Google przekierowuje strony na reklamy

[Quattron]

Po przejrzeniu forum widzę że to jest dość częsty problem wśród użytkowników.
Kilka dodatkowych informacji:
- po wpisaniu czegokolwiek w wyszukiwarkę i próbie wejścia przez wyszukane linki strona zostaje przekierowana na strony z reklamami
-Windows XP
-zrobiłem skanowanie malwerbytes i po usunięciu ok 10 zagrożeń problem nie zniknął
-próbowałem usuwania kilku aplikacji które jednak powracają (głównie jakieś toolbary), nie zadziałało przywrócenie sytemu
-obecnie brak antywirusa, do dzisiaj używany był avast
Tak więc proszę o pomoc

Wklejam logi z OTL natomiast co do logu z GMER niestety mam problem z pozbyciem się pliku sptd.sys.
Po zastosowaniu się do instrukcji i próbie zainicjowania SPTDinst 32 bit ( systemy 32-bit SPTDinst-v -x86.exe) dostaję odpowiedź że nie jest to prawidłowa aplikacja systemu win32. Jeżeli jest sposób żeby to ominąć postaram się uzupełnić loga.

Kod: Zaznacz wszystko

OTL Extras logfile created on: 2011-04-22 17:19:04 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Documents and Settings\R\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

510,00 Mb Total Physical Memory | 129,00 Mb Available Physical Memory | 25,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 8,45 Gb Free Space | 43,28% Space Free | Partition Type: NTFS
Drive D: | 39,06 Gb Total Space | 19,78 Gb Free Space | 50,65% Space Free | Partition Type: NTFS
Drive E: | 39,06 Gb Total Space | 2,81 Gb Free Space | 7,20% Space Free | Partition Type: NTFS
Drive F: | 51,39 Gb Total Space | 46,34 Gb Free Space | 90,18% Space Free | Partition Type: NTFS

Computer Name: RR | User Name: R | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1960408961-562591055-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\ParetoLogic\FileCure\FileCure_noapp.exe %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx
"E:\Gry\pes08\PES2008.exe" = E:\Gry\pes08\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008 -- (KONAMI)
"E:\Gry\pes08\Pes 8 Pro evolution soccer 2008\PES2008.exe" = E:\Gry\pes08\Pes 8 Pro evolution soccer 2008\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008 -- (KONAMI)
"C:\Program Files\Nowe Gadu-Gadu\gg.exe" = C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare
"E:\Gry\cs\valve\hl.exe" = E:\Gry\cs\valve\hl.exe:*:Enabled:Half-Life Launcher
"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
"D:\Anka\sims\PDFReader_Setup.exe" = D:\Anka\sims\PDFReader_Setup.exe:*:Enabled:PDF Reader 9.1
"C:\Documents and Settings\R\Ustawienia lokalne\Temp\is799009782\AInstaller.exe" = C:\Documents and Settings\R\Ustawienia lokalne\Temp\is799009782\AInstaller.exe:*:Enabled:AD Installer
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{036FD544-AED6-3F33-856D-A2292D0CF471}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{083F79E4-6FE9-46FB-A6C6-4F8862742947}" = ATI HYDRAVISION
"{0893078B-8A9A-84D6-D393-119B9B0B033A}" = CCC Help French
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0E2A60F7-2907-5718-FF16-7D8FAF70051E}" = CCC Help Chinese Standard
"{14FAE013-AE19-4FC9-B5BF-E56ADC01ECE6}" = CCC Help Turkish
"{17BB2784-6EE4-D7FF-FE63-58A3AD2B3708}" = CCC Help Russian
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{233588CF-96D5-46AF-EF74-7EC382662791}" = Catalyst Control Center Graphics Full Existing
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{2792F12C-3515-4D69-8083-B557AF35F06F}" = LightScribe  1.4.89.1
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 4.010.00
"{3260ECBC-9DDF-E7A3-0863-449473BC7BD5}" = CCC Help Chinese Traditional
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{39C6C229-CFFD-639E-229A-E463FCD87478}" = CCC Help German
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840
"{4F11FC80-CE8C-1BD4-5C39-EBE5744E5135}" = CCC Help Portuguese
"{4FAB2BA7-E16C-95D2-F326-60A68409373F}" = Catalyst Control Center HydraVision Full
"{517B8FB2-26EE-43B0-AE1B-07408860AA69}" = DigitImg
"{529AA9A8-5020-6CFB-A809-BC5943C87077}" = CCC Help Thai
"{53604297-26FD-516D-6FF7-1063BA64A0A4}" = Catalyst Control Center Graphics Light
"{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}" = Photosmart 140,240,7200,7600,7700,7900 Series
"{55BD3B0B-F054-9341-514F-295A5F7EA450}" = CCC Help Spanish
"{5A4FA9C8-ED56-08C3-153B-FC5C19256290}" = CCC Help Dutch
"{6C390D51-E5F0-4FCD-24C4-731ACAF34571}" = CCC Help Japanese
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{71813834-C5F1-4B86-907A-54CEF83EB2E2}" = PSShortcuts
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7AA8FA9A-1656-7DBD-633B-FE7A62BBED0C}" = CCC Help Czech
"{7C77393F-8237-3825-A88A-AFAF3C69C072}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK
"{7DDB3F86-E1E5-11D7-A04D-0050FCB66B41}" = Soltek Hardware Monitor
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C22131B-8634-CECF-F0D1-A2ECC160B450}" = CCC Help Norwegian
"{8F2ED3E6-4049-4BEF-B4CB-0208D24E302F}" = USB TO IRDA Driver 1.3.0.5
"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007
"{90170415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{90FBE4D0-2ACA-A8A8-2CC4-CFFBAE528504}" = CCC Help Finnish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D74375E-3012-E7D2-9229-B220C91F326A}" = Catalyst Control Center Core Implementation
"{9EE8BDCA-7505-4895-D91E-8108DD16292E}" = CCC Help English
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8AF8BD3-61B5-7945-4D1B-217421F604FC}" = CCC Help Hungarian
"{AA46E1C5-A709-6D9B-D99D-92E4C6E042A9}" = CCC Help Korean
"{AA62A33C-9E5E-3913-7D88-7E58A8CB1493}" = CCC Help Greek
"{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.0 - Polish
"{B653F643-A1B4-9936-2DB6-FEA9A3110D8D}" = ccc-core-preinstall
"{B71C4637-0247-78CE-6A3D-D61645CB8921}" = ccc-utility
"{BAE4A43D-6DDE-4E19-A2A5-BBD89A3ED48C}" = PS7200
"{BC2E7C0B-1AC6-5F6C-F31D-E1E72D8E0B5C}" = CCC Help Danish
"{BF8C7DA7-2DE6-ED67-6C82-6BE82F8BA8D3}" = Catalyst Control Center Graphics Full New
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C409F338-BB20-6C4A-F40D-20CA07AF714C}" = CCC Help Polish
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D35191B3-F340-4C11-A4E0-8B09477B4302}" = Dysk wspomnieniowy HP
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{D4B7B2DC-E688-A9D6-6EC0-56AE540E074C}" = Catalyst Control Center Localization All
"{D9CD701B-3F04-FC69-D974-F3A7F5E9BA30}" = CCC Help Swedish
"{D9D93D74-107D-4BD3-87D0-AABCF7C98BD5}" = Catalyst Control Center - Branding
"{DDA2B32F-EB16-4C96-A130-4E4A4C1E6B12}" = HP Software Update
"{E213321B-1E88-B38D-DAB2-D8CB9355984A}" = Skins
"{EFE26D3B-2789-4068-A5BB-77E389FAEB98}" = PSUsage
"{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite
"{F4148D8F-ED3A-3097-509C-04D5560220F9}" = ccc-core-static
"{F7E68997-E626-952B-A7BF-F72066CD5D77}" = Catalyst Control Center Graphics Previews Common
"{F9000000-0001-0000-0000-074957833700}" = ABBYY FineReader 9.0 Professional Edition
"{FA36C82B-464D-51F2-A6A1-0BC9140BE067}" = CCC Help Italian
"504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Pakiet sterowników systemu Windows - Nokia Modem  (10/07/2010 4.6)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All ATI Software" = Narzędzie Software Uninstall Utility firmy ATI
"ATI Display Driver" = ATI Display Driver
"AVS DVD Player_is1" = AVS DVD Player version 2.4
"AVS Update Manager_is1" = AVS Update Manager 1.0
"Deluxe Ski Jump 3_is1" = Deluxe Ski Jump 3 v1.7.0
"E5372C32E8562C76C24DBA6525002B1031495F34" = Pakiet sterowników systemu Windows - Nokia Modem  (06/09/2010 7.01.0.8)
"Free PS Convert driver_is1" = Free PS Convert driver 8.15
"Gadu-Gadu 10" = Gadu-Gadu 10
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MoorHunt_is1" = MoorHunt 0.6.3.0
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"MP3 To Ringtone Gold_is1" = MP3 To Ringtone Gold 8.7
"neostradatp.exe" = neostrada tp
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"R for Windows 2.11.1_is1" = R for Windows 2.11.1
"StmAdsl" = ADSL Modem
"VIA Audio Driver Setup Program" = VIA Audio Driver Setup Program
"VLC media player" = VLC media player 1.0.3
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = Archiwizator WinRAR
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2011-03-23 08:46:51 | Computer Name = RR | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd plugin-container.exe, wersja 1.9.2.4079,
moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x0000100b.

Error - 2011-04-06 13:34:08 | Computer Name = RR | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd plugin-container.exe, wersja 1.9.2.4095,
moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x0000100b.

Error - 2011-04-09 12:16:54 | Computer Name = RR | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd plugin-container.exe, wersja 1.9.2.4095,
moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x0000100b.

Error - 2011-04-09 13:17:38 | Computer Name = RR | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd iexplore.exe, wersja 7.0.6000.17095, moduł
powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x002727c1.

Error - 2011-04-15 16:39:31 | Computer Name = RR | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca neostradatp.exe, wersja 5.9.1.3, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2011-04-21 18:41:37 | Computer Name = RR | Source = LoadPerf | ID = 3001
Description = Występująca w rejestrze wartość ciągu nazwy licznika wydajności jest
niepoprawnie
sformatowana. Nieprawdziwy ciąg to 9708, nieprawdziwa wartość  indeksu to pierwszy
wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe  wartości indeksu to drugi
i trzeci wpis DWORD w sekcji danych.

Error - 2011-04-21 18:41:37 | Computer Name = RR | Source = LoadPerf | ID = 3001
Description = Występująca w rejestrze wartość ciągu nazwy licznika wydajności jest
niepoprawnie
sformatowana. Nieprawdziwy ciąg to 9708, nieprawdziwa wartość  indeksu to pierwszy
wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe  wartości indeksu to drugi
i trzeci wpis DWORD w sekcji danych.

Error - 2011-04-21 18:41:37 | Computer Name = RR | Source = LoadPerf | ID = 3011
Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl
(WmiApRpl).   Kod błędu to pierwszy wpis DWORD w sekcji danych (Data).

Error - 2011-04-21 18:41:40 | Computer Name = RR | Source = LoadPerf | ID = 3001
Description = Występująca w rejestrze wartość ciągu nazwy licznika wydajności jest
niepoprawnie
sformatowana. Nieprawdziwy ciąg to 9708, nieprawdziwa wartość  indeksu to pierwszy
wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe  wartości indeksu to drugi
i trzeci wpis DWORD w sekcji danych.

Error - 2011-04-21 18:43:20 | Computer Name = RR | Source = MsiInstaller | ID = 11722
Description = Product: Java(TM) 6 Update 24 -- Error 1722.There is a problem with
this Windows Installer package. A program run as part of the setup did not finish
as expected. Contact your support personnel or package vendor.  Action patchjre,
location: C:\Program Files\Java\jre6\patchjre.exe, command: -s "C:\Program Files\Java\jre6"


[ Application Events ]
Error - 2011-03-23 08:46:51 | Computer Name = RR | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd plugin-container.exe, wersja 1.9.2.4079,
moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x0000100b.

Error - 2011-04-06 13:34:08 | Computer Name = RR | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd plugin-container.exe, wersja 1.9.2.4095,
moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x0000100b.

Error - 2011-04-09 12:16:54 | Computer Name = RR | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd plugin-container.exe, wersja 1.9.2.4095,
moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x0000100b.

Error - 2011-04-09 13:17:38 | Computer Name = RR | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd iexplore.exe, wersja 7.0.6000.17095, moduł
powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x002727c1.

Error - 2011-04-15 16:39:31 | Computer Name = RR | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca neostradatp.exe, wersja 5.9.1.3, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2011-04-21 18:41:37 | Computer Name = RR | Source = LoadPerf | ID = 3001
Description = Występująca w rejestrze wartość ciągu nazwy licznika wydajności jest
niepoprawnie
sformatowana. Nieprawdziwy ciąg to 9708, nieprawdziwa wartość  indeksu to pierwszy
wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe  wartości indeksu to drugi
i trzeci wpis DWORD w sekcji danych.

Error - 2011-04-21 18:41:37 | Computer Name = RR | Source = LoadPerf | ID = 3001
Description = Występująca w rejestrze wartość ciągu nazwy licznika wydajności jest
niepoprawnie
sformatowana. Nieprawdziwy ciąg to 9708, nieprawdziwa wartość  indeksu to pierwszy
wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe  wartości indeksu to drugi
i trzeci wpis DWORD w sekcji danych.

Error - 2011-04-21 18:41:37 | Computer Name = RR | Source = LoadPerf | ID = 3011
Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl
(WmiApRpl).   Kod błędu to pierwszy wpis DWORD w sekcji danych (Data).

Error - 2011-04-21 18:41:40 | Computer Name = RR | Source = LoadPerf | ID = 3001
Description = Występująca w rejestrze wartość ciągu nazwy licznika wydajności jest
niepoprawnie
sformatowana. Nieprawdziwy ciąg to 9708, nieprawdziwa wartość  indeksu to pierwszy
wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe  wartości indeksu to drugi
i trzeci wpis DWORD w sekcji danych.

