Mam konia trojańskiego w pamięci operacyjnej

[uto_anglia]

Mam konia trojąńskiego Generic 14.NH

Kod: Zaznacz wszystko

#

OTL logfile created on: 2009-12-15 19:33:20 - Run 1

#

OTL by OldTimer - Version 3.1.17.0     Folder = C:\Documents and Settings\UTO\Pulpit

#

Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

#

Internet Explorer (Version = 7.0.5730.13)

#

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

#



#

511,53 Mb Total Physical Memory | 163,99 Mb Available Physical Memory | 32,06% Memory free

#

1,22 Gb Paging File | 0,85 Gb Available in Paging File | 69,91% Paging File free

#

Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

#



#

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

#

Drive C: | 29,29 Gb Total Space | 19,76 Gb Free Space | 67,47% Space Free | Partition Type: NTFS

#

Drive D: | 45,23 Gb Total Space | 31,58 Gb Free Space | 69,83% Space Free | Partition Type: NTFS

#

E: Drive not present or media not loaded

#

Drive F: | 1,86 Gb Total Space | 0,40 Gb Free Space | 21,61% Space Free | Partition Type: FAT

#

G: Drive not present or media not loaded

#

H: Drive not present or media not loaded

#

Drive I: | 976,13 Mb Total Space | 152,89 Mb Free Space | 15,66% Space Free | Partition Type: FAT

#



#

Computer Name: DOM-826A56EE392

#

Current User Name: UTO

#

Logged in as Administrator.

#



#

Current Boot Mode: Normal

#

Scan Mode: Current user

#

Company Name Whitelist: Off

#

Skip Microsoft Files: Off

#

File Age = 30 Days

#

Output = Standard

#



#

[color=#E56717]========== Processes (SafeList) ==========[/color]

#



#

PRC - [2009-12-15 19:33:08 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\UTO\Pulpit\OTL.exe

#

PRC - [2009-12-12 19:35:15 | 02,033,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe

#

PRC - [2009-12-12 19:35:11 | 00,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe

#

PRC - [2009-12-12 19:35:11 | 00,503,576 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe

#

PRC - [2009-12-08 17:48:30 | 01,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe

#

PRC - [2009-12-08 17:48:29 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe

#

PRC - [2009-12-08 17:48:17 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe

#

PRC - [2009-05-01 17:27:55 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe

#

PRC - [2008-12-18 01:26:25 | 07,678,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

#

PRC - [2007-06-27 18:04:00 | 00,279,848 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

#

PRC - [2005-12-08 20:18:40 | 00,035,328 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe

#

PRC - [2005-01-19 14:29:34 | 00,405,583 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe

#

PRC - [2004-08-03 23:44:20 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

#

PRC - [2004-07-28 15:39:28 | 00,962,661 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

#

PRC - [2004-05-17 06:34:08 | 00,360,448 | ---- | M] (Samsung Electronics.) -- C:\WINDOWS\Samsung\ComSMMgr\SSMMgr.exe

#

PRC - [2003-12-08 16:35:14 | 00,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

#

PRC - [2002-09-20 15:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

#



#



#

[color=#E56717]========== Modules (SafeList) ==========[/color]

#



#

MOD - [2009-12-15 19:33:08 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\UTO\Pulpit\OTL.exe

#

MOD - [2004-08-03 23:42:34 | 01,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

#

MOD - [2002-11-06 19:00:38 | 00,040,820 | ---- | M] (SoundMAX) -- C:\WINDOWS\system32\Syncor11.dll

#



#



#

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

#



#

SRV - File not found [Auto | Stopped] --  -- (TrkWksNMIndexingService)

#

SRV - [2009-12-08 17:48:17 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)

#

SRV - [2009-05-01 17:27:55 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)

#

SRV - [2009-01-27 19:26:42 | 00,398,336 | ---- | M] (Ares Development Group) [On_Demand | Stopped] -- C:\Program Files\Ares\chatServer.exe -- (AresChatServer)

#

SRV - [2007-06-29 18:16:56 | 00,800,040 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)

