Zauważyłem, że mój komputer od dzisiaj rano zachowuje się dość dziwnie. Zużycie procesora nagle skacze do 100% dla aplikacji svchost.exe. W autostarcie znalazłem sysgif32 o lokalizacji C:\WINDOWS\TEMP\~TM10C.tmp . Wyczytałem w internecie że jednak jest to szkodnik, także proszę o pomoc w usunięciu owego ustrojstwa.
Oto oba logi z OTL
- OTL.txt
- Kod: Zaznacz wszystko
OTL logfile created on: 2010-01-24 19:46:43 - Run 1
OTL by OldTimer - Version 3.1.26.0 Folder = C:\Documents and Settings\Łukasz\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 79,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 14,67 Gb Free Space | 50,07% Space Free | Partition Type: NTFS
Drive D: | 4,37 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 292,97 Gb Total Space | 15,85 Gb Free Space | 5,41% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 97,65 Gb Total Space | 36,56 Gb Free Space | 37,44% Space Free | Partition Type: NTFS
Drive H: | 10,50 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 232,83 Gb Total Space | 46,94 Gb Free Space | 20,16% Space Free | Partition Type: FAT32
Computer Name: KRUPA-157DB9865
Current User Name: Łukasz
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2010-01-24 19:46:20 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Łukasz\Pulpit\OTL.exe
PRC - [2009-11-17 15:18:22 | 06,807,552 | ---- | M] (Creative Team S.A.) -- E:\Program Files\WapSter\WapSter AQQ\AQQ.exe
PRC - [2009-11-12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009-10-28 21:47:24 | 00,307,704 | ---- | M] (Mozilla Corporation) -- E:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-08-28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009-08-25 01:07:46 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009-08-25 01:07:46 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008-12-22 02:10:21 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
PRC - [2008-12-09 23:10:14 | 00,024,636 | ---- | M] (Apache Software Foundation) -- C:\WebServer\bin\httpd.exe
PRC - [2008-12-01 21:38:42 | 00,598,016 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2008-09-05 09:03:56 | 00,159,744 | ---- | M] () -- C:\Program Files\Razer\DeathAdder\razerhid.exe
PRC - [2008-09-02 11:48:12 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2008-09-02 11:40:46 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2008-07-15 23:54:40 | 00,390,984 | ---- | M] (Agnitum Ltd.) -- E:\Program Files\Agnitum\Outpost Firewall Pro\acs.exe
PRC - [2008-07-15 23:38:10 | 00,883,528 | ---- | M] (Agnitum Ltd.) -- E:\Program Files\Agnitum\Outpost Firewall Pro\op_mon.exe
PRC - [2008-06-13 07:50:30 | 16,871,936 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2008-05-03 13:31:46 | 00,071,096 | ---- | M] () -- C:\Program Files\BurnAware Professional\nmsaccessu.exe
PRC - [2008-04-25 18:21:30 | 00,201,992 | ---- | M] (Kaspersky Lab) -- E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
PRC - [2007-12-19 11:58:24 | 00,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files\Razer\DeathAdder\razerofa.exe
PRC - [2007-05-29 14:43:50 | 00,917,504 | ---- | M] (Huawei Technologies Co., Ltd.) -- E:\Program Files\Huawei technologies\Mobile Connect\Mobile Connect.exe
PRC - [2007-05-28 17:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2006-11-24 15:24:16 | 00,143,360 | ---- | M] () -- C:\Program Files\Razer\DeathAdder\razertra.exe
PRC - [2004-08-03 23:44:20 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - [2010-01-24 19:46:20 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Łukasz\Pulpit\OTL.exe
MOD - [2004-08-03 23:44:16 | 00,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2004-08-03 23:42:34 | 01,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004-08-03 21:31:44 | 00,152,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - [2009-11-12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009-08-28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009-08-25 01:07:46 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2008-12-22 02:10:21 | 00,066,872 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA)
SRV - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008-12-09 23:10:14 | 00,024,636 | ---- | M] (Apache Software Foundation) [Auto | Stopped] -- C:\WebServer\bin\httpd.exe -- (Apache2.2)
SRV - [2008-12-01 21:38:42 | 00,598,016 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2008-12-01 14:35:00 | 00,593,920 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2008-07-15 23:54:40 | 00,390,984 | ---- | M] (Agnitum Ltd.) [Auto | Running] -- E:\Program Files\Agnitum\Outpost Firewall Pro\acs.exe -- (acssrv)
