\WINDOWS\System32\nvshell.dll

[2009-03-03 18:05:56 | 000,286,720 | ---- | C] () – C:\WINDOWS\System32\nvnt4cpl.dll

[2009-02-28 13:48:30 | 000,000,382 | ---- | C] () – C:\Program Files\Skrót do Program Files.lnk

[2009-02-25 22:17:25 | 000,001,310 | ---- | C] () – C:\Documents and Settings\Roxana\Dane aplikacji\filterclsid.dat

[2009-02-25 21:16:16 | 000,000,000 | ---- | C] () – C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt

[2009-02-25 21:15:40 | 000,005,632 | ---- | C] () – C:\WINDOWS\System32\drivers\StarOpen.sys

[2009-02-14 11:44:20 | 000,000,552 | ---- | C] () – C:\WINDOWS\System32\d3d8caps.dat

[2009-02-14 11:36:12 | 000,139,264 | ---- | C] () – C:\WINDOWS\System32\fsgscom.dll

[2009-02-14 06:11:36 | 000,000,984 | ---- | C] () – C:\WINDOWS\unins000.dat

[2009-02-14 06:06:11 | 000,000,069 | ---- | C] () – C:\WINDOWS\NeroDigital.ini

[2009-02-13 20:24:00 | 000,204,288 | ---- | C] () – C:\Documents and Settings\Roxana\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-02-13 18:27:32 | 000,001,324 | ---- | C] () – C:\WINDOWS\System32\d3d9caps.dat

[2009-02-13 18:12:31 | 000,165,376 | ---- | C] () – C:\WINDOWS\System32\unrar.dll

[2009-02-13 18:12:31 | 000,000,038 | ---- | C] () – C:\WINDOWS\avisplitter.ini

[2009-02-13 17:28:54 | 000,004,293 | ---- | C] () – C:\WINDOWS\ODBCINST.INI

[2009-02-13 17:28:04 | 000,125,320 | ---- | C] () – C:\WINDOWS\System32\FNTCACHE.DAT

[2009-02-13 17:19:34 | 005,218,304 | ---- | C] () – C:\WINDOWS\System32\vistaui.exe

[2009-02-13 17:19:22 | 000,417,930 | ---- | C] () – C:\WINDOWS\System32\vimc.exe

[2009-02-13 17:17:39 | 000,111,104 | ---- | C] () – C:\WINDOWS\System32\Uharc.exe

[2009-02-13 17:08:53 | 000,049,152 | R— | C] () – C:\WINDOWS\System32\ChCfg.exe

[2009-02-13 16:38:28 | 000,002,048 | --S- | C] () – C:\WINDOWS\bootstat.dat

[2009-02-13 16:34:43 | 000,021,856 | ---- | C] () – C:\WINDOWS\System32\emptyregdb.dat

[2004-08-04 00:56:48 | 000,001,804 | ---- | C] () – C:\WINDOWS\System32\dcache.bin

[2004-08-02 14:20:40 | 000,004,569 | ---- | C] () – C:\WINDOWS\System32\secupd.dat

[2002-05-28 03:52:36 | 000,106,496 | ---- | C] () – C:\WINDOWS\japi.dll

[2001-10-26 18:15:16 | 000,437,000 | ---- | C] () – C:\WINDOWS\System32\perfh015.dat

[2001-10-26 18:15:16 | 000,313,828 | ---- | C] () – C:\WINDOWS\System32\perfi015.dat

[2001-10-26 18:15:16 | 000,067,634 | ---- | C] () – C:\WINDOWS\System32\perfc015.dat

[2001-10-26 18:15:16 | 000,034,990 | ---- | C] () – C:\WINDOWS\System32\perfd015.dat

[2001-08-23 15:00:00 | 013,107,200 | ---- | C] () – C:\WINDOWS\System32\oembios.bin

[2001-08-23 15:00:00 | 000,004,463 | ---- | C] () – C:\WINDOWS\System32\oembios.dat

[2001-08-17 23:30:24 | 000,380,930 | ---- | C] () – C:\WINDOWS\System32\perfh009.dat