#

SRV - [2007-06-27 18:04:00 | 00,279,848 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)

#

SRV - [2004-06-10 06:54:52 | 00,151,552 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Samsung\Samsung SPP-2020 Series\CommonSM\ssmsrvc.exe -- (SM_SPP-2020_FUService)

#

SRV - [2003-07-28 19:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

#

SRV - [2002-09-20 15:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))

#



#



#

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

#



#

DRV - [2009-12-08 17:49:00 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)

#

DRV - [2009-12-08 17:48:52 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)

#

DRV - [2009-12-08 17:48:51 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)

#

DRV - [2009-06-04 21:21:07 | 00,000,000 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\e4e2b4c0.sys -- (e4e2b4c0)

#

DRV - [2009-04-28 21:20:06 | 00,044,944 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)

#

DRV - [2004-12-06 13:07:32 | 00,104,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wceusbsh.sys -- (wceusbsh)

#

DRV - [2004-10-15 11:50:20 | 00,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)

#

DRV - [2004-08-04 00:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)

#

DRV - [2004-08-03 23:44:30 | 00,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\win32x.exe -- (win32x)

#

DRV - [2004-08-03 23:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)

#

DRV - [2004-07-17 10:36:38 | 00,027,440 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)

#

DRV - [2004-03-02 08:26:58 | 00,050,007 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\adildr.sys -- (ADILOADER) General Purpose USB Driver (adildr.sys)

#

DRV - [2004-03-02 08:24:16 | 00,127,065 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\adiusbaw.sys -- (adiusbaw)

#

DRV - [2003-07-15 15:00:00 | 00,578,368 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)

#

DRV - [2003-07-02 03:42:00 | 00,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)

#

DRV - [2002-04-01 07:15:00 | 00,004,816 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio)

#

DRV - [2001-08-17 21:13:08 | 00,027,165 | ---- | M] (VIA Technologies, Inc.              ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fetnd5.sys -- (FETNDIS)

#

DRV - [2001-08-17 20:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)

#



#



#

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

#



#



#

[color=#E56717]========== Internet Explorer ==========[/color]

#



#

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.giganci.pl/

#

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]

#

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

#

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}

#

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]

#

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.giganci.pl/

#



#

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}

#

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

#

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google

#

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

#

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

#

IE - HKCU\..\URLSearchHook: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTog1.dll (Conduit Ltd.)

#

IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - Reg Error: Value error. File not found

#

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

#



#

[color=#E56717]========== FireFox ==========[/color]

#



#

FF - prefs.js..browser.search.defaultenginename: "Winamp Search"

#

FF - prefs.js..browser.search.defaultthis.engineName: "ToggleEN Customized Web Search"

#

FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2077543&SearchSource=3&q={searchTerms}"

#

FF - prefs.js..browser.search.selectedEngine: "ToggleEN Customized Web Search"

#

FF - prefs.js..browser.search.useDBForOrder: true

#

FF - prefs.js..browser.startup.homepage: "www.wp.pl"

#

FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2077543&SearchSource=2&q="

#

FF - prefs.js..network.proxy.type: 2

#



#



#

FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2009-12-13 20:38:06 | 00,000,000 | ---D | M]

#

FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-19 19:31:42 | 00,000,000 | ---D | M]

#

FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-10-04 18:48:20 | 00,000,000 | ---D | M]

#



#

[2009-12-15 16:48:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\UTO\Dane aplikacji\Mozilla\Firefox\Profiles\4vj79ok9.default\extensions

#

[2009-11-29 09:32:00 | 00,000,000 | ---D | M] (ToggleEN Toolbar) -- C:\Documents and Settings\UTO\Dane aplikacji\Mozilla\Firefox\Profiles\4vj79ok9.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b}

#

[2009-10-03 05:27:00 | 00,000,000 | ---D | M] (Winamp Toolbar) -- C:\Documents and Settings\UTO\Dane aplikacji\Mozilla\Firefox\Profiles\4vj79ok9.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}