SRV - [2008-05-03 13:31:46 | 00,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\BurnAware Professional\nmsaccessu.exe -- (NMSAccessU)
SRV - [2008-04-25 18:21:30 | 00,201,992 | ---- | M] (Kaspersky Lab) [Auto | Running] -- E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe -- (AVP)
SRV - [2007-05-28 17:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2005-11-14 00:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2009-05-18 14:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009-04-28 21:20:06 | 00,044,944 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2009-01-16 20:34:59 | 00,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009-01-16 20:34:59 | 00,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008-12-25 01:04:29 | 00,213,008 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2008-12-22 01:53:56 | 00,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008-12-01 23:13:40 | 03,452,928 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008-07-11 15:42:08 | 00,033,408 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\Filt\ASWFilt.dll -- (ASWFilt)
DRV - [2008-07-11 15:41:28 | 00,673,920 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SandBox.sys -- (SandBox)
DRV - [2008-06-30 17:16:14 | 00,234,640 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afwcore.sys -- (afwcore)
DRV - [2008-06-30 17:16:00 | 00,030,864 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afw.sys -- (afw)
DRV - [2008-06-25 17:47:00 | 00,036,864 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2008-06-13 10:11:16 | 04,754,944 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-04-16 14:23:44 | 00,112,144 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2008-03-25 20:07:10 | 00,024,592 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2008-01-29 18:29:38 | 00,032,784 | ---- | M] (Kaspersky Lab) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg)
DRV - [2007-08-02 17:32:26 | 00,022,784 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dadder.sys -- (DAdderFltr)
DRV - [2007-04-20 10:40:34 | 00,100,992 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2006-09-18 13:59:08 | 00,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27unic.sys -- (se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM)
DRV - [2006-09-18 13:59:02 | 00,086,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27obex.sys -- (SE27obex)
DRV - [2006-09-18 13:59:00 | 00,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27nd5.sys -- (se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS)
DRV - [2006-09-18 13:58:58 | 00,088,688 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mgmt.sys -- (SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM)
DRV - [2006-09-18 13:58:54 | 00,097,184 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdm.sys -- (SE27mdm)
DRV - [2006-09-18 13:58:52 | 00,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdfl.sys -- (SE27mdfl)
DRV - [2006-09-18 13:58:48 | 00,061,600 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27bus.sys -- (SE27bus) Sony Ericsson Device 039 Driver driver (WDM)
DRV - [2005-01-07 17:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004-08-13 03:56:20 | 00,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004-07-17 10:36:38 | 00,027,440 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2001-08-17 22:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-57989841-179605362-839522115-1003\S-1-5-21-57989841-179605362-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-57989841-179605362-839522115-1003\S-1-5-21-57989841-179605362-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.startup.homepage: "http://www.google.pl"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: linkylook@dniflima.about.tc:1.01
FF - prefs.js..extensions.enabledItems: {eaf8a4ef-d221-45ca-9deb-d0934b45fa34}:1.3.0.3
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.2
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Components: E:\Program Files\Mozilla Firefox\components [2010-01-18 16:54:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Plugins: E:\Program Files\Mozilla Firefox\plugins [2010-01-18 16:54:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010-01-18 16:54:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2008-12-22 00:37:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Extensions
[2010-01-03 18:31:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Firefox\Profiles\hc8zb9vr.default\extensions