Error - 2011-04-21 18:43:20 | Computer Name = RR | Source = MsiInstaller | ID = 11722
Description = Product: Java(TM) 6 Update 24 -- Error 1722.There is a problem with
this Windows Installer package. A program run as part of the setup did not finish
as expected. Contact your support personnel or package vendor.  Action patchjre,
location: C:\Program Files\Java\jre6\patchjre.exe, command: -s "C:\Program Files\Java\jre6"


[ System Events ]
Error - 2011-04-22 09:07:43 | Computer Name = RR | Source = Ftdisk | ID = 262193
Description = Konfigurowanie pliku strony dla zrzutu awaryjnego nie powiodło się.
Upewnij się, że na partycji rozruchowej znajduje się plik strony i że jest wystarczająco
duży, aby zawierać całą pamięć fizyczną.

Error - 2011-04-22 09:14:00 | Computer Name = RR | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi General Purpose USB Driver (e4ldr.sys)
z powodu następującego błędu:   %%2

Error - 2011-04-22 09:14:00 | Computer Name = RR | Source = Ftdisk | ID = 262189
Description = System nie może pomyślnie załadować sterownika zrzutu awaryjnego.

Error - 2011-04-22 09:14:00 | Computer Name = RR | Source = Ftdisk | ID = 262193
Description = Konfigurowanie pliku strony dla zrzutu awaryjnego nie powiodło się.
Upewnij się, że na partycji rozruchowej znajduje się plik strony i że jest wystarczająco
duży, aby zawierać całą pamięć fizyczną.

Error - 2011-04-22 10:13:03 | Computer Name = RR | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi General Purpose USB Driver (e4ldr.sys)
z powodu następującego błędu:   %%2

Error - 2011-04-22 10:13:22 | Computer Name = RR | Source = Ftdisk | ID = 262189
Description = System nie może pomyślnie załadować sterownika zrzutu awaryjnego.

Error - 2011-04-22 10:13:22 | Computer Name = RR | Source = Ftdisk | ID = 262193
Description = Konfigurowanie pliku strony dla zrzutu awaryjnego nie powiodło się.
Upewnij się, że na partycji rozruchowej znajduje się plik strony i że jest wystarczająco
duży, aby zawierać całą pamięć fizyczną.

Error - 2011-04-22 11:01:17 | Computer Name = RR | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi General Purpose USB Driver (e4ldr.sys)
z powodu następującego błędu:   %%2

Error - 2011-04-22 11:01:31 | Computer Name = RR | Source = Ftdisk | ID = 262189
Description = System nie może pomyślnie załadować sterownika zrzutu awaryjnego.

Error - 2011-04-22 11:01:31 | Computer Name = RR | Source = Ftdisk | ID = 262193
Description = Konfigurowanie pliku strony dla zrzutu awaryjnego nie powiodło się.
Upewnij się, że na partycji rozruchowej znajduje się plik strony i że jest wystarczająco
duży, aby zawierać całą pamięć fizyczną.


< End of report >

Kod: Zaznacz wszystko

OTL logfile created on: 2011-04-22 17:19:03 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Documents and Settings\R\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

510,00 Mb Total Physical Memory | 129,00 Mb Available Physical Memory | 25,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 8,45 Gb Free Space | 43,28% Space Free | Partition Type: NTFS
Drive D: | 39,06 Gb Total Space | 19,78 Gb Free Space | 50,65% Space Free | Partition Type: NTFS
Drive E: | 39,06 Gb Total Space | 2,81 Gb Free Space | 7,20% Space Free | Partition Type: NTFS
Drive F: | 51,39 Gb Total Space | 46,34 Gb Free Space | 90,18% Space Free | Partition Type: NTFS

Computer Name: RR | User Name: R | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011-04-22 17:05:52 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\R\Pulpit\OTL.exe
PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-12-06 21:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
PRC - [2005-12-06 14:53:30 | 000,819,200 | ---- | M] (France Télécom R&D) -- C:\Program Files\neostrada tp\neostradatp.exe
PRC - [2005-11-22 12:54:18 | 000,249,856 | ---- | M] (France Télécom R&D) -- C:\Program Files\neostrada tp\ComComp.exe
PRC - [2004-11-02 15:31:20 | 000,069,632 | ---- | M] (France Telecom R&D) -- C:\Program Files\neostrada tp\Toaster.exe
PRC - [2004-10-27 11:30:44 | 000,032,768 | ---- | M] () -- C:\Program Files\neostrada tp\Inactivity.exe
PRC - [2004-10-27 11:07:06 | 000,069,632 | ---- | M] () -- C:\Program Files\neostrada tp\PollingModule.exe
PRC - [2004-10-21 08:50:52 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\AlertModule\AlertModule.exe
PRC - [2004-08-23 14:49:56 | 000,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\system32\FTRTSVC.exe
PRC - [2004-08-23 14:49:56 | 000,020,480 | ---- | M] (France Télécom R&D) -- C:\Program Files\neostrada tp\Watch.exe
PRC - [2004-05-05 07:22:12 | 000,491,520 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon05.exe
PRC - [2003-12-22 08:38:40 | 000,135,168 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011-04-22 17:05:52 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\R\Pulpit\OTL.exe
MOD - [2010-08-23 18:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2004-10-26 09:49:34 | 000,028,672 | ---- | M] () -- C:\Program Files\neostrada tp\Inactivity.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] --  -- (HidServ)
SRV - [2010-12-08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007-12-06 21:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.9.0)
SRV - [2004-08-23 14:49:56 | 000,040,960 | ---- | M] (France Telecom) [Auto | Running] -- C:\WINDOWS\system32\FTRTSVC.exe -- (FTRTSVC)
SRV - [2004-03-18 16:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-07-30 14:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010-07-30 14:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-07-30 14:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-07-30 14:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009-07-21 18:30:48 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009-05-19 15:07:13 | 000,043,672 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2009-05-14 19:00:28 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006-06-16 12:53:16 | 000,025,088 | ---- | M] (Ark Pioneer MicroElectronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IrUSB.sys -- (IrUSB)
DRV - [2006-05-25 19:28:44 | 000,684,265 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb)
DRV - [2004-09-06 10:01:56 | 000,161,536 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)
DRV - [2003-08-12 18:51:00 | 000,060,255 | R--- | M] (STMicroelectronics              ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm)
DRV - [2003-08-04 13:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2003-07-01 22:42:00 | 000,027,904 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = about:blank
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/

IE - HKU\S-1-5-21-1960408961-562591055-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1960408961-562591055-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1960408961-562591055-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-1960408961-562591055-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1960408961-562591055-725345543-1003\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\neostrada tp\SearchPageURL.dll ()
IE - HKU\S-1-5-21-1960408961-562591055-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Web Search..."
FF - prefs.js..browser.search.defaulturl: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=14542"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl"
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.1.0
FF - prefs.js..extensions.enabledItems: {5EB37AE4-DA0A-41ab-8037-BDEDDCC70669}:1.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.0
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.736
FF - prefs.js..keyword.URL: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q="


FF - HKLM\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2011-03-28 19:51:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-04-22 00:20:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-04-22 15:56:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2009-05-13 21:12:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\R\Dane aplikacji\Mozilla\Extensions
[2011-04-22 16:42:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions
[2009-08-12 12:19:51 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009-09-30 18:37:26 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009-11-11 14:21:11 | 000,000,000 | ---D | M] (MediaBar) -- C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
[2010-09-26 12:46:48 | 000,000,000 | ---D | M] (Facemoods) -- C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\ffxtlbr@Facemoods.com
[2011-02-14 10:50:04 | 000,000,000 | ---D | M] (vShare) -- C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\vshare@toolbar(2)
[2009-07-18 01:02:48 | 000,002,476 | ---- | M] () -- C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\searchplugins\BearShareWebSearch.xml
[2011-02-09 21:37:09 | 000,001,583 | ---- | M] () -- C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\searchplugins\web-search.xml
[2009-08-12 12:19:58 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\searchplugins\winamp-search.xml
[2011-04-22 15:56:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009-10-20 20:50:38 | 000,000,000 | ---D | M] (flashget Extension) -- C:\Program Files\Mozilla Firefox\extensions\{5EB37AE4-DA0A-41ab-8037-BDEDDCC70669}
[2011-04-22 15:56:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2008-07-25 10:31:48 | 000,028,672 | ---- | M] (flashget) -- C:\Program Files\Mozilla Firefox\components\flashgetXpi.dll
[2011-04-22 15:56:35 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-09-26 12:46:01 | 000,002,226 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
[2009-07-18 01:02:48 | 000,002,476 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml
[2010-03-28 18:56:18 | 000,002,035 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchFxt.xml
[2009-12-09 11:46:54 | 000,000,832 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\WebSearch.xml