#

[2009-07-18 00:02:48 | 00,002,476 | ---- | M] () -- C:\Documents and Settings\UTO\Dane aplikacji\Mozilla\Firefox\Profiles\4vj79ok9.default\searchplugins\BearShareWebSearch.xml

#

[2009-07-01 14:24:00 | 00,000,878 | ---- | M] () -- C:\Documents and Settings\UTO\Dane aplikacji\Mozilla\Firefox\Profiles\4vj79ok9.default\searchplugins\conduit.xml

#

[2009-10-03 05:27:10 | 00,001,196 | ---- | M] () -- C:\Documents and Settings\UTO\Dane aplikacji\Mozilla\Firefox\Profiles\4vj79ok9.default\searchplugins\winamp-search.xml

#

[2009-12-15 16:48:48 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

#

[2009-04-24 20:05:55 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org

#

[2008-12-18 01:26:26 | 00,067,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jar50.dll

#

[2008-12-18 01:26:26 | 00,054,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jsd3250.dll

#

[2008-12-18 01:26:26 | 00,034,944 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\myspell.dll

#

[2008-12-18 01:26:26 | 00,046,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\spellchk.dll

#

[2008-12-18 01:26:26 | 00,172,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\xpinstal.dll

#

[2006-06-03 17:39:49 | 00,000,904 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml

#

[2009-07-18 00:02:48 | 00,002,476 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml

#

[2008-06-07 01:50:04 | 00,001,419 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml

#

[2007-03-31 18:10:44 | 00,000,926 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml

#

[2006-06-03 17:39:49 | 00,000,866 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml

#

[2008-03-29 22:06:54 | 00,001,198 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml

#

[2007-01-05 12:40:09 | 00,001,693 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

#



#

O1 HOSTS File: (742 bytes) - C:\WINDOWS\system32\drivers\etc\hosts

#

O1 - Hosts: 127.0.0.1       localhost

#

O2 - BHO: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTog1.dll (Conduit Ltd.)

#

O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

#

O2 - BHO: (My Global Search Bar BHO) - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)

#

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)

#

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

#

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

#

O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\UTO\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)

#

O3 - HKLM\..\Toolbar: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTog1.dll (Conduit Ltd.)

#

O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()

#

O3 - HKLM\..\Toolbar: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)

#

O3 - HKLM\..\Toolbar: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare)

#

O3 - HKCU\..\Toolbar\WebBrowser: (ToggleEN Toolbar) - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - C:\Program Files\ToggleEN\tbTog1.dll (Conduit Ltd.)

#

O3 - HKCU\..\Toolbar\WebBrowser: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)

#

O3 - HKCU\..\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare)

#

O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)

#

O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)

#

O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)

#

O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)

#

O4 - HKLM..\Run: [Samsung Common SM] C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe (Samsung Electronics.)

#

O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()

#

O4 - HKCU..\Run: [ares] C:\Program Files\Ares\Ares.exe File not found

#

O4 - HKCU..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu Sp. z oo)

#

O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE (Microsoft Corporation)

#

O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)

#

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe ()

#

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present

#

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMSAppLogo5ChannelNotify = 1

#

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0

#

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0

#

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0

#

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1

#

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

#

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present

#

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Persistence present

#

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

#

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

#

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Home = 0

#

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Fullscreen = 0

#

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Tools = 0

#

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Print = 0

#

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Edit = 0

#

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Cut = 0

#

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Copy = 0

#

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Paste = 0

#

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Encoding = 0

#

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0

#

O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()

#

O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()

#

O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()

#

O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()

#

O9 - Extra Button: Utwórz Ulubione dla urządzenia przenośnego - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll (Microsoft Corporation)

#

O9 - Extra 'Tools' menuitem : Utwórz Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll (Microsoft Corporation)

#

O15 - HKCU\..Trusted Domains: 8 domain(s) and sub-domain(s) not assigned to a zone.

#

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)

#

O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} Reg Error: Key error. (Reg Error: Value error.)