[2009-12-25 21:23:17 | 00,000,000 | ---D | M] (Screengrab) -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Firefox\Profiles\hc8zb9vr.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2009-07-02 17:16:06 | 00,000,000 | ---D | M] (User Agent Switcher) -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Firefox\Profiles\hc8zb9vr.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2009-07-26 18:21:14 | 00,000,000 | ---D | M] (OggX (powered by TIME S.A.)) -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Firefox\Profiles\hc8zb9vr.default\extensions\{eaf8a4ef-d221-45ca-9deb-d0934b45fa34}
[2010-01-03 18:31:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Firefox\Profiles\hc8zb9vr.default\extensions\linkylook@dniflima.about.tc
[2008-12-22 13:45:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Firefox\Profiles\hc8zb9vr.default\extensions\sxipper@sxip.com
[2008-12-22 01:55:43 | 00,002,921 | ---- | M] () -- C:\Documents and Settings\Łukasz\Dane aplikacji\Mozilla\Firefox\Profiles\hc8zb9vr.default\searchplugins\daemon-search.xml
O1 HOSTS File: ([2001-10-26 16:45:16 | 00,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-57989841-179605362-839522115-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVP] E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe ()
O4 - HKLM..\Run: [OutpostFeedBack] E:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [OutpostMonitor] E:\Program Files\Agnitum\Outpost Firewall Pro\op_mon.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [sysgif32] C:\WINDOWS\Temp\~TM10C.tmp ()
O4 - HKU\S-1-5-21-57989841-179605362-839522115-1003..\Run: [AQQ] E:\Program Files\WapSter\WapSter AQQ\AQQ.exe (Creative Team S.A.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\Łukasz\Menu Start\Programy\Autostart\algqeh32.exe ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-57989841-179605362-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: Ustawienia Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - E:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll (Agnitum Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\sdra64.exe) - C:\WINDOWS\System32\sdra64.exe File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-12-21 16:52:30 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007-05-19 12:36:22 | 00,102,400 | R--- | M] (Huawei Technologies Co., Ltd.) - H:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2006-12-01 11:50:24 | 00,000,046 | R--- | M] () - H:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2009-09-28 17:17:50 | 00,000,011 | RHS- | M] () - I:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{06911fc2-90ca-11de-a903-caad594f7043}\Shell - "" = AutoRun
O33 - MountPoints2\{1374d73c-cfb5-11dd-a77d-e5fa2218b353}\Shell - "" = AutoRun
O33 - MountPoints2\{1374d73e-cfb5-11dd-a77d-e5fa2218b353}\Shell - "" = AutoRun
O33 - MountPoints2\{18991b50-3177-11de-a849-ea83569078cd}\Shell - "" = AutoRun
O33 - MountPoints2\{18991b51-3177-11de-a849-911a5abd88c1}\Shell - "" = AutoRun
O33 - MountPoints2\{18991b52-3177-11de-a849-911a5abd88c1}\Shell - "" = AutoRun
O33 - MountPoints2\{18991b54-3177-11de-a849-a4e05b030d08}\Shell - "" = AutoRun
O33 - MountPoints2\{18991b55-3177-11de-a849-a4e05b030d08}\Shell - "" = AutoRun
O33 - MountPoints2\{2597fca9-f2e5-11de-a9bb-88963d6f6811}\Shell - "" = AutoRun
O33 - MountPoints2\{2597fca9-f2e5-11de-a9bb-88963d6f6811}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2007-05-19 12:36:22 | 00,102,400 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{32c5306e-206e-11de-a828-a69043e07277}\Shell - "" = AutoRun
O33 - MountPoints2\{349aa227-6a5a-11de-a8b8-c305e7eed2aa}\Shell - "" = AutoRun
O33 - MountPoints2\{349aa228-6a5a-11de-a8b8-e0e16e0b66a1}\Shell - "" = AutoRun
O33 - MountPoints2\{3817b283-667b-11de-a8aa-d818ddb14fa6}\Shell - "" = AutoRun
O33 - MountPoints2\{55027c9a-f2eb-11de-a9bc-b8b4597df057}\Shell - "" = AutoRun
O33 - MountPoints2\{55027c9a-f2eb-11de-a9bc-b8b4597df057}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{55027c9b-f2eb-11de-a9bc-b8b4597df057}\Shell - "" = AutoRun
O33 - MountPoints2\{55027c9b-f2eb-11de-a9bc-b8b4597df057}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2007-05-19 12:36:22 | 00,102,400 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{56e03948-f94a-11de-a9c5-c152f986230e}\Shell - "" = AutoRun
O33 - MountPoints2\{56e03948-f94a-11de-a9c5-c152f986230e}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2007-05-19 12:36:22 | 00,102,400 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{82748945-f272-11de-a9b6-e7cbceb5878a}\Shell - "" = AutoRun