O1 HOSTS File: ([2001-10-26 15:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -  File not found
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} -  File not found
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1960408961-562591055-725345543-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-1960408961-562591055-725345543-1003\..\Toolbar\WebBrowser: (no name) - {577EBCA9-8ED3-45FC-A514-55B3817D4BCF} - No CLSID value found.
O3 - HKU\S-1-5-21-1960408961-562591055-725345543-1003\..\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} -  File not found
O4 - HKLM..\Run: [BVRPLiveUpdate]  File not found
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe (HP)
O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WOOWATCH] C:\Program Files\neostrada tp\Watch.exe (France Télécom R&D)
O4 - HKU\S-1-5-21-1960408961-562591055-725345543-1003..\Run: [iGoD]  File not found
O4 - HKU\S-1-5-21-1960408961-562591055-725345543-1003..\Run: [Software Informer]  File not found
O4 - HKU\S-1-5-21-1960408961-562591055-725345543-1003..\Run: [UniblueRegistryBooster]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1960408961-562591055-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-1960408961-562591055-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 () - C:/Program Files/Gadu-Gadu 10/5.JPG
O24 - Desktop Components:1 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-05-13 19:01:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-12-30 21:15:53 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-12-30 21:15:55 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-12-30 21:15:56 | 000,000,000 | RHSD | M] - E:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-12-30 21:15:57 | 000,000,000 | RHSD | M] - F:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{e1215f4c-793e-11de-843d-006900003efb}\Shell\AutoRun\command - "" = I:\xs6kpr0.exe
O33 - MountPoints2\{e1215f4c-793e-11de-843d-006900003efb}\Shell\open\Command - "" = I:\xs6kpr0.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011-04-22 17:05:48 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\R\Pulpit\OTL.exe
[2011-04-22 15:57:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011-04-22 15:56:51 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011-04-22 15:56:51 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011-04-22 15:56:51 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011-04-22 15:56:51 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011-04-22 14:15:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\R\Dane aplikacji\Malwarebytes
[2011-04-22 14:15:43 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011-04-22 14:15:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
[2011-04-22 14:15:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2011-04-22 14:15:38 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011-04-22 14:15:38 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011-04-22 14:09:39 | 007,734,240 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\R\Pulpit\mbam_1.50.1.1100_[www.programosy.pl].exe
[2011-04-22 00:43:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\facemoods.com
[2011-04-22 00:24:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\R\Pulpit\Nowy folder
[2011-04-22 00:20:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox
[2011-04-22 00:20:16 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\R\Recent
[2011-04-21 23:45:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
[2011-04-21 23:20:54 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-04-09 11:48:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Macromedia
[2011-04-09 11:48:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\AskToolbar
[2011-03-28 19:51:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Nokia PC Suite
[2011-03-28 19:51:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite
[2011-03-28 19:51:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2011-03-28 19:50:33 | 000,018,816 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys
[2011-03-28 19:50:02 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2011-03-28 19:47:58 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys
[2011-03-28 19:47:55 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys
[2011-03-28 19:47:53 | 000,023,040 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys
[2011-03-28 19:47:41 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01009.dll
[2011-03-28 19:47:41 | 000,604,160 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll
[2011-03-28 19:47:41 | 000,111,104 | ---- | C] (Nokia) -- C:\WINDOWS\System32\ccdcmbwu.dll
[2011-03-28 19:47:41 | 000,018,048 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys
[2010-10-18 18:53:54 | 000,568,664 | ---- | C] (Google Inc.) -- C:\Program Files\GoogleEarthPluginSetup.exe
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\*.tmp files -> C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011-04-22 17:21:28 | 000,000,857 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\cfg
[2011-04-22 17:17:14 | 001,195,254 | ---- | M] () -- C:\Documents and Settings\R\Pulpit\ekran.bmp
[2011-04-22 17:05:52 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\R\Pulpit\OTL.exe
[2011-04-22 17:05:03 | 000,301,568 | ---- | M] () -- C:\Documents and Settings\R\Pulpit\lh7e35yu.exe
[2011-04-22 17:01:11 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\systems.job
[2011-04-22 17:01:07 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2011-04-22 17:01:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-04-22 16:59:53 | 006,029,312 | ---- | M] () -- C:\Documents and Settings\R\ntuser.dat
[2011-04-22 16:59:53 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\R\ntuser.ini
[2011-04-22 16:59:00 | 000,001,116 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-562591055-725345543-1003UA.job
[2011-04-22 16:56:12 | 000,154,838 | ---- | M] () -- C:\Documents and Settings\R\Pulpit\SPTDinst-v178-x64.exe
[2011-04-22 16:26:36 | 000,154,838 | ---- | M] () -- C:\Documents and Settings\R\Pulpit\SPTDinst-v178-x86.exe
[2011-04-22 16:10:29 | 000,000,461 | ---- | M] () -- C:\WINDOWS\win.ini
[2011-04-22 16:10:29 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2011-04-22 16:10:29 | 000,000,211 | ---- | M] () -- C:\boot.ini
[2011-04-22 15:56:35 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011-04-22 15:56:35 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011-04-22 15:56:35 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011-04-22 15:56:35 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011-04-22 15:56:35 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011-04-22 15:12:31 | 004,812,744 | -H-- | M] () -- C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2011-04-22 15:11:27 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011-04-22 14:15:43 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2011-04-22 14:09:39 | 007,734,240 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\R\Pulpit\mbam_1.50.1.1100_[www.programosy.pl].exe
[2011-04-22 08:26:01 | 000,222,432 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-04-22 01:27:25 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011-04-22 01:25:32 | 001,177,700 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2011-04-22 01:25:32 | 000,538,024 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-04-22 01:25:32 | 000,475,454 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-04-22 01:25:32 | 000,107,996 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-04-22 01:25:32 | 000,085,266 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-04-22 01:01:04 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011-04-22 00:28:07 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-04-21 23:59:01 | 000,001,064 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-562591055-725345543-1003Core.job
[2011-04-21 23:49:55 | 000,158,644 | ---- | M] () -- C:\Documents and Settings\R\Moje dokumenty\cc_20110421_234947.reg
[2011-04-20 20:31:32 | 000,020,749 | ---- | M] () -- C:\Documents and Settings\R\Pulpit\tiulowa.jpg
[2011-04-18 15:45:24 | 003,180,403 | ---- | M] () -- C:\Documents and Settings\R\Moje dokumenty\Obraz 5598.jpg
[2011-04-13 15:28:27 | 006,257,329 | ---- | M] () -- C:\Documents and Settings\R\Pulpit\na_rosyjski_konkurs___.zip
[2011-04-13 14:36:41 | 000,054,082 | ---- | M] () -- C:\Documents and Settings\R\Pulpit\morza.jpg
[2011-04-13 14:36:16 | 000,042,909 | ---- | M] () -- C:\Documents and Settings\R\Pulpit\cieniny.jpg
[2011-04-13 14:35:55 | 000,045,471 | ---- | M] () -- C:\Documents and Settings\R\Pulpit\zatoki.jpg
[2011-04-09 10:29:48 | 000,104,699 | ---- | M] () -- C:\Documents and Settings\R\Pulpit\geo.jpg
[2011-03-30 21:39:32 | 000,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2011-03-28 19:57:15 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011-03-28 19:57:12 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011-03-28 19:51:57 | 000,001,763 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia PC Suite.lnk
[2011-03-28 19:43:53 | 036,930,464 | ---- | M] () -- C:\Documents and Settings\R\Pulpit\Nokia_PC_Suite_pol_web.exe
[2011-03-28 11:45:37 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\*.tmp files -> C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-04-22 17:16:24 | 001,195,254 | ---- | C] () -- C:\Documents and Settings\R\Pulpit\ekran.bmp
[2011-04-22 17:05:01 | 000,301,568 | ---- | C] () -- C:\Documents and Settings\R\Pulpit\lh7e35yu.exe
[2011-04-22 16:56:12 | 000,154,838 | ---- | C] () -- C:\Documents and Settings\R\Pulpit\SPTDinst-v178-x64.exe
[2011-04-22 16:53:09 | 000,000,606 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\cfg
[2011-04-22 16:26:36 | 000,154,838 | ---- | C] () -- C:\Documents and Settings\R\Pulpit\SPTDinst-v178-x86.exe
[2011-04-22 14:15:43 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2011-04-22 00:42:43 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011-04-21 23:54:03 | 000,001,116 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-562591055-725345543-1003UA.job
[2011-04-21 23:54:03 | 000,001,064 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-562591055-725345543-1003Core.job
[2011-04-21 23:49:51 | 000,158,644 | ---- | C] () -- C:\Documents and Settings\R\Moje dokumenty\cc_20110421_234947.reg
[2011-04-20 20:27:54 | 000,020,749 | ---- | C] () -- C:\Documents and Settings\R\Pulpit\tiulowa.jpg
[2011-04-18 15:43:45 | 003,180,403 | ---- | C] () -- C:\Documents and Settings\R\Moje dokumenty\Obraz 5598.jpg
[2011-04-13 15:55:53 | 000,104,699 | ---- | C] () -- C:\Documents and Settings\R\Pulpit\geo.jpg
[2011-04-13 15:27:43 | 006,257,329 | ---- | C] () -- C:\Documents and Settings\R\Pulpit\na_rosyjski_konkurs___.zip
[2011-04-13 14:36:41 | 000,054,082 | ---- | C] () -- C:\Documents and Settings\R\Pulpit\morza.jpg
[2011-04-13 14:36:16 | 000,042,909 | ---- | C] () -- C:\Documents and Settings\R\Pulpit\cieniny.jpg
[2011-04-13 14:35:53 | 000,045,471 | ---- | C] () -- C:\Documents and Settings\R\Pulpit\zatoki.jpg
[2011-04-02 19:43:32 | 006,029,312 | ---- | C] () -- C:\Documents and Settings\R\ntuser.dat
[2011-03-28 19:57:15 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011-03-28 19:57:12 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011-03-28 19:51:57 | 000,001,763 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia PC Suite.lnk
[2011-03-28 19:38:47 | 036,930,464 | ---- | C] () -- C:\Documents and Settings\R\Pulpit\Nokia_PC_Suite_pol_web.exe
[2010-09-16 18:22:26 | 000,000,343 | ---- | C] () -- C:\WINDOWS\pdf2word.INI
[2010-08-11 20:51:54 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010-05-08 19:58:22 | 000,336,896 | ---- | C] () -- C:\WINDOWS\System32\ammppg.dll
[2010-05-08 19:58:22 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010-05-08 19:58:22 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\a1.dll
[2010-05-08 19:58:20 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\qscl.dll
[2010-05-08 19:58:20 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\amrdec.dll
[2010-05-08 19:58:20 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\qcpsdk.dll
[2010-04-09 18:25:53 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfmonnt.dll
[2010-04-09 18:25:51 | 000,000,164 | ---- | C] () -- C:\WINDOWS\System32\psconv.ini
[2010-02-27 14:43:42 | 000,000,148 | ---- | C] () -- C:\WINDOWS\Readiris.ini
[2009-12-30 16:50:38 | 000,102,400 | ---- | C] () -- C:\WINDOWS\removeARKIRDA.exe
[2009-11-22 14:12:50 | 000,000,021 | ---- | C] () -- C:\WINDOWS\kit.ini
[2009-11-21 13:32:58 | 000,000,018 | ---- | C] () -- C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\devcpp.cfg
[2009-11-21 10:47:32 | 007,025,862 | ---- | C] () -- C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\cache.ccc
[2009-11-21 10:44:14 | 000,004,702 | ---- | C] () -- C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\devcpp.ini
[2009-11-11 13:56:31 | 000,000,161 | R--- | C] () -- C:\WINDOWS\DSLSetup.ini
[2009-11-11 13:56:29 | 000,000,902 | R--- | C] () -- C:\WINDOWS\System32\setup.ini
[2009-11-11 13:56:23 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\stmclean.exe
[2009-11-11 13:56:20 | 000,684,265 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys
[2009-10-15 17:36:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009-07-21 17:17:04 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009-07-21 17:17:04 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009-06-20 17:01:42 | 000,000,048 | ---- | C] () -- C:\Documents and Settings\R\Dane aplikacji\AVSDVDPlayer.m3u
[2009-06-20 16:55:54 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-06-20 16:55:54 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-06-20 13:04:38 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-06-19 20:54:27 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009-05-19 15:13:05 | 000,019,887 | ---- | C] () -- C:\WINDOWS\HPHins02.dat
[2009-05-19 15:13:05 | 000,004,308 | ---- | C] () -- C:\WINDOWS\hphmdl02.dat
[2009-05-19 15:09:37 | 000,019,887 | ---- | C] () -- C:\WINDOWS\HPHins02.dat.temp
[2009-05-19 15:09:37 | 000,004,308 | ---- | C] () -- C:\WINDOWS\hphmdl02.dat.temp
[2009-05-14 20:19:21 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-05-14 19:00:28 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-05-13 21:18:13 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-05-13 21:12:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009-05-13 20:20:12 | 001,177,700 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-05-13 20:20:12 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009-05-13 20:18:57 | 000,222,432 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-05-13 19:54:37 | 000,049,048 | ---- | C] () -- C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-05-13 19:54:22 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2009-05-13 19:50:25 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009-05-13 19:50:18 | 000,189,051 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009-05-13 19:42:33 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\UnAudioNT.dll
[2009-05-13 19:38:57 | 000,000,017 | ---- | C] () -- C:\WINDOWS\System32\auto.ini
[2009-05-13 19:08:36 | 004,812,744 | -H-- | C] () -- C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-05-13 19:03:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009-05-13 19:01:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2009-05-13 19:00:03 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009-05-13 18:59:58 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009-05-13 18:58:30 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\fltlib.dll
[2009-05-13 18:57:50 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009-05-13 18:57:40 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2009-05-13 18:57:40 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2009-05-13 18:56:55 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2009-05-13 18:56:54 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2009-05-13 18:56:44 | 000,351,744 | ---- | C] () -- C:\WINDOWS\System32\hypertrm.dll
[2006-10-24 12:30:20 | 000,412,160 | ---- | C] () -- C:\WINDOWS\System32\photometadatahandler.dll
[2004-08-04 00:56:48 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004-08-04 00:44:10 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2004-08-04 00:44:04 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2004-08-04 00:43:58 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2004-08-04 00:43:56 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatui.dll
[2004-08-04 00:43:54 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2004-08-04 00:43:16 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2004-08-03 22:51:32 | 000,053,920 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe
[2004-08-03 22:48:52 | 000,003,346 | ---- | C] () -- C:\WINDOWS\System32\redir.exe
[2004-08-03 22:46:56 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2004-08-03 22:45:34 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2004-08-03 22:45:16 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2004-08-03 22:45:16 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2004-08-03 22:45:14 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2004-08-03 22:45:12 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2004-08-02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004-07-17 11:46:14 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2004-07-17 11:34:48 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2004-05-05 07:13:02 | 000,006,478 | ---- | C] () -- C:\WINDOWS\System32\hphmon05.dat
[2004-04-01 16:52:10 | 000,364,544 | ---- | C] () -- C:\WINDOWS\System32\hphped05.exe
[2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001-10-26 19:29:54 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\dvdplay.exe
[2001-10-26 19:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll
[2001-10-26 17:29:40 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll
[2001-10-26 17:29:32 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2001-10-26 17:28:34 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2001-10-26 17:27:02 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2001-10-26 16:15:16 | 000,538,024 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2001-10-26 16:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2001-10-26 16:15:16 | 000,107,996 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2001-10-26 16:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2001-10-26 16:15:10 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\vwipxspx.exe
[2001-10-26 16:15:08 | 000,011,859 | ---- | C] () -- C:\WINDOWS\System32\setver.exe
[2001-10-26 16:15:08 | 000,003,260 | ---- | C] () -- C:\WINDOWS\System32\nw16.exe
[2001-10-26 16:15:04 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2001-10-26 16:14:58 | 000,007,116 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe
[2001-10-26 16:14:56 | 000,039,434 | ---- | C] () -- C:\WINDOWS\System32\mem.exe
[2001-10-26 16:14:54 | 000,014,913 | ---- | C] () -- C:\WINDOWS\System32\kb16.com
[2001-10-26 16:14:54 | 000,001,168 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com
[2001-10-26 16:14:52 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2001-10-26 16:14:50 | 000,019,806 | ---- | C] () -- C:\WINDOWS\System32\graphics.com
[2001-10-26 16:14:48 | 000,008,520 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe
[2001-10-26 16:14:46 | 000,012,866 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe
[2001-10-26 16:14:42 | 000,020,986 | ---- | C] () -- C:\WINDOWS\System32\debug.exe
[2001-10-26 16:14:38 | 000,051,823 | ---- | C] () -- C:\WINDOWS\System32\command.com
[2001-10-26 16:14:34 | 000,012,594 | ---- | C] () -- C:\WINDOWS\System32\append.exe
[2001-10-26 16:14:32 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2001-10-26 16:12:52 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2001-10-26 15:45:26 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2001-10-26 15:45:26 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2001-10-26 15:45:24 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2001-10-26 15:45:10 | 000,070,622 | ---- | C] () -- C:\WINDOWS\System32\edit.com
[2001-10-26 15:42:08 | 000,020,629 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini
[2001-10-26 15:42:08 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2001-10-26 15:42:08 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2001-10-26 15:42:08 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2001-08-23 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-23 13:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-17 21:35:10 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe
[2001-08-17 21:32:34 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe
[2001-08-17 21:32:34 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe
[2001-08-17 21:31:56 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2001-08-17 21:31:56 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2001-08-17 21:31:50 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2001-08-17 21:31:46 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2001-08-17 21:31:46 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2001-08-17 21:31:44 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2001-08-17 21:30:24 | 000,475,454 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-17 21:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-17 21:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-17 21:30:22 | 000,085,266 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-17 21:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-08-17 21:13:24 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv
[2001-08-17 19:55:06 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2001-07-22 02:25:18 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2001-07-21 22:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-07-21 22:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-07-21 22:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001-07-21 22:16:20 | 000,000,461 | ---- | C] () -- C:\WINDOWS\win.ini
[2001-07-21 22:15:52 | 000,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2001-07-21 22:15:50 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll

[color=#E56717]========== LOP Check ==========[/color]

[2009-10-08 17:46:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\29196
[2011-03-17 13:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2011-04-22 15:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2009-05-17 11:24:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\B138
[2009-08-09 18:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software
[2009-11-11 14:11:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\D271
[2009-05-14 19:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2011-02-14 10:47:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\dOjBjKa04300
[2010-01-28 20:29:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FileCure
[2010-08-04 17:02:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2011-03-28 19:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2009-09-23 22:15:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2009-05-17 11:54:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2009-10-08 17:42:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit
[2009-10-08 17:40:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2011-04-22 00:43:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\facemoods.com
[2010-09-23 21:37:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\$CUERoot$
[2010-05-02 10:34:44 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\R\Dane aplikacji\.#
[2009-11-11 14:10:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\BearShareTb
[2011-04-22 15:54:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\BITS
[2009-05-14 19:18:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\DAEMON Tools
[2009-05-14 20:12:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\DAEMON Tools Lite
[2009-05-14 19:18:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\DAEMON Tools Pro
[2010-08-17 12:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\ESET
[2010-09-26 12:48:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\facemoods.com
[2011-04-08 09:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\Gadu-Gadu 10
[2009-08-29 11:39:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\gtk-2.0
[2009-05-17 11:54:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\Nokia
[2009-08-15 15:46:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\Nowe Gadu-Gadu
[2009-09-23 22:15:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\OpenFM
[2011-03-28 19:58:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\PC Suite
[2010-12-27 19:48:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\PhotoFiltre
[2009-11-01 13:50:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\Thinstall
[2010-09-01 20:32:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\Uniblue
[2010-09-26 12:50:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\uTorrent
[2011-04-22 17:01:11 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\systems.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:D74B6CF5

< End of report >

[wojtas]

spróbujemy bez Gmera.