#

O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)

#

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)

#

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)

#

O18 - Protocol\Handler\mctp {d7b95390-b1c5-11d0-b111-0080c712fe82} - C:\Program Files\Microsoft ActiveSync\aatp.dll (Microsoft Corporation)

#

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

#

O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL File not found

#

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

#

O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)

#

O27 - HKLM IFEO\a2service.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\ArcaCheck.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\arcavir.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\ashDisp.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\ashEnhcd.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\ashServ.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\ashUpd.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\aswUpdSv.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\autoruns.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\avadmin.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\avcenter.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\avcls.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\avconfig.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\avconsol.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\avgnt.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\avgrssvc.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\avguard.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\AvMonitor.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\avp.com: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\avp.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\AVP32.EXE: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\avscan.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\avz.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\avz_se.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\avz4.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\bdagent.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\bdinit.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\caav.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\caavguiscan.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\casecuritycenter.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\CCenter.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\ccupdate.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\cfp.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\cfpupdat.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\cmdagent.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\drwadins.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\DRWEB32.EXE: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\drwebupw.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\ekrn.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\FAMEH32.EXE: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\filemon.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\FPAVServer.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\fpscan.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\FPWin.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\fsav32.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\fsgk32st.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\FSMA32.EXE: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\GFRing3.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\guardgui.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\guardxservice.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\guardxup.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\HijackThis.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\KASMain.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\KASTask.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\KAV32.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\KAVDX.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\KAVPF.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\KAVPFW.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\KAVStart.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\KPFW32.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\KPFW32X.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\Navapsvc.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\Navapw32.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\navigator.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\NAVNT.EXE: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\NAVSTUB.EXE: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\NAVW32.EXE: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\NAVWNT.EXE: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\niu.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\nod32.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\nod32krn.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\Nvcc.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\OllyDBG.EXE: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\outpost.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\preupd.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\procexp.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\pskdr.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\regedit.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\regmon.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\RegTool.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\scan32.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\SfFnUp.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\Vba32arkit.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\vba32ldr.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\vsserv.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\Zanda.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\zapro.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\Zlh.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\zonealarm.exe: Debugger - ntsd -d (Microsoft Corporation)

#

O27 - HKLM IFEO\zoneband.dll: Debugger - ntsd -d (Microsoft Corporation)

#

O28 - HKLM ShellExecuteHooks: {BB4C402F-882A-4526-8C08-51278EA437C1} - Reg Error: Value error. File not found

#

O32 - HKLM CDRom: AutoRun - 1

#

O32 - AutoRun File - [2009-04-01 11:13:09 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

#

O32 - AutoRun File - [2009-12-11 12:57:40 | 00,000,063 | RHS- | M] () - F:\autorun.inf -- [ FAT ]

#

O32 - AutoRun File - [2009-12-08 18:00:52 | 00,000,055 | RHS- | M] () - I:\autorun.inf -- [ FAT ]

#

O33 - MountPoints2\{08eed308-e675-11de-b92b-4d6564696130}\Shell\AutoRun\command - "" = xh319r9b.bat

#

O33 - MountPoints2\{08eed308-e675-11de-b92b-4d6564696130}\Shell\open\Command - "" = xh319r9b.bat

#

O33 - MountPoints2\{16f3f62e-7508-11de-bc9a-001122334455}\Shell\AutoRun\command - "" = H:\p.exe -- File not found

#

O33 - MountPoints2\{16f3f62e-7508-11de-bc9a-001122334455}\Shell\open\Command - "" = H:\p.exe -- File not found

#

O33 - MountPoints2\{2198bd22-dcbd-11de-b914-4d6564696130}\Shell\AutoRun\command - "" = mbdm.exe

#

O33 - MountPoints2\{2198bd22-dcbd-11de-b914-4d6564696130}\Shell\open\Command - "" = mbdm.exe

#

O33 - MountPoints2\{9e10d616-7230-11de-bc96-4d6564696130}\Shell\AutoRun\command - "" = H:\EXPLORER.EXE -- File not found