O33 - MountPoints2\{82748945-f272-11de-a9b6-e7cbceb5878a}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{8f3c36e6-722e-11de-a8cb-86d60e3e73f3}\Shell - "" = AutoRun
O33 - MountPoints2\{8f3c36e7-722e-11de-a8cb-86d60e3e73f3}\Shell - "" = AutoRun
O33 - MountPoints2\{8f3c3783-722e-11de-a8cb-e59fb8103219}\Shell - "" = AutoRun
O33 - MountPoints2\{8f731013-24dc-11de-a831-fc1259abbfa6}\Shell - "" = AutoRun
O33 - MountPoints2\{8f731016-24dc-11de-a831-fc1259abbfa6}\Shell - "" = AutoRun
O33 - MountPoints2\{9795e9ba-d8f8-11dd-a7a9-f0a189020003}\Shell - "" = AutoRun
O33 - MountPoints2\{99956b5c-8711-11de-a8fd-9a861b74bef3}\Shell - "" = AutoRun
O33 - MountPoints2\{9dd88b94-8757-11de-a8ff-a9844c4a50f3}\Shell - "" = AutoRun
O33 - MountPoints2\{9dd88b95-8757-11de-a8ff-a9844c4a50f3}\Shell - "" = AutoRun
O33 - MountPoints2\{9dd88b97-8757-11de-a8ff-f9699da34bdf}\Shell - "" = AutoRun
O33 - MountPoints2\{a739eb5a-8758-11de-a900-852514de66a9}\Shell - "" = AutoRun
O33 - MountPoints2\{a739eb5b-8758-11de-a900-852514de66a9}\Shell - "" = AutoRun
O33 - MountPoints2\{a739eb5d-8758-11de-a900-852514de66a9}\Shell - "" = AutoRun
O33 - MountPoints2\{a8789312-f94b-11de-a9c6-89e28f879245}\Shell - "" = AutoRun
O33 - MountPoints2\{a8789312-f94b-11de-a9c6-89e28f879245}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2007-05-19 12:36:22 | 00,102,400 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{a8789313-f94b-11de-a9c6-89e28f879245}\Shell - "" = AutoRun
O33 - MountPoints2\{a8789313-f94b-11de-a9c6-89e28f879245}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2007-05-19 12:36:22 | 00,102,400 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{ae42ecbe-3567-11de-a84f-ff78a34de979}\Shell - "" = AutoRun
O33 - MountPoints2\{ae42ecbf-3567-11de-a84f-ff78a34de979}\Shell - "" = AutoRun
O33 - MountPoints2\{aee80625-ed89-11de-a9a7-83877ecfeceb}\Shell - "" = AutoRun
O33 - MountPoints2\{aee80625-ed89-11de-a9a7-83877ecfeceb}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{aee80626-ed89-11de-a9a7-83877ecfeceb}\Shell - "" = AutoRun
O33 - MountPoints2\{aee80626-ed89-11de-a9a7-83877ecfeceb}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{c18f1460-7260-11de-a8cc-faaa4b0253e6}\Shell - "" = AutoRun
O33 - MountPoints2\{c79f1210-70ad-11de-a8c7-91b93ccebf25}\Shell - "" = AutoRun
O33 - MountPoints2\{cab42998-f275-11de-a9b8-f4419c155ed7}\Shell - "" = AutoRun
O33 - MountPoints2\{cab42998-f275-11de-a9b8-f4419c155ed7}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{cab42999-f275-11de-a9b8-f4419c155ed7}\Shell - "" = AutoRun
O33 - MountPoints2\{cab42999-f275-11de-a9b8-f4419c155ed7}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2007-05-19 12:36:22 | 00,102,400 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{dfbfef0f-88ac-11de-a902-96e97f9092e2}\Shell - "" = AutoRun
O33 - MountPoints2\{dfbfef12-88ac-11de-a902-96e97f9092e2}\Shell - "" = AutoRun
O33 - MountPoints2\{dfbfef12-88ac-11de-a902-96e97f9092e2}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{e124b32e-2676-11de-a833-c7bae42f9d49}\Shell - "" = AutoRun
O33 - MountPoints2\{e5f5012e-2d1f-11de-a840-e101b79ea98a}\Shell - "" = AutoRun
O33 - MountPoints2\{e5f5012e-2d1f-11de-a840-e101b79ea98a}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -- File not found
O33 - MountPoints2\{fd9ecf3e-58ca-11de-a88f-fe50153a5d03}\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2007-05-19 12:36:22 | 00,102,400 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2010-01-24 19:45:38 | 00,547,328 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Łukasz\Pulpit\OTL.exe
[2010-01-23 21:24:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Moje dokumenty\My Music
[2010-01-22 19:56:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\rockbox.org
[2010-01-18 16:56:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\Apple Computer
[2010-01-18 16:55:34 | 00,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2010-01-18 16:55:34 | 00,026,600 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys
[2010-01-18 16:54:49 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2010-01-18 16:54:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010-01-18 16:54:32 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010-01-18 16:54:05 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010-01-18 16:54:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer
[2010-01-18 16:53:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\Apple