[2001-08-17 23:30:24 | 000,272,128 | ---- | C] () – C:\WINDOWS\System32\perfi009.dat

[2001-08-17 23:30:24 | 000,028,626 | ---- | C] () – C:\WINDOWS\System32\perfd009.dat

[2001-08-17 23:30:22 | 000,053,152 | ---- | C] () – C:\WINDOWS\System32\perfc009.dat

[2001-08-17 23:15:38 | 000,046,258 | ---- | C] () – C:\WINDOWS\System32\mib.bin

[2001-07-22 00:36:48 | 000,218,003 | ---- | C] () – C:\WINDOWS\System32\dssec.dat

[2001-07-22 00:36:04 | 000,673,088 | ---- | C] () – C:\WINDOWS\System32\mlang.dat

[2001-07-22 00:24:16 | 000,000,741 | ---- | C] () – C:\WINDOWS\System32\noise.dat

[2001-06-24 11:32:44 | 000,172,032 | ---- | C] () – C:\WINDOWS\japi2.dll

[1998-06-12 08:08:06 | 000,095,232 | ---- | C] () – C:\WINDOWS\System32\lfkodak.dll

========== LOP Check ==========

[2010-02-09 16:42:05 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\51A5

[2011-01-02 00:11:47 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper

[2011-04-24 21:45:08 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\Bandoo

[2009-02-19 18:28:30 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\BOONTY

[2009-05-23 15:01:25 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite

[2011-04-11 15:06:46 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\Fighters

[2010-04-24 08:40:39 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10

[2011-06-05 10:15:34 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\ipla

[2009-02-19 18:28:35 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\MumboJumbo

[2010-07-12 21:18:13 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\OpenFM

[2011-01-02 00:54:37 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\PlayFirst

[2011-06-05 10:16:00 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\RDRM

[2011-07-26 20:26:37 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\Zen Data Safe

[2009-08-12 12:23:36 | 000,000,000 | —D | M] – C:\Documents and Settings\Gość\Dane aplikacji\Nowe Gadu-Gadu

[2009-05-18 18:17:08 | 000,000,000 | —D | M] – C:\Documents and Settings\Gość\Dane aplikacji\Opera

[2009-06-27 12:02:15 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\Bandoo

[2011-01-02 00:12:17 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\Boolat Games

[2011-04-09 21:11:24 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\Camfrog

[2009-05-23 15:02:07 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\DAEMON Tools Lite

[2009-06-18 23:14:07 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\DC++

[2009-06-07 11:57:12 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\eSkiMoS R2

[2011-04-14 10:34:08 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\Fighters

[2009-05-15 17:39:17 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\Gadu-Gadu

[2011-07-26 18:53:08 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\Gadu-Gadu 10

[2011-01-02 22:11:16 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\Gaijin Ent

[2010-08-05 22:53:08 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\GanymedeNet

[2010-09-28 18:35:20 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\GG Tools

[2011-07-29 14:42:24 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\ipla

[2011-07-22 19:27:34 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\ManyCam

[2010-06-22 22:31:26 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\maxup

[2010-01-13 17:50:01 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\Nowe Gadu-Gadu

[2009-07-14 22:10:45 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\OpenFM

[2009-12-01 11:59:00 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\OpenOffice.ux.pl2

[2009-02-13 16:55:40 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\Opera

[2011-07-29 15:09:24 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\PhotoScape

[2009-02-13 17:24:49 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\PixelMetrics

[2011-01-02 00:54:37 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\PlayFirst

[2011-06-04 19:18:43 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\RDRM

[2009-02-25 21:18:23 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\Samsung

[2011-06-03 21:47:25 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\searchquband

[2011-06-23 10:40:20 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\searchqutoolbar

[2010-06-30 17:37:43 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\uTorrent

[2011-07-29 15:09:25 | 000,000,000 | —D | M] – C:\Documents and Settings\Roxana\Dane aplikacji\XnView

========== Purity Check ==========

< End of report >

Log umieść na wklej.org

extras też.