#

O33 - MountPoints2\{9e10d616-7230-11de-bc96-4d6564696130}\Shell\explore\Command - "" = H:\EXPLORER.EXE -- File not found

#

O33 - MountPoints2\{9e10d616-7230-11de-bc96-4d6564696130}\Shell\open\Command - "" = H:\EXPLORER.EXE -- File not found

#

O33 - MountPoints2\{c85f0709-1eb3-11de-af84-806d6172696f}\Shell\AutoRun\command - "" = H:\p.exe -- File not found

#

O33 - MountPoints2\{c85f0709-1eb3-11de-af84-806d6172696f}\Shell\open\Command - "" = H:\p.exe -- File not found

#

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

#

O34 - HKLM BootExecute: (aswBoot.exe /M:83968685) -  File not found

#

O35 - comfile [open] -- "%1" %*

#

O35 - exefile [open] -- "%1" %*

#



#

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

#



#

[2009-12-15 19:33:05 | 00,538,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\UTO\Pulpit\OTL.exe

#

[2009-12-09 16:56:27 | 00,000,000 | ---D | C] -- C:\Program Files\Exterminate It!

#

[2009-12-08 17:53:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\UTO\Dane aplikacji\IObit

#

[2009-12-08 17:53:12 | 00,000,000 | ---D | C] -- C:\Program Files\IObit

#

[2009-12-08 17:49:16 | 00,000,000 | -H-D | C] -- C:\$AVG

#

[2009-12-08 17:49:01 | 00,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll

#

[2009-12-08 17:49:00 | 00,360,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys

#

[2009-12-08 17:48:52 | 00,333,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys

#

[2009-12-08 17:48:50 | 00,028,424 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys

#

[2009-12-08 17:48:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg

#

[2009-12-08 17:48:16 | 00,000,000 | ---D | C] -- C:\Program Files\AVG

#

[2009-12-08 17:48:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9

#

[2009-12-08 17:48:04 | 08,897,336 | ---- | C] (IObit                                                       ) -- C:\Documents and Settings\UTO\Pulpit\asc-setup.exe

#

[2009-12-08 17:46:52 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft

#

[2009-12-08 17:46:52 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft

#

[2009-12-08 17:46:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft

#

[2009-12-08 17:46:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft

#

[2009-12-07 19:36:22 | 00,000,000 | ---D | C] -- C:\Program Files\ESET

#

[2009-11-30 19:45:58 | 00,000,000 | ---D | C] -- C:\Program Files\BitLord

#

[2009-11-29 09:31:37 | 00,000,000 | ---D | C] -- C:\Program Files\Conduit

#

[2009-11-29 09:31:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\UTO\Ustawienia lokalne\Dane aplikacji\Conduit

#

[2009-11-29 09:31:36 | 00,000,000 | ---D | C] -- C:\Program Files\ToggleEN

#

[2009-11-29 09:31:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\UTO\Ustawienia lokalne\Dane aplikacji\ToggleEN

#

[2009-11-29 09:24:09 | 00,000,000 | ---D | C] -- C:\Program Files\Ares

#



#

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

#



#

[2009-12-15 19:33:08 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\UTO\Pulpit\OTL.exe

#

[2009-12-15 19:31:42 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

#

[2009-12-15 16:44:36 | 46,651,868 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm

#

[2009-12-15 16:43:52 | 00,123,979 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg

#

[2009-12-15 16:40:16 | 00,000,388 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{1BDEB031-DB2B-44A5-95B1-0E0805C0DC4B}.job

#

[2009-12-15 16:37:45 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

#

[2009-12-15 16:37:42 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

#

[2009-12-15 16:37:39 | 53,644,4928 | -HS- | M] () -- C:\hiberfil.sys

#

[2009-12-15 16:37:39 | 00,243,920 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

#

[2009-12-14 20:01:47 | 05,242,880 | -H-- | M] () -- C:\Documents and Settings\UTO\NTUSER.DAT