[2010-01-18 16:53:52 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010-01-18 16:53:15 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010-01-18 16:53:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple
[2010-01-18 16:52:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\Apple Computer
[2010-01-17 20:49:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\fotosy
[2010-01-17 10:38:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Moje dokumenty\Nowy folder
[2010-01-16 23:31:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\DL
[2010-01-10 13:07:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\zenses
[2010-01-05 17:36:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\Kopia
[2010-01-04 16:52:40 | 00,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2010-01-03 15:30:43 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Łukasz\Recent
[2010-01-03 13:03:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\example
[2010-01-02 12:21:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Moje dokumenty\Alcohol 120%
[2009-12-31 23:54:43 | 00,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2009-12-31 23:54:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA
[2009-12-31 16:43:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Moje dokumenty\Moje Gry
[2009-12-29 01:09:08 | 00,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2009-12-28 23:45:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\Save
[2009-12-27 14:17:37 | 00,100,992 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys
[2009-12-27 14:17:24 | 00,024,448 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys
[2009-12-27 01:19:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Pulpit\WinXp
[2009-12-26 12:54:43 | 00,000,000 | ---D | C] -- C:\Program Files\Webteh
[2009-12-26 12:54:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\BSplayer Pro
[2009-12-26 12:54:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Łukasz\Dane aplikacji\BSplayer
[2009-04-18 17:17:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Bytemobile
[2008-12-21 16:54:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2008-12-21 16:54:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2008-12-21 16:52:28 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2008-12-21 16:52:28 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2010-01-24 19:48:01 | 06,261,280 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2010-01-24 19:47:42 | 00,053,140 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2010-01-24 19:46:24 | 00,007,220 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2010-01-24 19:46:20 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Łukasz\Pulpit\OTL.exe
[2010-01-24 17:59:40 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-01-24 17:59:38 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-01-24 17:59:37 | 00,069,112 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010-01-24 17:55:47 | 01,015,840 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2010-01-24 17:55:30 | 17,301,504 | -H-- | M] () -- C:\Documents and Settings\Łukasz\NTUSER.DAT
[2010-01-24 17:55:24 | 00,000,188 | -HS- | M] () -- C:\Documents and Settings\Łukasz\ntuser.ini
[2010-01-24 13:26:20 | 00,027,821 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Iron_Maiden_-_Complete_Discography..5218520.TPB.torrent
[2010-01-24 13:23:10 | 00,024,483 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Avenged_Sevenfold_Discography.5052131.TPB.torrent
[2010-01-24 13:22:28 | 00,023,077 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Creed_-_Discography_(1997-2009).5174914.TPB.torrent
[2010-01-23 21:24:27 | 00,000,560 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\CDex.lnk
[2010-01-23 11:55:32 | 00,036,367 | ---- | M] () -- C:\Documents and Settings\Łukasz\Moje dokumenty\dzien.JPG
[2010-01-22 23:19:47 | 01,732,949 | ---- | M] () -- C:\Documents and Settings\Łukasz\Moje dokumenty\new_playlist.fpl
[2010-01-22 20:22:08 | 00,185,344 | ---- | M] () -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-01-22 20:13:07 | 00,002,055 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\iTunes.lnk
[2010-01-22 18:10:24 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-01-20 20:05:08 | 33,070,527 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\ipodvideobatterytutorial.wmv
[2010-01-17 14:47:20 | 01,347,829 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\DSC01832.jpg
[2010-01-17 14:45:44 | 01,429,533 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\DSC01831.jpg