Uruchom OTL i w sekcji własne opcje skanowania / skrypt wklej:

:OTL
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
FF - prefs.js..browser.search.defaultenginename: "Web Search..."
FF - prefs.js..browser.search.defaulturl: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=14542"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.1.0
FF - prefs.js..keyword.URL: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q="
[2009-08-12 12:19:51 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009-11-11 14:21:11 | 000,000,000 | ---D | M] (MediaBar) -- C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
[2011-02-14 10:50:04 | 000,000,000 | ---D | M] (vShare) -- C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\vshare@toolbar(2)
[2009-07-18 01:02:48 | 000,002,476 | ---- | M] () -- C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\searchplugins\BearShareWebSearch.xml
[2011-02-09 21:37:09 | 000,001,583 | ---- | M] () -- C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\searchplugins\web-search.xml
[2009-08-12 12:19:58 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\searchplugins\winamp-search.xml
[2009-12-09 11:46:54 | 000,000,832 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\WebSearch.xml
[2009-07-18 01:02:48 | 000,002,476 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml
[2010-09-26 12:46:01 | 000,002,226 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - File not found
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - File not found
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1960408961-562591055-725345543-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-1960408961-562591055-725345543-1003\..\Toolbar\WebBrowser: (no name) - {577EBCA9-8ED3-45FC-A514-55B3817D4BCF} - No CLSID value found.
O3 - HKU\S-1-5-21-1960408961-562591055-725345543-1003\..\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - File not found
O4 - HKLM..\Run: [BVRPLiveUpdate] File not found
O4 - HKU\S-1-5-21-1960408961-562591055-725345543-1003..\Run: [iGoD] File not found
O4 - HKU\S-1-5-21-1960408961-562591055-725345543-1003..\Run: [Software Informer] File not found
O4 - HKU\S-1-5-21-1960408961-562591055-725345543-1003..\Run: [UniblueRegistryBooster] File not found
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Reg Error: Key error.)
O33 - MountPoints2\{e1215f4c-793e-11de-843d-006900003efb}\Shell\AutoRun\command - "" = I:\xs6kpr0.exe
O33 - MountPoints2\{e1215f4c-793e-11de-843d-006900003efb}\Shell\open\Command - "" = I:\xs6kpr0.exe
[2011-04-22 17:01:11 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\systems.job
[2011-04-22 16:59:00 | 000,001,116 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-562591055-725345543-1003UA.job
[2011-02-14 10:47:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\dOjBjKa04300
[2009-10-08 17:46:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\29196
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:D74B6CF5

:Commands
[emptytemp]
[emptyflash]

Kliknij wykonaj skrypt. I potwierdź reset komputera .

Następnie uruchamiasz OTL z opcją skanuj. Pokazujesz nowy log OTL.txt oraz raport z czyszczenia (zawartość notatnika, która otworzy się po restarcie).

Autor postu otrzymał pochwałę

[Quattron]

jak na razie bez zmian...
oto nowe logi i raport z czyszczenia

Kod: Zaznacz wszystko

OTL Extras logfile created on: 2011-04-22 20:22:09 - Run 2
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Documents and Settings\R\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

510,00 Mb Total Physical Memory | 229,00 Mb Available Physical Memory | 45,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 8,77 Gb Free Space | 44,90% Space Free | Partition Type: NTFS
Drive D: | 39,06 Gb Total Space | 19,78 Gb Free Space | 50,65% Space Free | Partition Type: NTFS
Drive E: | 39,06 Gb Total Space | 2,90 Gb Free Space | 7,43% Space Free | Partition Type: NTFS
Drive F: | 51,39 Gb Total Space | 46,34 Gb Free Space | 90,18% Space Free | Partition Type: NTFS

Computer Name: RR | User Name: R | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1960408961-562591055-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\ParetoLogic\FileCure\FileCure_noapp.exe %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx
"E:\Gry\pes08\PES2008.exe" = E:\Gry\pes08\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008 -- (KONAMI)
"E:\Gry\pes08\Pes 8 Pro evolution soccer 2008\PES2008.exe" = E:\Gry\pes08\Pes 8 Pro evolution soccer 2008\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008 -- (KONAMI)
"C:\Program Files\Nowe Gadu-Gadu\gg.exe" = C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Enabled:Nowe Gadu-Gadu
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare
"E:\Gry\cs\valve\hl.exe" = E:\Gry\cs\valve\hl.exe:*:Enabled:Half-Life Launcher
"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
"D:\Anka\sims\PDFReader_Setup.exe" = D:\Anka\sims\PDFReader_Setup.exe:*:Enabled:PDF Reader 9.1
"C:\Documents and Settings\R\Ustawienia lokalne\Temp\is799009782\AInstaller.exe" = C:\Documents and Settings\R\Ustawienia lokalne\Temp\is799009782\AInstaller.exe:*:Enabled:AD Installer
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{036FD544-AED6-3F33-856D-A2292D0CF471}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{083F79E4-6FE9-46FB-A6C6-4F8862742947}" = ATI HYDRAVISION
"{0893078B-8A9A-84D6-D393-119B9B0B033A}" = CCC Help French
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0E2A60F7-2907-5718-FF16-7D8FAF70051E}" = CCC Help Chinese Standard
"{14FAE013-AE19-4FC9-B5BF-E56ADC01ECE6}" = CCC Help Turkish
"{17BB2784-6EE4-D7FF-FE63-58A3AD2B3708}" = CCC Help Russian
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{233588CF-96D5-46AF-EF74-7EC382662791}" = Catalyst Control Center Graphics Full Existing
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{2792F12C-3515-4D69-8083-B557AF35F06F}" = LightScribe  1.4.89.1
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 4.010.00
"{3260ECBC-9DDF-E7A3-0863-449473BC7BD5}" = CCC Help Chinese Traditional
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{39C6C229-CFFD-639E-229A-E463FCD87478}" = CCC Help German
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840
"{4F11FC80-CE8C-1BD4-5C39-EBE5744E5135}" = CCC Help Portuguese
"{4FAB2BA7-E16C-95D2-F326-60A68409373F}" = Catalyst Control Center HydraVision Full
"{517B8FB2-26EE-43B0-AE1B-07408860AA69}" = DigitImg
"{529AA9A8-5020-6CFB-A809-BC5943C87077}" = CCC Help Thai
"{53604297-26FD-516D-6FF7-1063BA64A0A4}" = Catalyst Control Center Graphics Light
"{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}" = Photosmart 140,240,7200,7600,7700,7900 Series
"{55BD3B0B-F054-9341-514F-295A5F7EA450}" = CCC Help Spanish
"{5A4FA9C8-ED56-08C3-153B-FC5C19256290}" = CCC Help Dutch
"{6C390D51-E5F0-4FCD-24C4-731ACAF34571}" = CCC Help Japanese
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{71813834-C5F1-4B86-907A-54CEF83EB2E2}" = PSShortcuts
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7AA8FA9A-1656-7DBD-633B-FE7A62BBED0C}" = CCC Help Czech
"{7C77393F-8237-3825-A88A-AFAF3C69C072}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK
"{7DDB3F86-E1E5-11D7-A04D-0050FCB66B41}" = Soltek Hardware Monitor
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C22131B-8634-CECF-F0D1-A2ECC160B450}" = CCC Help Norwegian
"{8F2ED3E6-4049-4BEF-B4CB-0208D24E302F}" = USB TO IRDA Driver 1.3.0.5
"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007
"{90170415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{90FBE4D0-2ACA-A8A8-2CC4-CFFBAE528504}" = CCC Help Finnish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D74375E-3012-E7D2-9229-B220C91F326A}" = Catalyst Control Center Core Implementation
"{9EE8BDCA-7505-4895-D91E-8108DD16292E}" = CCC Help English
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8AF8BD3-61B5-7945-4D1B-217421F604FC}" = CCC Help Hungarian
"{AA46E1C5-A709-6D9B-D99D-92E4C6E042A9}" = CCC Help Korean
"{AA62A33C-9E5E-3913-7D88-7E58A8CB1493}" = CCC Help Greek
"{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.0 - Polish
"{B653F643-A1B4-9936-2DB6-FEA9A3110D8D}" = ccc-core-preinstall
"{B71C4637-0247-78CE-6A3D-D61645CB8921}" = ccc-utility
"{BAE4A43D-6DDE-4E19-A2A5-BBD89A3ED48C}" = PS7200
"{BC2E7C0B-1AC6-5F6C-F31D-E1E72D8E0B5C}" = CCC Help Danish
"{BF8C7DA7-2DE6-ED67-6C82-6BE82F8BA8D3}" = Catalyst Control Center Graphics Full New
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C409F338-BB20-6C4A-F40D-20CA07AF714C}" = CCC Help Polish
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D35191B3-F340-4C11-A4E0-8B09477B4302}" = Dysk wspomnieniowy HP
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{D4B7B2DC-E688-A9D6-6EC0-56AE540E074C}" = Catalyst Control Center Localization All
"{D9CD701B-3F04-FC69-D974-F3A7F5E9BA30}" = CCC Help Swedish
"{D9D93D74-107D-4BD3-87D0-AABCF7C98BD5}" = Catalyst Control Center - Branding
"{DDA2B32F-EB16-4C96-A130-4E4A4C1E6B12}" = HP Software Update
"{E213321B-1E88-B38D-DAB2-D8CB9355984A}" = Skins
"{EFE26D3B-2789-4068-A5BB-77E389FAEB98}" = PSUsage
"{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite
"{F4148D8F-ED3A-3097-509C-04D5560220F9}" = ccc-core-static
"{F7E68997-E626-952B-A7BF-F72066CD5D77}" = Catalyst Control Center Graphics Previews Common
"{F9000000-0001-0000-0000-074957833700}" = ABBYY FineReader 9.0 Professional Edition
"{FA36C82B-464D-51F2-A6A1-0BC9140BE067}" = CCC Help Italian
"504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Pakiet sterowników systemu Windows - Nokia Modem  (10/07/2010 4.6)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All ATI Software" = Narzędzie Software Uninstall Utility firmy ATI
"ATI Display Driver" = ATI Display Driver
"AVS DVD Player_is1" = AVS DVD Player version 2.4
"AVS Update Manager_is1" = AVS Update Manager 1.0
"Deluxe Ski Jump 3_is1" = Deluxe Ski Jump 3 v1.7.0
"E5372C32E8562C76C24DBA6525002B1031495F34" = Pakiet sterowników systemu Windows - Nokia Modem  (06/09/2010 7.01.0.8)
"Free PS Convert driver_is1" = Free PS Convert driver 8.15
"Gadu-Gadu 10" = Gadu-Gadu 10
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MoorHunt_is1" = MoorHunt 0.6.3.0
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"MP3 To Ringtone Gold_is1" = MP3 To Ringtone Gold 8.7
"neostradatp.exe" = neostrada tp
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"R for Windows 2.11.1_is1" = R for Windows 2.11.1
"StmAdsl" = ADSL Modem
"VIA Audio Driver Setup Program" = VIA Audio Driver Setup Program
"VLC media player" = VLC media player 1.0.3
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = Archiwizator WinRAR
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2011-03-23 08:46:51 | Computer Name = RR | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd plugin-container.exe, wersja 1.9.2.4079,
moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x0000100b.

Error - 2011-04-06 13:34:08 | Computer Name = RR | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd plugin-container.exe, wersja 1.9.2.4095,
moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x0000100b.

Error - 2011-04-09 12:16:54 | Computer Name = RR | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd plugin-container.exe, wersja 1.9.2.4095,
moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x0000100b.

Error - 2011-04-09 13:17:38 | Computer Name = RR | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd iexplore.exe, wersja 7.0.6000.17095, moduł
powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x002727c1.

Error - 2011-04-15 16:39:31 | Computer Name = RR | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca neostradatp.exe, wersja 5.9.1.3, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2011-04-21 18:41:37 | Computer Name = RR | Source = LoadPerf | ID = 3001
Description = Występująca w rejestrze wartość ciągu nazwy licznika wydajności jest
niepoprawnie
sformatowana. Nieprawdziwy ciąg to 9708, nieprawdziwa wartość  indeksu to pierwszy
wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe  wartości indeksu to drugi
i trzeci wpis DWORD w sekcji danych.

Error - 2011-04-21 18:41:37 | Computer Name = RR | Source = LoadPerf | ID = 3001
Description = Występująca w rejestrze wartość ciągu nazwy licznika wydajności jest
niepoprawnie
sformatowana. Nieprawdziwy ciąg to 9708, nieprawdziwa wartość  indeksu to pierwszy
wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe  wartości indeksu to drugi
i trzeci wpis DWORD w sekcji danych.

Error - 2011-04-21 18:41:37 | Computer Name = RR | Source = LoadPerf | ID = 3011
Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl
(WmiApRpl).   Kod błędu to pierwszy wpis DWORD w sekcji danych (Data).

Error - 2011-04-21 18:41:40 | Computer Name = RR | Source = LoadPerf | ID = 3001
Description = Występująca w rejestrze wartość ciągu nazwy licznika wydajności jest
niepoprawnie
sformatowana. Nieprawdziwy ciąg to 9708, nieprawdziwa wartość  indeksu to pierwszy
wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe  wartości indeksu to drugi
i trzeci wpis DWORD w sekcji danych.

Error - 2011-04-21 18:43:20 | Computer Name = RR | Source = MsiInstaller | ID = 11722
Description = Product: Java(TM) 6 Update 24 -- Error 1722.There is a problem with
this Windows Installer package. A program run as part of the setup did not finish
as expected. Contact your support personnel or package vendor.  Action patchjre,
location: C:\Program Files\Java\jre6\patchjre.exe, command: -s "C:\Program Files\Java\jre6"


[ Application Events ]
Error - 2011-03-23 08:46:51 | Computer Name = RR | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd plugin-container.exe, wersja 1.9.2.4079,
moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x0000100b.

Error - 2011-04-06 13:34:08 | Computer Name = RR | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd plugin-container.exe, wersja 1.9.2.4095,
moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x0000100b.