#

[2009-12-14 20:01:28 | 00,000,188 | -HS- | M] () -- C:\Documents and Settings\UTO\ntuser.ini

#

[2009-12-14 20:01:10 | 08,008,812 | -H-- | M] () -- C:\Documents and Settings\UTO\Ustawienia lokalne\Dane aplikacji\IconCache.db

#

[2009-12-14 17:43:09 | 00,001,070 | ---- | M] () -- C:\WINDOWS\VPlayer.INI

#

[2009-12-14 17:43:09 | 00,000,060 | ---- | M] () -- C:\WINDOWS\VplayerINI.vpl

#

[2009-12-13 20:38:25 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

#

[2009-12-08 22:28:27 | 00,000,046 | ---- | M] () -- C:\WINDOWS\wininit.ini

#

[2009-12-08 22:18:36 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest

#

[2009-12-08 22:18:36 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest

#

[2009-12-08 22:18:36 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest

#

[2009-12-08 22:18:36 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest

#

[2009-12-08 22:18:36 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest

#

[2009-12-08 22:18:36 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest

#

[2009-12-08 17:49:17 | 08,897,336 | ---- | M] (IObit                                                       ) -- C:\Documents and Settings\UTO\Pulpit\asc-setup.exe

#

[2009-12-08 17:49:02 | 00,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AVG Free 9.0.lnk

#

[2009-12-08 17:49:01 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll

#

[2009-12-08 17:49:00 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys

#

[2009-12-08 17:48:52 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys

#

[2009-12-08 17:48:51 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys

#

[2009-12-08 17:48:50 | 00,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm

#

[2009-12-08 17:48:37 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg

#

[2009-12-08 17:48:37 | 00,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg

#

[2009-12-07 19:35:30 | 00,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

#

[2009-12-01 18:44:49 | 00,620,544 | ---- | M] () -- C:\Documents and Settings\UTO\Pulpit\vplayer.exe

#

[2009-12-01 08:43:37 | 00,013,824 | ---- | M] () -- C:\Documents and Settings\UTO\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

#

[2009-11-30 19:53:33 | 00,000,526 | ---- | M] () -- C:\WINDOWS\ODBC.INI

#

[2009-11-30 19:45:59 | 00,000,678 | ---- | M] () -- C:\Documents and Settings\UTO\Pulpit\BitLord.lnk

#

[2009-11-30 19:44:24 | 01,362,977 | ---- | M] () -- C:\Documents and Settings\UTO\Pulpit\BitLord_1.01.exe

#

[2009-11-30 16:41:42 | 00,410,887 | ---- | M] () -- C:\Documents and Settings\UTO\Pulpit\7.jpg

#

[2009-11-29 09:30:53 | 02,378,505 | ---- | M] () -- C:\Documents and Settings\UTO\Pulpit\installer_ares_2_1_2_English.exe

#

[2009-11-25 13:37:21 | 00,044,689 | ---- | M] () -- C:\Documents and Settings\UTO\Moje dokumenty\BESKID_ZYWIECKI.html

#



#

[color=#E56717]========== Files Created - No Company Name ==========[/color]

#



#

[2009-12-08 22:28:27 | 00,000,046 | ---- | C] () -- C:\WINDOWS\wininit.ini

#

[2009-12-08 17:49:02 | 00,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AVG Free 9.0.lnk

#

[2009-12-08 17:48:50 | 00,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm

#

[2009-12-08 17:48:37 | 46,651,868 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm

#

[2009-12-08 17:48:37 | 00,492,629 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg

#

[2009-12-08 17:48:37 | 00,123,979 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg

#

[2009-12-08 17:48:36 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg

#

[2009-12-01 20:13:43 | 00,000,060 | ---- | C] () -- C:\WINDOWS\VplayerINI.vpl

#

[2009-12-01 18:45:19 | 00,001,070 | ---- | C] () -- C:\WINDOWS\VPlayer.INI

#

[2009-12-01 18:44:45 | 00,620,544 | ---- | C] () -- C:\Documents and Settings\UTO\Pulpit\vplayer.exe