[2010-01-17 14:45:24 | 01,316,620 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\DSC01830.jpg
[2010-01-17 01:13:04 | 06,451,254 | ---- | M] () -- C:\Documents and Settings\Łukasz\Moje dokumenty\blueconnect 17.01.2010.bmp
[2010-01-16 16:18:53 | 00,000,687 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\NBA 2K10.lnk
[2010-01-15 18:09:23 | 06,451,254 | ---- | M] () -- C:\Documents and Settings\Łukasz\Moje dokumenty\1233.bmp
[2010-01-14 23:35:22 | 06,451,254 | ---- | M] () -- C:\Documents and Settings\Łukasz\Moje dokumenty\bez ty1tułu.bmp
[2010-01-14 17:46:47 | 01,314,613 | ---- | M] () -- C:\Documents and Settings\Łukasz\Moje dokumenty\playlist_all.fpl
[2010-01-13 22:29:56 | 00,095,609 | ---- | M] () -- C:\Documents and Settings\Łukasz\Moje dokumenty\single_mp3's.fpl
[2010-01-13 18:06:59 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010-01-10 14:55:09 | 00,098,321 | ---- | M] () -- C:\Documents and Settings\Łukasz\Moje dokumenty\1.htm
[2010-01-09 17:34:49 | 00,142,235 | ---- | M] () -- C:\Documents and Settings\Łukasz\Moje dokumenty\_1263054886900.png
[2010-01-06 23:55:33 | 00,002,163 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Ventrilo.lnk
[2010-01-05 21:04:27 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010-01-04 17:23:09 | 00,003,863 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010-01-04 17:20:44 | 00,001,781 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2010-01-03 15:28:10 | 00,575,124 | ---- | M] () -- C:\Documents and Settings\Łukasz\Moje dokumenty\album's.fpl
[2010-01-03 15:13:03 | 00,034,887 | ---- | M] () -- C:\Documents and Settings\Łukasz\Moje dokumenty\stevengerrard_175417.jpg
[2010-01-03 15:10:32 | 00,586,157 | ---- | M] () -- C:\Documents and Settings\Łukasz\Moje dokumenty\Torres 3.jpg
[2009-12-31 15:24:50 | 00,001,682 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\The Saboteur™.lnk
[2009-12-31 12:11:29 | 00,000,642 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\Counter-Strike.lnk
[2009-12-30 18:09:49 | 00,000,544 | ---- | M] () -- C:\Documents and Settings\Łukasz\Pulpit\STEAM.lnk
[2009-12-27 14:17:21 | 00,000,912 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mobile Connect.lnk
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2010-01-24 13:26:20 | 00,027,821 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Iron_Maiden_-_Complete_Discography..5218520.TPB.torrent
[2010-01-24 13:23:09 | 00,024,483 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Avenged_Sevenfold_Discography.5052131.TPB.torrent
[2010-01-24 13:22:27 | 00,023,077 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\Creed_-_Discography_(1997-2009).5174914.TPB.torrent
[2010-01-24 10:04:19 | 00,000,087 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\SVDownloads.url
[2010-01-23 21:24:27 | 00,000,560 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\CDex.lnk
[2010-01-23 15:47:39 | 00,000,020 | ---- | C] () -- C:\Documents and Settings\LocalService\Dane aplikacji\cbqozg.dat
[2010-01-23 11:55:32 | 00,036,367 | ---- | C] () -- C:\Documents and Settings\Łukasz\Moje dokumenty\dzien.JPG
[2010-01-20 19:10:15 | 33,070,527 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\ipodvideobatterytutorial.wmv
[2010-01-18 16:55:40 | 00,002,055 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\iTunes.lnk
[2010-01-17 14:47:20 | 01,347,829 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\DSC01832.jpg
[2010-01-17 14:45:44 | 01,429,533 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\DSC01831.jpg
[2010-01-17 14:45:24 | 01,316,620 | ---- | C] () -- C:\Documents and Settings\Łukasz\Pulpit\DSC01830.jpg
[2010-01-17 01:13:03 | 06,451,254 | ---- | C] () -- C:\Documents and Settings\Łukasz\Moje dokumenty\blueconnect 17.01.2010.bmp
[2010-01-16 16:18:52 | 00,000,687 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\NBA 2K10.lnk
[2010-01-15 18:09:22 | 06,451,254 | ---- | C] () -- C:\Documents and Settings\Łukasz\Moje dokumenty\1233.bmp
[2010-01-14 23:35:22 | 06,451,254 | ---- | C] () -- C:\Documents and Settings\Łukasz\Moje dokumenty\bez ty1tułu.bmp
[2010-01-14 17:46:47 | 01,314,613 | ---- | C] () -- C:\Documents and Settings\Łukasz\Moje dokumenty\playlist_all.fpl
[2010-01-10 14:55:09 | 00,098,321 | ---- | C] () -- C:\Documents and Settings\Łukasz\Moje dokumenty\1.htm
[2010-01-09 17:34:48 | 00,142,235 | ---- | C] () -- C:\Documents and Settings\Łukasz\Moje dokumenty\_1263054886900.png