Error - 2011-04-09 12:16:54 | Computer Name = RR | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd plugin-container.exe, wersja 1.9.2.4095,
moduł powodujący błąd ntdll.dll, wersja 5.1.2600.6055, adres błędu 0x0000100b.

Error - 2011-04-09 13:17:38 | Computer Name = RR | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd iexplore.exe, wersja 7.0.6000.17095, moduł
powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x002727c1.

Error - 2011-04-15 16:39:31 | Computer Name = RR | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca neostradatp.exe, wersja 5.9.1.3, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2011-04-21 18:41:37 | Computer Name = RR | Source = LoadPerf | ID = 3001
Description = Występująca w rejestrze wartość ciągu nazwy licznika wydajności jest
niepoprawnie
sformatowana. Nieprawdziwy ciąg to 9708, nieprawdziwa wartość  indeksu to pierwszy
wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe  wartości indeksu to drugi
i trzeci wpis DWORD w sekcji danych.

Error - 2011-04-21 18:41:37 | Computer Name = RR | Source = LoadPerf | ID = 3001
Description = Występująca w rejestrze wartość ciągu nazwy licznika wydajności jest
niepoprawnie
sformatowana. Nieprawdziwy ciąg to 9708, nieprawdziwa wartość  indeksu to pierwszy
wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe  wartości indeksu to drugi
i trzeci wpis DWORD w sekcji danych.

Error - 2011-04-21 18:41:37 | Computer Name = RR | Source = LoadPerf | ID = 3011
Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl
(WmiApRpl).   Kod błędu to pierwszy wpis DWORD w sekcji danych (Data).

Error - 2011-04-21 18:41:40 | Computer Name = RR | Source = LoadPerf | ID = 3001
Description = Występująca w rejestrze wartość ciągu nazwy licznika wydajności jest
niepoprawnie
sformatowana. Nieprawdziwy ciąg to 9708, nieprawdziwa wartość  indeksu to pierwszy
wpis DWORD w sekcji danych (Data), a ostatnie prawidłowe  wartości indeksu to drugi
i trzeci wpis DWORD w sekcji danych.

Error - 2011-04-21 18:43:20 | Computer Name = RR | Source = MsiInstaller | ID = 11722
Description = Product: Java(TM) 6 Update 24 -- Error 1722.There is a problem with
this Windows Installer package. A program run as part of the setup did not finish
as expected. Contact your support personnel or package vendor.  Action patchjre,
location: C:\Program Files\Java\jre6\patchjre.exe, command: -s "C:\Program Files\Java\jre6"


[ System Events ]
Error - 2011-04-22 14:11:38 | Computer Name = RR | Source = Ftdisk | ID = 262189
Description = System nie może pomyślnie załadować sterownika zrzutu awaryjnego.

Error - 2011-04-22 14:11:38 | Computer Name = RR | Source = Ftdisk | ID = 262193
Description = Konfigurowanie pliku strony dla zrzutu awaryjnego nie powiodło się.
Upewnij się, że na partycji rozruchowej znajduje się plik strony i że jest wystarczająco
duży, aby zawierać całą pamięć fizyczną.

Error - 2011-04-22 14:16:47 | Computer Name = RR | Source = Service Control Manager | ID = 7034
Description = Usługa Ati HotKey Poller niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-04-22 14:16:48 | Computer Name = RR | Source = Service Control Manager | ID = 7034
Description = Usługa ABBYY FineReader 9.0 PE Licensing Service niespodziewanie zakończyła
pracę. Wystąpiło to razy: 1.

Error - 2011-04-22 14:16:48 | Computer Name = RR | Source = Service Control Manager | ID = 7034
Description = Usługa LightScribeService Direct Disc Labeling Service niespodziewanie
zakończyła pracę. Wystąpiło to razy: 1.

Error - 2011-04-22 14:16:48 | Computer Name = RR | Source = Service Control Manager | ID = 7034
Description = Usługa France Telecom Routing Table Service niespodziewanie zakończyła
pracę. Wystąpiło to razy: 1.

Error - 2011-04-22 14:16:48 | Computer Name = RR | Source = Service Control Manager | ID = 7034
Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.

Error - 2011-04-22 14:18:19 | Computer Name = RR | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi General Purpose USB Driver (e4ldr.sys)
z powodu następującego błędu:   %%2

Error - 2011-04-22 14:18:39 | Computer Name = RR | Source = Ftdisk | ID = 262189
Description = System nie może pomyślnie załadować sterownika zrzutu awaryjnego.

Error - 2011-04-22 14:18:39 | Computer Name = RR | Source = Ftdisk | ID = 262193
Description = Konfigurowanie pliku strony dla zrzutu awaryjnego nie powiodło się.
Upewnij się, że na partycji rozruchowej znajduje się plik strony i że jest wystarczająco
duży, aby zawierać całą pamięć fizyczną.


< End of report >


Kod: Zaznacz wszystko

OTL logfile created on: 2011-04-22 20:22:09 - Run 2
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Documents and Settings\R\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

510,00 Mb Total Physical Memory | 229,00 Mb Available Physical Memory | 45,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 8,77 Gb Free Space | 44,90% Space Free | Partition Type: NTFS
Drive D: | 39,06 Gb Total Space | 19,78 Gb Free Space | 50,65% Space Free | Partition Type: NTFS
Drive E: | 39,06 Gb Total Space | 2,90 Gb Free Space | 7,43% Space Free | Partition Type: NTFS
Drive F: | 51,39 Gb Total Space | 46,34 Gb Free Space | 90,18% Space Free | Partition Type: NTFS

Computer Name: RR | User Name: R | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011-04-22 17:05:52 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\R\Pulpit\OTL.exe
PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-12-06 21:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
PRC - [2005-12-06 14:53:30 | 000,819,200 | ---- | M] (France Télécom R&D) -- C:\Program Files\neostrada tp\neostradatp.exe
PRC - [2005-11-22 12:54:18 | 000,249,856 | ---- | M] (France Télécom R&D) -- C:\Program Files\neostrada tp\ComComp.exe
PRC - [2004-11-02 15:31:20 | 000,069,632 | ---- | M] (France Telecom R&D) -- C:\Program Files\neostrada tp\Toaster.exe
PRC - [2004-10-27 11:30:44 | 000,032,768 | ---- | M] () -- C:\Program Files\neostrada tp\Inactivity.exe
PRC - [2004-10-27 11:07:06 | 000,069,632 | ---- | M] () -- C:\Program Files\neostrada tp\PollingModule.exe
PRC - [2004-10-21 08:50:52 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\AlertModule\AlertModule.exe
PRC - [2004-08-23 14:49:56 | 000,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\system32\FTRTSVC.exe
PRC - [2004-08-23 14:49:56 | 000,020,480 | ---- | M] (France Télécom R&D) -- C:\Program Files\neostrada tp\Watch.exe
PRC - [2004-05-05 07:22:12 | 000,491,520 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon05.exe
PRC - [2003-12-22 08:38:40 | 000,135,168 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011-04-22 17:05:52 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\R\Pulpit\OTL.exe
MOD - [2010-08-23 18:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2004-10-26 09:49:34 | 000,028,672 | ---- | M] () -- C:\Program Files\neostrada tp\Inactivity.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] --  -- (HidServ)
SRV - [2010-12-08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007-12-06 21:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.9.0)
SRV - [2004-08-23 14:49:56 | 000,040,960 | ---- | M] (France Telecom) [Auto | Running] -- C:\WINDOWS\system32\FTRTSVC.exe -- (FTRTSVC)
SRV - [2004-03-18 16:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-07-30 14:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010-07-30 14:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-07-30 14:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-07-30 14:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009-07-21 18:30:48 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009-05-19 15:07:13 | 000,043,672 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2009-05-14 19:00:28 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006-06-16 12:53:16 | 000,025,088 | ---- | M] (Ark Pioneer MicroElectronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IrUSB.sys -- (IrUSB)
DRV - [2006-05-25 19:28:44 | 000,684,265 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb)
DRV - [2004-09-06 10:01:56 | 000,161,536 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)
DRV - [2003-08-12 18:51:00 | 000,060,255 | R--- | M] (STMicroelectronics              ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm)
DRV - [2003-08-04 13:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2003-07-01 22:42:00 | 000,027,904 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = about:blank
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

IE - HKU\S-1-5-21-1960408961-562591055-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1960408961-562591055-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1960408961-562591055-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/
IE - HKU\S-1-5-21-1960408961-562591055-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1960408961-562591055-725345543-1003\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\neostrada tp\SearchPageURL.dll ()
IE - HKU\S-1-5-21-1960408961-562591055-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl"
FF - prefs.js..extensions.enabledItems: ""
FF - prefs.js..extensions.enabledItems: {5EB37AE4-DA0A-41ab-8037-BDEDDCC70669}:1.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.0
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.736


FF - HKLM\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2011-03-28 19:51:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-04-22 00:20:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-04-22 15:56:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2009-05-13 21:12:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\R\Dane aplikacji\Mozilla\Extensions
[2011-04-22 20:16:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions
[2009-09-30 18:37:26 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-09-26 12:46:48 | 000,000,000 | ---D | M] (Facemoods) -- C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\ffxtlbr@Facemoods.com
[2011-04-22 15:56:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009-10-20 20:50:38 | 000,000,000 | ---D | M] (flashget Extension) -- C:\Program Files\Mozilla Firefox\extensions\{5EB37AE4-DA0A-41ab-8037-BDEDDCC70669}
[2011-04-22 15:56:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2008-07-25 10:31:48 | 000,028,672 | ---- | M] (flashget) -- C:\Program Files\Mozilla Firefox\components\flashgetXpi.dll
[2011-04-22 15:56:35 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-03-28 18:56:18 | 000,002,035 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchFxt.xml