#

[2009-11-30 19:45:59 | 00,000,678 | ---- | C] () -- C:\Documents and Settings\UTO\Pulpit\BitLord.lnk

#

[2009-11-30 19:44:17 | 01,362,977 | ---- | C] () -- C:\Documents and Settings\UTO\Pulpit\BitLord_1.01.exe

#

[2009-11-30 16:41:06 | 00,410,887 | ---- | C] () -- C:\Documents and Settings\UTO\Pulpit\7.jpg

#

[2009-11-29 09:30:35 | 02,378,505 | ---- | C] () -- C:\Documents and Settings\UTO\Pulpit\installer_ares_2_1_2_English.exe

#

[2009-11-25 13:37:21 | 00,044,689 | ---- | C] () -- C:\Documents and Settings\UTO\Moje dokumenty\BESKID_ZYWIECKI.html

#

[2009-09-28 17:17:42 | 00,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini

#

[2009-09-28 17:17:42 | 00,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini

#

[2009-09-28 17:17:37 | 00,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll

#

[2009-09-28 17:17:37 | 00,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll

#

[2009-09-28 17:17:37 | 00,000,998 | ---- | C] () -- C:\WINDOWS\adiras.ini

#

[2009-09-19 19:31:40 | 00,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

#

[2009-09-19 19:31:39 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini

#

[2009-09-19 19:31:38 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

#

[2009-09-19 19:31:38 | 00,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

#

[2009-09-19 19:31:38 | 00,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

#

[2009-06-02 21:11:01 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\e4e2b4c0.sys

#

[2009-06-02 21:10:37 | 00,000,020 | ---- | C] () -- C:\Documents and Settings\UTO\Dane aplikacji\wiaserva.log

#

[2009-05-29 16:24:13 | 00,000,404 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI

#

[2009-05-29 16:24:13 | 00,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI

#

[2009-05-29 16:17:12 | 00,031,841 | ---- | C] () -- C:\WINDOWS\maxlink.ini

#

[2009-04-13 09:16:47 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI

#

[2009-04-13 09:13:39 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS6e.DLL

#

[2009-04-11 13:07:10 | 00,000,090 | ---- | C] () -- C:\WINDOWS\calera.ini

#

[2009-04-11 13:07:02 | 00,269,312 | ---- | C] () -- C:\WINDOWS\System32\FPXIG.DLL

#

[2009-04-11 13:07:02 | 00,068,096 | ---- | C] () -- C:\WINDOWS\System32\IGFPX32P.DLL

#

[2009-04-11 13:07:02 | 00,065,024 | ---- | C] () -- C:\WINDOWS\System32\JPEGACC.DLL

#

[2009-04-11 13:06:44 | 00,101,376 | ---- | C] () -- C:\WINDOWS\System32\WELSOF32.DLL

#

[2009-04-02 21:27:41 | 00,076,407 | ---- | C] () -- C:\Documents and Settings\UTO\Dane aplikacji\Smiley.ico

#

[2009-04-02 18:17:10 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

#

[2009-04-02 17:24:50 | 00,000,526 | ---- | C] () -- C:\WINDOWS\ODBC.INI

#

[2009-04-02 17:18:22 | 00,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll

#

[2009-04-02 17:18:00 | 00,002,888 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini

#

[2009-04-02 17:17:57 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS

#

[2009-04-01 11:32:34 | 00,013,824 | ---- | C] () -- C:\Documents and Settings\UTO\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

#

[2009-04-01 11:21:14 | 00,028,672 | R--- | C] () -- C:\WINDOWS\System32\adinst32.dll

#

[2008-12-17 17:22:48 | 00,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

#

[2008-12-11 11:27:02 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

#

[2004-07-17 10:36:38 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

#

[2003-04-08 10:40:22 | 00,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

#

< End of report >

[wojtas]

wklej jeszcze raz loga , lub go od nowa stwórz bo jakieś przerwy są i ciezko cokolwiek znaleźć