[2010-01-05 21:04:27 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2010-01-05 21:04:27 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2010-01-03 15:28:17 | 00,095,609 | ---- | C] () -- C:\Documents and Settings\Łukasz\Moje dokumenty\single_mp3's.fpl
[2010-01-03 15:28:10 | 00,575,124 | ---- | C] () -- C:\Documents and Settings\Łukasz\Moje dokumenty\album's.fpl
[2010-01-03 15:27:57 | 01,732,949 | ---- | C] () -- C:\Documents and Settings\Łukasz\Moje dokumenty\new_playlist.fpl
[2010-01-03 15:13:03 | 00,034,887 | ---- | C] () -- C:\Documents and Settings\Łukasz\Moje dokumenty\stevengerrard_175417.jpg
[2010-01-03 15:10:32 | 00,586,157 | ---- | C] () -- C:\Documents and Settings\Łukasz\Moje dokumenty\Torres 3.jpg
[2009-12-31 15:24:50 | 00,001,682 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\The Saboteur™.lnk
[2009-12-27 14:17:21 | 00,000,912 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mobile Connect.lnk
[2009-12-15 22:53:57 | 00,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-12-15 22:53:57 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009-12-15 22:53:55 | 02,378,752 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2009-12-15 22:53:55 | 00,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-12-15 22:53:55 | 00,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-12-15 22:53:54 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-12-15 22:53:53 | 00,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-12-15 22:53:53 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-11-28 12:26:01 | 00,000,012 | ---- | C] () -- C:\Documents and Settings\Łukasz\Dane aplikacji\cbqozg.dat
[2009-11-28 12:25:53 | 00,000,004 | ---- | C] () -- C:\Documents and Settings\Łukasz\Dane aplikacji\avdrn.dat
[2009-11-21 13:26:32 | 00,000,579 | ---- | C] () -- C:\Documents and Settings\Łukasz\Dane aplikacji\AutoGK.ini
[2009-09-19 20:45:24 | 00,430,080 | ---- | C] () -- C:\WINDOWS\System32\wmpheadphones.dll
[2009-08-15 02:25:14 | 00,000,259 | ---- | C] () -- C:\Documents and Settings\Łukasz\Dane aplikacji\burnaware.ini
[2009-06-16 19:29:31 | 00,050,063 | ---- | C] () -- C:\WINDOWS\php.ini
[2009-06-14 18:07:27 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2009-06-14 18:07:23 | 00,077,824 | ---- | C] () -- C:\WINDOWS\zlib1.dll
[2009-05-18 17:04:35 | 00,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2009-01-16 20:34:59 | 00,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009-01-16 20:34:59 | 00,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009-01-16 20:22:00 | 00,001,291 | ---- | C] () -- C:\Documents and Settings\Łukasz\Dane aplikacji\dtpro.ini
[2009-01-16 20:17:25 | 00,013,312 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008-12-31 14:09:25 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2008-12-29 21:57:20 | 00,132,184 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2008-12-23 21:58:29 | 00,001,781 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2008-12-23 21:57:24 | 00,003,863 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008-12-23 21:02:40 | 00,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008-12-22 02:11:21 | 00,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008-12-22 02:11:20 | 00,022,328 | ---- | C] () -- C:\Documents and Settings\Łukasz\Dane aplikacji\PnkBstrK.sys
[2008-12-22 01:53:55 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008-12-21 19:32:44 | 00,185,344 | ---- | C] () -- C:\Documents and Settings\Łukasz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-12-21 17:54:57 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008-12-21 17:54:47 | 00,032,363 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008-12-21 17:54:46 | 00,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008-10-22 05:29:06 | 00,173,550 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008-10-07 09:13:30 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 09:13:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2004-08-03 23:44:00 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004-07-17 10:36:38 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004-01-09 16:47:56 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\avisynth_c.dll
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:1AD0EB3C
@Alternate Data Stream - 529 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF
@Alternate Data Stream - 184 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:4BF2F6B5
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:888AFB86
< End of report >
- Extras.txt (nie zmieścił się w poście, daje więc na wklej.to -> http://wklej.to/l1TG
Proszę o pomoc, będę wdzięczny
. 