O1 HOSTS File: ([2001-10-26 15:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O3 - HKU\S-1-5-21-1960408961-562591055-725345543-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe (HP)
O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WOOWATCH] C:\Program Files\neostrada tp\Watch.exe (France Télécom R&D)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1960408961-562591055-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-1960408961-562591055-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 () - C:/Program Files/Gadu-Gadu 10/5.JPG
O24 - Desktop Components:1 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-05-13 19:01:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-12-30 21:15:53 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-12-30 21:15:55 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-12-30 21:15:56 | 000,000,000 | RHSD | M] - E:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-12-30 21:15:57 | 000,000,000 | RHSD | M] - F:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011-04-22 20:16:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\R\Pulpit\otl skany
[2011-04-22 17:05:48 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\R\Pulpit\OTL.exe
[2011-04-22 15:57:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011-04-22 15:56:51 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011-04-22 15:56:51 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011-04-22 15:56:51 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011-04-22 15:56:51 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011-04-22 14:15:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\R\Dane aplikacji\Malwarebytes
[2011-04-22 14:15:43 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011-04-22 14:15:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
[2011-04-22 14:15:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2011-04-22 14:15:38 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011-04-22 14:15:38 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011-04-22 14:09:39 | 007,734,240 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\R\Pulpit\mbam_1.50.1.1100_[www.programosy.pl].exe
[2011-04-22 00:43:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\facemoods.com
[2011-04-22 00:24:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\R\Pulpit\Nowy folder
[2011-04-22 00:20:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox
[2011-04-22 00:20:16 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\R\Recent
[2011-04-21 23:45:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
[2011-04-21 23:20:54 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-04-09 11:48:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Macromedia
[2011-04-09 11:48:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\AskToolbar
[2011-03-28 19:51:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Nokia PC Suite
[2011-03-28 19:51:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite
[2011-03-28 19:51:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2011-03-28 19:50:33 | 000,018,816 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys
[2011-03-28 19:50:02 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2011-03-28 19:47:58 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys
[2011-03-28 19:47:55 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys
[2011-03-28 19:47:53 | 000,023,040 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys
[2011-03-28 19:47:41 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01009.dll
[2011-03-28 19:47:41 | 000,604,160 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll
[2011-03-28 19:47:41 | 000,111,104 | ---- | C] (Nokia) -- C:\WINDOWS\System32\ccdcmbwu.dll
[2011-03-28 19:47:41 | 000,018,048 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys
[2010-10-18 18:53:54 | 000,568,664 | ---- | C] (Google Inc.) -- C:\Program Files\GoogleEarthPluginSetup.exe
[1 C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\*.tmp files -> C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011-04-22 20:18:14 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2011-04-22 20:18:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-04-22 20:17:20 | 006,029,312 | ---- | M] () -- C:\Documents and Settings\R\ntuser.dat
[2011-04-22 20:17:20 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\R\ntuser.ini
[2011-04-22 17:17:14 | 001,195,254 | ---- | M] () -- C:\Documents and Settings\R\Pulpit\ekran.bmp
[2011-04-22 17:05:52 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\R\Pulpit\OTL.exe
[2011-04-22 17:05:03 | 000,301,568 | ---- | M] () -- C:\Documents and Settings\R\Pulpit\lh7e35yu.exe
[2011-04-22 16:56:12 | 000,154,838 | ---- | M] () -- C:\Documents and Settings\R\Pulpit\SPTDinst-v178-x64.exe
[2011-04-22 16:26:36 | 000,154,838 | ---- | M] () -- C:\Documents and Settings\R\Pulpit\SPTDinst-v178-x86.exe
[2011-04-22 16:10:29 | 000,000,461 | ---- | M] () -- C:\WINDOWS\win.ini
[2011-04-22 16:10:29 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2011-04-22 16:10:29 | 000,000,211 | ---- | M] () -- C:\boot.ini
[2011-04-22 15:56:35 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011-04-22 15:56:35 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011-04-22 15:56:35 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011-04-22 15:56:35 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011-04-22 15:56:35 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011-04-22 15:12:31 | 004,812,744 | -H-- | M] () -- C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2011-04-22 15:11:27 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011-04-22 14:15:43 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2011-04-22 14:09:39 | 007,734,240 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\R\Pulpit\mbam_1.50.1.1100_[www.programosy.pl].exe
[2011-04-22 08:26:01 | 000,222,432 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-04-22 01:27:25 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011-04-22 01:25:32 | 001,177,700 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2011-04-22 01:25:32 | 000,538,024 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-04-22 01:25:32 | 000,475,454 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-04-22 01:25:32 | 000,107,996 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-04-22 01:25:32 | 000,085,266 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-04-22 01:01:04 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011-04-22 00:28:07 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-04-21 23:59:01 | 000,001,064 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-562591055-725345543-1003Core.job
[2011-04-21 23:49:55 | 000,158,644 | ---- | M] () -- C:\Documents and Settings\R\Moje dokumenty\cc_20110421_234947.reg
[2011-04-20 20:31:32 | 000,020,749 | ---- | M] () -- C:\Documents and Settings\R\Pulpit\tiulowa.jpg
[2011-04-18 15:45:24 | 003,180,403 | ---- | M] () -- C:\Documents and Settings\R\Moje dokumenty\Obraz 5598.jpg
[2011-04-13 15:28:27 | 006,257,329 | ---- | M] () -- C:\Documents and Settings\R\Pulpit\na_rosyjski_konkurs___.zip
[2011-04-13 14:36:41 | 000,054,082 | ---- | M] () -- C:\Documents and Settings\R\Pulpit\morza.jpg
[2011-04-13 14:36:16 | 000,042,909 | ---- | M] () -- C:\Documents and Settings\R\Pulpit\cieniny.jpg
[2011-04-13 14:35:55 | 000,045,471 | ---- | M] () -- C:\Documents and Settings\R\Pulpit\zatoki.jpg
[2011-04-09 10:29:48 | 000,104,699 | ---- | M] () -- C:\Documents and Settings\R\Pulpit\geo.jpg
[2011-03-30 21:39:32 | 000,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2011-03-28 19:57:15 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011-03-28 19:57:12 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011-03-28 19:51:57 | 000,001,763 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia PC Suite.lnk
[2011-03-28 19:43:53 | 036,930,464 | ---- | M] () -- C:\Documents and Settings\R\Pulpit\Nokia_PC_Suite_pol_web.exe
[2011-03-28 11:45:37 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\*.tmp files -> C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-04-22 17:16:24 | 001,195,254 | ---- | C] () -- C:\Documents and Settings\R\Pulpit\ekran.bmp
[2011-04-22 17:05:01 | 000,301,568 | ---- | C] () -- C:\Documents and Settings\R\Pulpit\lh7e35yu.exe
[2011-04-22 16:56:12 | 000,154,838 | ---- | C] () -- C:\Documents and Settings\R\Pulpit\SPTDinst-v178-x64.exe
[2011-04-22 16:26:36 | 000,154,838 | ---- | C] () -- C:\Documents and Settings\R\Pulpit\SPTDinst-v178-x86.exe
[2011-04-22 14:15:43 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2011-04-22 00:42:43 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011-04-21 23:54:03 | 000,001,064 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-562591055-725345543-1003Core.job
[2011-04-21 23:49:51 | 000,158,644 | ---- | C] () -- C:\Documents and Settings\R\Moje dokumenty\cc_20110421_234947.reg
[2011-04-20 20:27:54 | 000,020,749 | ---- | C] () -- C:\Documents and Settings\R\Pulpit\tiulowa.jpg
[2011-04-18 15:43:45 | 003,180,403 | ---- | C] () -- C:\Documents and Settings\R\Moje dokumenty\Obraz 5598.jpg
[2011-04-13 15:55:53 | 000,104,699 | ---- | C] () -- C:\Documents and Settings\R\Pulpit\geo.jpg
[2011-04-13 15:27:43 | 006,257,329 | ---- | C] () -- C:\Documents and Settings\R\Pulpit\na_rosyjski_konkurs___.zip
[2011-04-13 14:36:41 | 000,054,082 | ---- | C] () -- C:\Documents and Settings\R\Pulpit\morza.jpg
[2011-04-13 14:36:16 | 000,042,909 | ---- | C] () -- C:\Documents and Settings\R\Pulpit\cieniny.jpg
[2011-04-13 14:35:53 | 000,045,471 | ---- | C] () -- C:\Documents and Settings\R\Pulpit\zatoki.jpg
[2011-04-02 19:43:32 | 006,029,312 | ---- | C] () -- C:\Documents and Settings\R\ntuser.dat
[2011-03-28 19:57:15 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011-03-28 19:57:12 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011-03-28 19:51:57 | 000,001,763 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nokia PC Suite.lnk
[2011-03-28 19:38:47 | 036,930,464 | ---- | C] () -- C:\Documents and Settings\R\Pulpit\Nokia_PC_Suite_pol_web.exe
[2010-09-16 18:22:26 | 000,000,343 | ---- | C] () -- C:\WINDOWS\pdf2word.INI
[2010-08-11 20:51:54 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010-05-08 19:58:22 | 000,336,896 | ---- | C] () -- C:\WINDOWS\System32\ammppg.dll
[2010-05-08 19:58:22 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010-05-08 19:58:22 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\a1.dll
[2010-05-08 19:58:20 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\qscl.dll
[2010-05-08 19:58:20 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\amrdec.dll
[2010-05-08 19:58:20 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\qcpsdk.dll
[2010-04-09 18:25:53 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfmonnt.dll
[2010-04-09 18:25:51 | 000,000,164 | ---- | C] () -- C:\WINDOWS\System32\psconv.ini
[2010-02-27 14:43:42 | 000,000,148 | ---- | C] () -- C:\WINDOWS\Readiris.ini
[2009-12-30 16:50:38 | 000,102,400 | ---- | C] () -- C:\WINDOWS\removeARKIRDA.exe
[2009-11-22 14:12:50 | 000,000,021 | ---- | C] () -- C:\WINDOWS\kit.ini
[2009-11-21 13:32:58 | 000,000,018 | ---- | C] () -- C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\devcpp.cfg
[2009-11-21 10:47:32 | 007,025,862 | ---- | C] () -- C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\cache.ccc
[2009-11-21 10:44:14 | 000,004,702 | ---- | C] () -- C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\devcpp.ini
[2009-11-11 13:56:31 | 000,000,161 | R--- | C] () -- C:\WINDOWS\DSLSetup.ini
[2009-11-11 13:56:29 | 000,000,902 | R--- | C] () -- C:\WINDOWS\System32\setup.ini
[2009-11-11 13:56:23 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\stmclean.exe
[2009-11-11 13:56:20 | 000,684,265 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys
[2009-10-15 17:36:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009-07-21 17:17:04 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009-07-21 17:17:04 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009-06-20 17:01:42 | 000,000,048 | ---- | C] () -- C:\Documents and Settings\R\Dane aplikacji\AVSDVDPlayer.m3u
[2009-06-20 16:55:54 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-06-20 16:55:54 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-06-20 13:04:38 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-06-19 20:54:27 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009-05-19 15:13:05 | 000,019,887 | ---- | C] () -- C:\WINDOWS\HPHins02.dat
[2009-05-19 15:13:05 | 000,004,308 | ---- | C] () -- C:\WINDOWS\hphmdl02.dat
[2009-05-19 15:09:37 | 000,019,887 | ---- | C] () -- C:\WINDOWS\HPHins02.dat.temp
[2009-05-19 15:09:37 | 000,004,308 | ---- | C] () -- C:\WINDOWS\hphmdl02.dat.temp
[2009-05-14 20:19:21 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-05-14 19:00:28 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-05-13 21:18:13 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-05-13 21:12:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009-05-13 20:20:12 | 001,177,700 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-05-13 20:20:12 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009-05-13 20:18:57 | 000,222,432 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-05-13 19:54:37 | 000,049,048 | ---- | C] () -- C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-05-13 19:54:22 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2009-05-13 19:50:25 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009-05-13 19:50:18 | 000,189,051 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009-05-13 19:42:33 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\UnAudioNT.dll
[2009-05-13 19:38:57 | 000,000,017 | ---- | C] () -- C:\WINDOWS\System32\auto.ini
[2009-05-13 19:08:36 | 004,812,744 | -H-- | C] () -- C:\Documents and Settings\R\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-05-13 19:03:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009-05-13 19:01:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2009-05-13 19:00:03 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009-05-13 18:59:58 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009-05-13 18:58:30 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\fltlib.dll
[2009-05-13 18:57:50 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009-05-13 18:57:40 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2009-05-13 18:57:40 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2009-05-13 18:56:55 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2009-05-13 18:56:54 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2009-05-13 18:56:44 | 000,351,744 | ---- | C] () -- C:\WINDOWS\System32\hypertrm.dll
[2006-10-24 12:30:20 | 000,412,160 | ---- | C] () -- C:\WINDOWS\System32\photometadatahandler.dll
[2004-08-04 00:56:48 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004-08-04 00:44:10 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2004-08-04 00:44:04 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2004-08-04 00:43:58 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2004-08-04 00:43:56 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatui.dll
[2004-08-04 00:43:54 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2004-08-04 00:43:16 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2004-08-03 22:51:32 | 000,053,920 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe
[2004-08-03 22:48:52 | 000,003,346 | ---- | C] () -- C:\WINDOWS\System32\redir.exe
[2004-08-03 22:46:56 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2004-08-03 22:45:34 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2004-08-03 22:45:16 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2004-08-03 22:45:16 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2004-08-03 22:45:14 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2004-08-03 22:45:12 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2004-08-02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004-07-17 11:46:14 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2004-07-17 11:34:48 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2004-05-05 07:13:02 | 000,006,478 | ---- | C] () -- C:\WINDOWS\System32\hphmon05.dat
[2004-04-01 16:52:10 | 000,364,544 | ---- | C] () -- C:\WINDOWS\System32\hphped05.exe
[2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001-10-26 19:29:54 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\dvdplay.exe
[2001-10-26 19:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll
[2001-10-26 17:29:40 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll
[2001-10-26 17:29:32 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2001-10-26 17:28:34 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2001-10-26 17:27:02 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2001-10-26 16:15:16 | 000,538,024 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2001-10-26 16:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2001-10-26 16:15:16 | 000,107,996 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2001-10-26 16:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2001-10-26 16:15:10 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\vwipxspx.exe
[2001-10-26 16:15:08 | 000,011,859 | ---- | C] () -- C:\WINDOWS\System32\setver.exe
[2001-10-26 16:15:08 | 000,003,260 | ---- | C] () -- C:\WINDOWS\System32\nw16.exe
[2001-10-26 16:15:04 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2001-10-26 16:14:58 | 000,007,116 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe
[2001-10-26 16:14:56 | 000,039,434 | ---- | C] () -- C:\WINDOWS\System32\mem.exe
[2001-10-26 16:14:54 | 000,014,913 | ---- | C] () -- C:\WINDOWS\System32\kb16.com
[2001-10-26 16:14:54 | 000,001,168 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com
[2001-10-26 16:14:52 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2001-10-26 16:14:50 | 000,019,806 | ---- | C] () -- C:\WINDOWS\System32\graphics.com
[2001-10-26 16:14:48 | 000,008,520 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe
[2001-10-26 16:14:46 | 000,012,866 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe
[2001-10-26 16:14:42 | 000,020,986 | ---- | C] () -- C:\WINDOWS\System32\debug.exe
[2001-10-26 16:14:38 | 000,051,823 | ---- | C] () -- C:\WINDOWS\System32\command.com
[2001-10-26 16:14:34 | 000,012,594 | ---- | C] () -- C:\WINDOWS\System32\append.exe
[2001-10-26 16:14:32 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2001-10-26 16:12:52 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2001-10-26 15:45:26 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2001-10-26 15:45:26 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2001-10-26 15:45:24 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2001-10-26 15:45:10 | 000,070,622 | ---- | C] () -- C:\WINDOWS\System32\edit.com
[2001-10-26 15:42:08 | 000,020,629 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini
[2001-10-26 15:42:08 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2001-10-26 15:42:08 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2001-10-26 15:42:08 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2001-08-23 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-23 13:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-17 21:35:10 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe
[2001-08-17 21:32:34 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe
[2001-08-17 21:32:34 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe
[2001-08-17 21:31:56 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2001-08-17 21:31:56 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2001-08-17 21:31:50 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2001-08-17 21:31:46 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2001-08-17 21:31:46 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2001-08-17 21:31:44 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2001-08-17 21:30:24 | 000,475,454 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-17 21:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-17 21:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-17 21:30:22 | 000,085,266 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-17 21:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-08-17 21:13:24 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv
[2001-08-17 19:55:06 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2001-07-22 02:25:18 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2001-07-21 22:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-07-21 22:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-07-21 22:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001-07-21 22:16:20 | 000,000,461 | ---- | C] () -- C:\WINDOWS\win.ini
[2001-07-21 22:15:52 | 000,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2001-07-21 22:15:50 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll

[color=#E56717]========== LOP Check ==========[/color]

[2011-03-17 13:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2011-04-22 15:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2009-05-17 11:24:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\B138
[2009-08-09 18:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software
[2009-11-11 14:11:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\D271
[2009-05-14 19:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2011-02-14 10:47:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\dOjBjKa04300
[2010-01-28 20:29:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FileCure
[2010-08-04 17:02:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2011-03-28 19:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2009-09-23 22:15:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2009-05-17 11:54:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2009-10-08 17:42:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit
[2009-10-08 17:40:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2011-04-22 00:43:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\facemoods.com
[2010-09-23 21:37:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\$CUERoot$
[2010-05-02 10:34:44 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\R\Dane aplikacji\.#
[2009-11-11 14:10:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\BearShareTb
[2011-04-22 15:54:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\BITS
[2009-05-14 19:18:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\DAEMON Tools
[2009-05-14 20:12:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\DAEMON Tools Lite
[2009-05-14 19:18:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\DAEMON Tools Pro
[2010-08-17 12:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\ESET
[2010-09-26 12:48:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\facemoods.com
[2011-04-08 09:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\Gadu-Gadu 10
[2009-08-29 11:39:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\gtk-2.0
[2009-05-17 11:54:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\Nokia
[2009-08-15 15:46:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\Nowe Gadu-Gadu
[2009-09-23 22:15:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\OpenFM
[2011-03-28 19:58:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\PC Suite
[2010-12-27 19:48:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\PhotoFiltre
[2009-11-01 13:50:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\Thinstall
[2010-09-01 20:32:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\Uniblue
[2010-09-26 12:50:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\R\Dane aplikacji\uTorrent

[color=#E56717]========== Purity Check ==========[/color]



< End of report >


Kod: Zaznacz wszystko

All processes killed
========== OTL ==========
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "Web Search..." removed from browser.search.defaultenginename
Prefs.js: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=14542" removed from browser.search.defaulturl
Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1
Prefs.js: ffxtlbr@Facemoods.com:1.1.0 removed from extensions.enabledItems
Prefs.js: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q=" removed from keyword.URL
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\META-INF folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\chrome folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\components folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\skin\searchbar folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\skin\options folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\skin\lib\uwa folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\skin\lib folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\skin folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\data folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\content\lib folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\content\data\search folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\content\data folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\content folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome\components folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}\chrome folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593} folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\vshare@toolbar(2)\modules folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\vshare@toolbar(2)\locale\en-US folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\vshare@toolbar(2)\locale folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\vshare@toolbar(2)\components folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\vshare@toolbar(2)\chrome folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\extensions\vshare@toolbar(2) folder moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\searchplugins\BearShareWebSearch.xml moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\searchplugins\web-search.xml moved successfully.
C:\Documents and Settings\R\Dane aplikacji\Mozilla\Firefox\Profiles\b3pahs5p.default\searchplugins\winamp-search.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\WebSearch.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-21-1960408961-562591055-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_USERS\S-1-5-21-1960408961-562591055-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{577EBCA9-8ED3-45FC-A514-55B3817D4BCF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{577EBCA9-8ED3-45FC-A514-55B3817D4BCF}\ not found.
Registry value HKEY_USERS\S-1-5-21-1960408961-562591055-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BVRPLiveUpdate deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1960408961-562591055-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\iGoD deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1960408961-562591055-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Software Informer deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1960408961-562591055-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\UniblueRegistryBooster deleted successfully.
Starting removal of ActiveX control {31435657-9980-0010-8000-00AA00389B71}
C:\WINDOWS\Downloaded Program Files\wvc1dmo.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{31435657-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e1215f4c-793e-11de-843d-006900003efb}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e1215f4c-793e-11de-843d-006900003efb}\ not found.
File I:\xs6kpr0.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e1215f4c-793e-11de-843d-006900003efb}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e1215f4c-793e-11de-843d-006900003efb}\ not found.
File I:\xs6kpr0.exe not found.
C:\WINDOWS\tasks\systems.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-562591055-725345543-1003UA.job moved successfully.
Folder C:\Documents and Settings\All Users\Dane aplikacji\dOjBjKa04300\ not found.
C:\Documents and Settings\All Users\Dane aplikacji\29196 folder moved successfully.
ADS C:\Documents and Settings\All Users\Dane aplikacji\TEMP:D74B6CF5 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 1521320 bytes
->Flash cache emptied: 456 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: R
->Temp folder emptied: 5205413 bytes
->Temporary Internet Files folder emptied: 4470613 bytes
->Java cache emptied: 132516 bytes
->FireFox cache emptied: 92678233 bytes
->Google Chrome cache emptied: 7464509 bytes
->Flash cache emptied: 2613736 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2134153 bytes
%systemroot%\System32 .tmp files removed: 7752228 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 23462 bytes
RecycleBin emptied: 292662356 bytes

Total Files Cleaned = 397,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService

User: R
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 04222011_201647

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


Dodano Dzisiaj, 23:25:
Powiem szczerze, że zależało mi na szybkości usunięcia tej awarii... I w końcu się udało Tak jak pisałem wcześniej robiłem skan Malwerbytes ale pomimo usunięcia infekcji problem istniał dalej. Właściwie już w akcie rozpaczy ściągnąłem aktualnego DrWeba i już w szybkim skanowaniu znalazł intruza i po wyleczeniu jak na razie wszystko działa.
Podaje dane infekcji z DrW (może się komuś przydadzą na przyszłość):
Obiekt: serial.sys
Ścieżka: C:\Windows\system32\drivers
Status: BackDoor.Tdss.2459
Z tego co wyczytałem to naprawdę poważny trojan ale tu już wolałbym usłyszeć opinię jakiegoś eksperta;)

Dzięki za pomoc w usuwaniu tej infekcji i toolbarów . W razie czego mogę umieścić logi.

[wojtas]

hmm OTL nie pokazał tej infekcji ale to zrozumiałe... Gmer by to widział..


wykonaj skan: Kaspersky TDSSKiller, jeśli coś znajdzie dajesz Skip. i dajesz raport z TDSSKiller'a

[Quattron]

Raport do sprawdzenia z TDSS Killer

Kod: Zaznacz wszystko

2011/04/23 18:48:36.0187 2480   TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/23 18:48:36.0312 2480   ================================================================================
2011/04/23 18:48:36.0312 2480   SystemInfo:
2011/04/23 18:48:36.0312 2480   
2011/04/23 18:48:36.0312 2480   OS Version: 5.1.2600 ServicePack: 3.0
2011/04/23 18:48:36.0312 2480   Product type: Workstation
2011/04/23 18:48:36.0312 2480   ComputerName: RR
2011/04/23 18:48:36.0312 2480   UserName: R
2011/04/23 18:48:36.0312 2480   Windows directory: C:\WINDOWS
2011/04/23 18:48:36.0312 2480   System windows directory: C:\WINDOWS
2011/04/23 18:48:36.0312 2480   Processor architecture: Intel x86
2011/04/23 18:48:36.0312 2480   Number of processors: 1
2011/04/23 18:48:36.0312 2480   Page size: 0x1000
2011/04/23 18:48:36.0312 2480   Boot type: Normal boot
2011/04/23 18:48:36.0312 2480   ================================================================================
2011/04/23 18:48:37.0468 2480   Initialize success
2011/04/23 18:48:40.0781 0872   ================================================================================
2011/04/23 18:48:40.0781 0872   Scan started
2011/04/23 18:48:40.0781 0872   Mode: Manual;
2011/04/23 18:48:40.0781 0872   ================================================================================
2011/04/23 18:48:43.0109 0872   ACPI            (05118282f5d039595a2b92b4a4afe197) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/04/23 18:48:43.0187 0872   ACPIEC          (66a42b7db194e24b973bbcce840a0f3f) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/04/23 18:48:43.0328 0872   aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/04/23 18:48:43.0421 0872   AFD             (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys
2011/04/23 18:48:43.0515 0872   AFS2K           (c685cc27a2e637f0dcb5a45e67cc6f74) C:\WINDOWS\system32\drivers\AFS2K.sys
2011/04/23 18:48:43.0843 0872   AmdK8           (3f876dcce7981c66466c0d9ffb943b75) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
2011/04/23 18:48:44.0140 0872   AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/04/23 18:48:44.0203 0872   atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/04/23 18:48:44.0453 0872   ati2mtag        (e9375396f55b58c2042c7c9844d297e3) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/04/23 18:48:44.0640 0872   Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/04/23 18:48:44.0734 0872   audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/04/23 18:48:44.0812 0872   Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/04/23 18:48:44.0953 0872   cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/04/23 18:48:45.0046 0872   Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/04/23 18:48:45.0109 0872   Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/04/23 18:48:45.0156 0872   Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/04/23 18:48:45.0437 0872   Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/04/23 18:48:45.0562 0872   dmboot          (bc9219abc5696942e6f9ac8a9b28670f) C:\WINDOWS\system32\drivers\dmboot.sys
2011/04/23 18:48:45.0625 0872   dmio            (5fa232e3ba6e1346f9f5a7e519320cb0) C:\WINDOWS\system32\drivers\dmio.sys
2011/04/23 18:48:45.0687 0872   dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/04/23 18:48:45.0765 0872   DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/04/23 18:48:45.0859 0872   drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/04/23 18:48:46.0046 0872   Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/04/23 18:48:46.0093 0872   Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/04/23 18:48:46.0140 0872   FETNDIS         (e9648254056bce81a85380c0c3647dc4) C:\WINDOWS\system32\DRIVERS\fetnd5.sys
2011/04/23 18:48:46.0203 0872   Fips            (09e2a4d33f81a06a8aab2ba0a0b5d235) C:\WINDOWS\system32\drivers\Fips.sys
2011/04/23 18:48:46.0265 0872   Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/04/23 18:48:46.0328 0872   FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/04/23 18:48:46.0390 0872   Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/04/23 18:48:46.0437 0872   Ftdisk          (ed6d921d8ab423138fb35beee6d6a6cb) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/04/23 18:48:46.0500 0872   gagp30kx        (3a74c423cf6bcca6982715878f450a3b) C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
2011/04/23 18:48:46.0562 0872   Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/04/23 18:48:46.0656 0872   HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/04/23 18:48:46.0765 0872   HPZid412        (5faba4775d4c61e55ec669d643ffc71f) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/04/23 18:48:46.0812 0872   HPZipr12        (a3c43980ee1f1beac778b44ea65dbdd4) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/04/23 18:48:46.0875 0872   HPZius12        (2906949bd4e206f2bb0dd1896ce9f66f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/04/23 18:48:46.0937 0872   HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/04/23 18:48:47.0078 0872   i8042prt        (177b372af55c4460d0968b5f1d02aa1c) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/04/23 18:48:47.0187 0872   Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/04/23 18:48:47.0328 0872   Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/04/23 18:48:47.0406 0872   IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/04/23 18:48:47.0484 0872   IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/04/23 18:48:47.0531 0872   IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/04/23 18:48:47.0578 0872   IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/04/23 18:48:47.0640 0872   irda            (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
2011/04/23 18:48:47.0718 0872   IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/04/23 18:48:47.0796 0872   IrUSB           (198f123f95f7fd86d8d5c8ca90e79d8a) C:\WINDOWS\system32\DRIVERS\IrUSB.sys
2011/04/23 18:48:47.0859 0872   isapnp          (c8eef2e93835b81bd335de2123121283) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/04/23 18:48:47.0937 0872   Kbdclass        (2aeca45d4aeaacbdcb77ad11184e4601) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/04/23 18:48:48.0015 0872   kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/04/23 18:48:48.0093 0872   KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/04/23 18:48:48.0281 0872   mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/04/23 18:48:48.0359 0872   Modem           (4a068db7dc37d5afedb6512d2931d7b3) C:\WINDOWS\system32\drivers\Modem.sys
2011/04/23 18:48:48.0406 0872   Mouclass        (fbed3df6b884f8cf00447b73507f2c48) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/04/23 18:48:48.0500 0872   MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/04/23 18:48:48.0593 0872   MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/04/23 18:48:48.0703 0872   MRxSmb          (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/04/23 18:48:48.0796 0872   Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/04/23 18:48:48.0859 0872   MSIRCOMM        (95c6432151ccff8617352f8e616a1aa4) C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys
2011/04/23 18:48:48.0921 0872   MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/04/23 18:48:48.0968 0872   MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/04/23 18:48:49.0015 0872   MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/04/23 18:48:49.0078 0872   mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/04/23 18:48:49.0140 0872   Mup             (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/04/23 18:48:49.0218 0872   NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/04/23 18:48:49.0265 0872   NdisTapi        (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/04/23 18:48:49.0312 0872   Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/04/23 18:48:49.0375 0872   NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/04/23 18:48:49.0468 0872   NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/04/23 18:48:49.0609 0872   NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/04/23 18:48:49.0671 0872   NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/04/23 18:48:49.0828 0872   nmwcd           (48fb907b069524f2dc7ba62a0762850c) C:\WINDOWS\system32\drivers\ccdcmb.sys
2011/04/23 18:48:49.0906 0872   nmwcdc          (2914ceb789964141ac6e22c6bc980c42) C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011/04/23 18:48:49.0953 0872   Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/04/23 18:48:50.0046 0872   Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/04/23 18:48:50.0171 0872   Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/04/23 18:48:50.0234 0872   NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/04/23 18:48:50.0296 0872   NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/04/23 18:48:50.0390 0872   Parport         (2d4cdaebced17743aa9e25d3016dc229) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/04/23 18:48:50.0437 0872   PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/04/23 18:48:50.0531 0872   ParVdm          (453ec2c2a20a1382f564541918520eeb) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/04/23 18:48:50.0656 0872   PCANDIS5        (ceef86cb35abe95c40a88784f5b631ad) C:\WINDOWS\system32\PCANDIS5.SYS
2011/04/23 18:48:50.0765 0872   pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
2011/04/23 18:48:50.0828 0872   PCI             (6862c69168d787b85a7d95ccd33c694e) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/04/23 18:48:50.0984 0872   Pcmcia          (8db27f1ae9593c94095485305a583862) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/04/23 18:48:51.0406 0872   PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/04/23 18:48:51.0500 0872   Processor       (7a1367d250502c6416a4d3a19ef155f5) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/04/23 18:48:51.0546 0872   PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/04/23 18:48:51.0609 0872   Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/04/23 18:48:51.0687 0872   PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/04/23 18:48:51.0906 0872   RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/04/23 18:48:51.0968 0872   Rasirda         (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
2011/04/23 18:48:52.0031 0872   Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/04/23 18:48:52.0078 0872   RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/04/23 18:48:52.0125 0872   Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/04/23 18:48:52.0203 0872   Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/04/23 18:48:52.0250 0872   RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/04/23 18:48:52.0312 0872   rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/04/23 18:48:52.0375 0872   RDPWD           (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/04/23 18:48:52.0437 0872   redbook         (e0c7bbd18040b58651bac700c804861d) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/04/23 18:48:52.0562 0872   Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/04/23 18:48:52.0625 0872   serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/04/23 18:48:52.0734 0872   Serial          (1a9de2d430675bcd0dac273098d0b0ec) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/04/23 18:48:52.0843 0872   Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/04/23 18:48:53.0000 0872   splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/04/23 18:48:53.0093 0872   sptd            (d15da1ba189770d93eea2d7e18f95af9) C:\WINDOWS\system32\Drivers\sptd.sys
2011/04/23 18:48:53.0093 0872   Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9
2011/04/23 18:48:53.0109 0872   sptd - detected Locked file (1)
2011/04/23 18:48:53.0171 0872   sr              (eb032822be406ef220d546ddffcf0002) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/04/23 18:48:53.0250 0872   Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/04/23 18:48:53.0343 0872   Stmatm          (2fc0c3d5615395585abdb16660efbc3a) C:\WINDOWS\system32\DRIVERS\stmatm.sys
2011/04/23 18:48:53.0406 0872   swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/04/23 18:48:53.0484 0872   swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/04/23 18:48:53.0734 0872   sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/04/23 18:48:53.0859 0872   TaurusUsb       (3b9daa8751f3881f8d105793dde634a4) C:\WINDOWS\system32\DRIVERS\torususb.sys
2011/04/23 18:48:53.0953 0872   Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/04/23 18:48:54.0031 0872   TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/04/23 18:48:54.0078 0872   TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/04/23 18:48:54.0140 0872   TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/04/23 18:48:54.0281 0872   Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/04/23 18:48:54.0390 0872   Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/04/23 18:48:54.0484 0872   upperdev        (e526a166e6acafd0a9b3841d3941669e) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
2011/04/23 18:48:54.0546 0872   usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/04/23 18:48:54.0578 0872   usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/04/23 18:48:54.0640 0872   usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/04/23 18:48:54.0687 0872   usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/04/23 18:48:54.0765 0872   usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/04/23 18:48:54.0812 0872   usbser          (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
2011/04/23 18:48:54.0875 0872   UsbserFilt      (6f3e3c6811b930d2414552a2e4a40f36) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
2011/04/23 18:48:54.0921 0872   USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/04/23 18:48:54.0968 0872   usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/04/23 18:48:55.0015 0872   VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/04/23 18:48:55.0062 0872   viaagp1         (4b039bbd037b01f5db5a144c837f283a) C:\WINDOWS\system32\DRIVERS\viaagp1.sys
2011/04/23 18:48:55.0125 0872   ViaIde          (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/04/23 18:48:55.0187 0872   VIAudio         (2e1ffc794290d9b16f1db1084583e655) C:\WINDOWS\system32\drivers\vinyl97.sys
2011/04/23 18:48:55.0234 0872   VolSnap         (56b191ac5fc0df219949c95a6c87afe7) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/04/23 18:48:55.0296 0872   Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/04/23 18:48:55.0375 0872   Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/04/23 18:48:55.0500 0872   wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/04/23 18:48:55.0640 0872   WpdUsb          (1385e5aa9c9821790d33a9563b8d2dd0) C:\WINDOWS\system32\Drivers\wpdusb.sys
2011/04/23 18:48:55.0796 0872   ================================================================================
2011/04/23 18:48:55.0796 0872   Scan finished
2011/04/23 18:48:55.0796 0872   ================================================================================
2011/04/23 18:48:55.0828 1192   Detected object count: 1
2011/04/23 18:49:21.0625 1192   Locked file(sptd) - User select action: Skip
2011/04/23 18:49:27.0875 3296   ================================================================================
2011/04/23 18:49:27.0875 3296   Scan started
2011/04/23 18:49:27.0875 3296   Mode: Manual;
2011/04/23 18:49:27.0875 3296   ================================================================================
2011/04/23 18:49:28.0203 3296   ACPI            (05118282f5d039595a2b92b4a4afe197) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/04/23 18:49:28.0265 3296   ACPIEC          (66a42b7db194e24b973bbcce840a0f3f) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/04/23 18:49:28.0375 3296   aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/04/23 18:49:28.0453 3296   AFD             (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys
2011/04/23 18:49:28.0515 3296   AFS2K           (c685cc27a2e637f0dcb5a45e67cc6f74) C:\WINDOWS\system32\drivers\AFS2K.sys
2011/04/23 18:49:28.0781 3296   AmdK8           (3f876dcce7981c66466c0d9ffb943b75) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
2011/04/23 18:49:29.0062 3296   AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/04/23 18:49:29.0140 3296   atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/04/23 18:49:29.0390 3296   ati2mtag        (e9375396f55b58c2042c7c9844d297e3) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/04/23 18:49:29.0515 3296   Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/04/23 18:49:29.0578 3296   audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/04/23 18:49:29.0640 3296   Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/04/23 18:49:29.0703 3296   cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/04/23 18:49:29.0781 3296   Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/04/23 18:49:29.0843 3296   Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/04/23 18:49:29.0890 3296   Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/04/23 18:49:30.0250 3296   Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/04/23 18:49:30.0343 3296   dmboot          (bc9219abc5696942e6f9ac8a9b28670f) C:\WINDOWS\system32\drivers\dmboot.sys
2011/04/23 18:49:30.0421 3296   dmio            (5fa232e3ba6e1346f9f5a7e519320cb0) C:\WINDOWS\system32\drivers\dmio.sys
2011/04/23 18:49:30.0468 3296   dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/04/23 18:49:30.0531 3296   DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/04/23 18:49:30.0625 3296   drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/04/23 18:49:30.0796 3296   Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/04/23 18:49:30.0828 3296   Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/04/23 18:49:30.0890 3296   FETNDIS         (e9648254056bce81a85380c0c3647dc4) C:\WINDOWS\system32\DRIVERS\fetnd5.sys
2011/04/23 18:49:30.0937 3296   Fips            (09e2a4d33f81a06a8aab2ba0a0b5d235) C:\WINDOWS\system32\drivers\Fips.sys
2011/04/23 18:49:30.0968 3296   Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/04/23 18:49:31.0031 3296   FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/04/23 18:49:31.0078 3296   Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/04/23 18:49:31.0125 3296   Ftdisk          (ed6d921d8ab423138fb35beee6d6a6cb) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/04/23 18:49:31.0171 3296   gagp30kx        (3a74c423cf6bcca6982715878f450a3b) C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
2011/04/23 18:49:31.0250 3296   Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/04/23 18:49:31.0312 3296   HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/04/23 18:49:31.0406 3296   HPZid412        (5faba4775d4c61e55ec669d643ffc71f) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/04/23 18:49:31.0453 3296   HPZipr12        (a3c43980ee1f1beac778b44ea65dbdd4) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/04/23 18:49:31.0500 3296   HPZius12        (2906949bd4e206f2bb0dd1896ce9f66f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/04/23 18:49:31.0578 3296   HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/04/23 18:49:31.0671 3296   i8042prt        (177b372af55c4460d0968b5f1d02aa1c) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/04/23 18:49:31.0781 3296   Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/04/23 18:49:31.0921 3296   Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/04/23 18:49:31.0984 3296   IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/04/23 18:49:32.0046 3296   IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/04/23 18:49:32.0093 3296   IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/04/23 18:49:32.0140 3296   IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/04/23 18:49:32.0187 3296   irda            (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
2011/04/23 18:49:32.0234 3296   IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/04/23 18:49:32.0296 3296   IrUSB           (198f123f95f7fd86d8d5c8ca90e79d8a) C:\WINDOWS\system32\DRIVERS\IrUSB.sys
2011/04/23 18:49:32.0343 3296   isapnp          (c8eef2e93835b81bd335de2123121283) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/04/23 18:49:32.0390 3296   Kbdclass        (2aeca45d4aeaacbdcb77ad11184e4601) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/04/23 18:49:32.0437 3296   kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/04/23 18:49:32.0515 3296   KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/04/23 18:49:32.0640 3296   mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/04/23 18:49:32.0703 3296   Modem           (4a068db7dc37d5afedb6512d2931d7b3) C:\WINDOWS\system32\drivers\Modem.sys
2011/04/23 18:49:32.0750 3296   Mouclass        (fbed3df6b884f8cf00447b73507f2c48) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/04/23 18:49:32.0796 3296   MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/04/23 18:49:32.0859 3296   MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/04/23 18:49:32.0937 3296   MRxSmb          (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/04/23 18:49:33.0000 3296   Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/04/23 18:49:33.0046 3296   MSIRCOMM        (95c6432151ccff8617352f8e616a1aa4) C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys
2011/04/23 18:49:33.0093 3296   MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/04/23 18:49:33.0140 3296   MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/04/23 18:49:33.0187 3296   MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/04/23 18:49:33.0234 3296   mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/04/23 18:49:33.0281 3296   Mup             (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/04/23 18:49:33.0343 3296   NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/04/23 18:49:33.0390 3296   NdisTapi        (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/04/23 18:49:33.0437 3296   Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/04/23 18:49:33.0515 3296   NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/04/23 18:49:33.0562 3296   NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/04/23 18:49:33.0625 3296   NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/04/23 18:49:33.0671 3296   NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/04/23 18:49:33.0765 3296   nmwcd           (48fb907b069524f2dc7ba62a0762850c) C:\WINDOWS\system32\drivers\ccdcmb.sys
2011/04/23 18:49:33.0828 3296   nmwcdc          (2914ceb789964141ac6e22c6bc980c42) C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011/04/23 18:49:33.0875 3296   Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/04/23 18:49:33.0937 3296   Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/04/23 18:49:34.0000 3296   Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/04/23 18:49:34.0062 3296   NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/04/23 18:49:34.0125 3296   NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/04/23 18:49:34.0187 3296   Parport         (2d4cdaebced17743aa9e25d3016dc229) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/04/23 18:49:34.0218 3296   PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/04/23 18:49:34.0265 3296   ParVdm          (453ec2c2a20a1382f564541918520eeb) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/04/23 18:49:34.0359 3296   PCANDIS5        (ceef86cb35abe95c40a88784f5b631ad) C:\WINDOWS\system32\PCANDIS5.SYS
2011/04/23 18:49:34.0437 3296   pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
2011/04/23 18:49:34.0500 3296   PCI             (6862c69168d787b85a7d95ccd33c694e) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/04/23 18:49:34.0625 3296   Pcmcia          (8db27f1ae9593c94095485305a583862) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/04/23 18:49:34.0953 3296   PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/04/23 18:49:35.0015 3296   Processor       (7a1367d250502c6416a4d3a19ef155f5) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/04/23 18:49:35.0062 3296   PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/04/23 18:49:35.0109 3296   Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/04/23 18:49:35.0171 3296   PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/04/23 18:49:35.0390 3296   RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/04/23 18:49:35.0484 3296   Rasirda         (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
2011/04/23 18:49:35.0531 3296   Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/04/23 18:49:35.0578 3296   RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/04/23 18:49:35.0625 3296   Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/04/23 18:49:35.0703 3296   Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/04/23 18:49:35.0750 3296   RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/04/23 18:49:35.0796 3296   rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/04/23 18:49:35.0859 3296   RDPWD           (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/04/23 18:49:35.0937 3296   redbook         (e0c7bbd18040b58651bac700c804861d) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/04/23 18:49:36.0062 3296   Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/04/23 18:49:36.0125 3296   serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/04/23 18:49:36.0156 3296   Serial          (1a9de2d430675bcd0dac273098d0b0ec) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/04/23 18:49:36.0218 3296   Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/04/23 18:49:36.0343 3296   splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/04/23 18:49:36.0437 3296   sptd            (d15da1ba189770d93eea2d7e18f95af9) C:\WINDOWS\system32\Drivers\sptd.sys
2011/04/23 18:49:36.0437 3296   Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9
2011/04/23 18:49:36.0453 3296   sptd - detected Locked file (1)
2011/04/23 18:49:36.0500 3296   sr              (eb032822be406ef220d546ddffcf0002) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/04/23 18:49:36.0578 3296   Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/04/23 18:49:36.0671 3296   Stmatm          (2fc0c3d5615395585abdb16660efbc3a) C:\WINDOWS\system32\DRIVERS\stmatm.sys
2011/04/23 18:49:36.0718 3296   swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/04/23 18:49:36.0765 3296   swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/04/23 18:49:36.0968 3296   sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/04/23 18:49:37.0046 3296   TaurusUsb       (3b9daa8751f3881f8d105793dde634a4) C:\WINDOWS\system32\DRIVERS\torususb.sys
2011/04/23 18:49:37.0140 3296   Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/04/23 18:49:37.0203 3296   TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/04/23 18:49:37.0265 3296   TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/04/23 18:49:37.0328 3296   TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/04/23 18:49:37.0484 3296   Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/04/23 18:49:37.0593 3296   Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/04/23 18:49:37.0718 3296   upperdev        (e526a166e6acafd0a9b3841d3941669e) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
2011/04/23 18:49:37.0765 3296   usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/04/23 18:49:37.0828 3296   usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/04/23 18:49:37.0890 3296   usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/04/23 18:49:37.0953 3296   usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/04/23 18:49:38.0015 3296   usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/04/23 18:49:38.0078 3296   usbser          (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
2011/04/23 18:49:38.0140 3296   UsbserFilt      (6f3e3c6811b930d2414552a2e4a40f36) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
2011/04/23 18:49:38.0203 3296   USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/04/23 18:49:38.0265 3296   usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/04/23 18:49:38.0312 3296   VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/04/23 18:49:38.0375 3296   viaagp1         (4b039bbd037b01f5db5a144c837f283a) C:\WINDOWS\system32\DRIVERS\viaagp1.sys
2011/04/23 18:49:38.0453 3296   ViaIde          (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/04/23 18:49:38.0515 3296   VIAudio         (2e1ffc794290d9b16f1db1084583e655) C:\WINDOWS\system32\drivers\vinyl97.sys
2011/04/23 18:49:38.0578 3296   VolSnap         (56b191ac5fc0df219949c95a6c87afe7) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/04/23 18:49:38.0656 3296   Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/04/23 18:49:38.0734 3296   Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/04/23 18:49:38.0859 3296   wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/04/23 18:49:39.0000 3296   WpdUsb          (1385e5aa9c9821790d33a9563b8d2dd0) C:\WINDOWS\system32\Drivers\wpdusb.sys
2011/04/23 18:49:39.0203 3296   ================================================================================
2011/04/23 18:49:39.0203 3296   Scan finished
2011/04/23 18:49:39.0203 3296   ================================================================================
2011/04/23 18:49:39.0218 2368   Detected object count: 1
2011/04/23 18:50:15.0578 2368   Locked file(sptd) - User select action: Skip


[wojtas]

jest czysto

Wykonaj czynności końcowe :
*Uruchom OTL z opcji sprzątanie.
* wykonaj optymalizację Windowsa ( instrukcja dla Windowsa XP, lecz w innych systemach jest podobnie )
* zrób pełny skan Malwarebytes Anti-Malware (zaktualizuj, usuń co znajdzie )
* Skasuj stan przywracania systemu


Zaktualizuj zabezpieczenia:
>>> Adobe Reader (bez Free McAfee® Security Scan Plus)
>>> Internet Explorer 8
>>> Java™ 6
>>> Mozilla Firefox 4,0