Kilka trojanów, 100% użycia procesora.

[tonyleone]

Witam. Bardzo uprzejmie proszę o doprowadzenie mojego laptopa "do porządku" aby odbyło sie to bez formata. Kupiłem używany laptop za dobrą cenę i gdy go włączyłem zobaczyłem strasznie dużo procesów i plików które nie są mi znane. Nie chciałem od razu lecieć z formatem, jeżeli nie spróbuje trochę naprawić ten problem. Na początku gdy jeszcze użycie procesora było takie jak być powinno nie przejmowałem się tym "syfem" tak bardzo. Lecz gdy w końcu chciałem ściągnąć jakiś program antywirusowy aby znalazł i wyrzucił pliki (trojany- widziane w logu z HijackThisa) typu: l1rezerv.exe, sysdriver32.exe lub sysdriver32_.exe. Po zapoznaniu sie z regulaminem wiem ze nie chcecie tutaj logów z Hijacka ale Liczyłem na to że Gmer je odnajdzie, lecz moje amatorskie oko nie dostrzega ich w logu, dlatego proszę od razu mnie nie "hejtować". Aha wspomnę jeszcze o tym ze nie mam pojecia skąd zainstalował sie taki program McAfee Security Scan Plus, nie moge go za nic usunąć, istnieje w autostarcie w "msconfig" lecz pomimo odznaczenia go od dalej sie uruchamia razem z systemem i np blokuje mi uruchomienie programu Avira AntiVir czy Kaspersky, i próbowałem go odinstalować, lecz to nic nie dało bo on sobie po prostu dalej działał . Totalnie zgłupiałem i bardzo proszę o pomoc.
i użycie procesora nie schodzi poniżej 100%...

Log Gmer

Kod: Zaznacz wszystko

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-07-26 10:48:25
Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e ST9160314AS rev.0001SDM1
Running: ks1fzg9w.exe; Driver: C:\DOCUME~1\Admin\USTAWI~1\Temp\pgrdyaoc.sys


---- System - GMER 1.0.15 ----

SSDT            F7D4D6A6                                                                             ZwCreateKey
SSDT            F7D4D69C                                                                             ZwCreateThread
SSDT            F7D4D6AB                                                                             ZwDeleteKey
SSDT            F7D4D6B5                                                                             ZwDeleteValueKey
SSDT            F7D4D6BA                                                                             ZwLoadKey
SSDT            F7D4D688                                                                             ZwOpenProcess
SSDT            F7D4D68D                                                                             ZwOpenThread
SSDT            F7D4D6C4                                                                             ZwReplaceKey
SSDT            F7D4D6BF                                                                             ZwRestoreKey
SSDT            F7D4D6B0                                                                             ZwSetValueKey

---- User code sections - GMER 1.0.15 ----

UPX1            C:\WINDOWS\update.5.0\svchost.exe[580] C:\WINDOWS\update.5.0\svchost.exe             entry point in "UPX1" section [0x00503300]
UPX1            C:\WINDOWS\update.2\svchost.exe[796] C:\WINDOWS\update.2\svchost.exe                 entry point in "UPX1" section [0x00B790A0]
UPX1            C:\WINDOWS\update.2\svchost.exe[928] C:\WINDOWS\update.2\svchost.exe                 entry point in "UPX1" section [0x00B790A0]
UPX1            C:\WINDOWS\update.5.0\svchost.exe[1236] C:\WINDOWS\update.5.0\svchost.exe            entry point in "UPX1" section [0x00503300]
?               C:\WINDOWS\update.tray-9-0\svchost.exe[1328]                                         number of sections mismatch; time/date stamp mismatch; unknown module: netsh.exeunknown module: bcdedit32.exeunknown module: oleaut32.dllunknown module: version.dllunknown module: oleaut32.dllunknown module: oleaut32.dllunknown module: comctl32.dllunknown module: wsock32.dll
UPX1            C:\WINDOWS\update.tray-9-0\svchost.exe[1328] C:\WINDOWS\update.tray-9-0\svchost.exe  entry point in "UPX1" section [0x0067F210]
?               C:\WINDOWS\update.tray-8-0\svchost.exe[1336]                                         number of sections mismatch; time/date stamp mismatch; unknown module: netsh.exeunknown module: bcdedit32.exeunknown module: oleaut32.dllunknown module: version.dllunknown module: oleaut32.dllunknown module: oleaut32.dllunknown module: comctl32.dllunknown module: wsock32.dll
UPX1            C:\WINDOWS\update.tray-8-0\svchost.exe[1336] C:\WINDOWS\update.tray-8-0\svchost.exe  entry point in "UPX1" section [0x0067F210]
?               C:\WINDOWS\update.1\svchost.exe[2312]                                                number of sections mismatch; time/date stamp mismatch; unknown module: netsh.exeunknown module: bcdedit32.exeunknown module: oleaut32.dllunknown module: version.dllunknown module: oleaut32.dllunknown module: oleaut32.dllunknown module: comctl32.dllunknown module: wsock32.dll
UPX1            C:\WINDOWS\update.1\svchost.exe[2312] C:\WINDOWS\update.1\svchost.exe                entry point in "UPX1" section [0x0067F210]

---- Devices - GMER 1.0.15 ----

AttachedDevice  \Driver\Kbdclass \Device\KeyboardClass0                                              SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice  \Driver\Kbdclass \Device\KeyboardClass1                                              SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

---- EOF - GMER 1.0.15 ----


Zależało mi na wrzucenie i pokazanie wam moich dziwnych procesów.
Log HijackThis

Kod: Zaznacz wszystko

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:00:13, on 2011-07-26
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exea
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\qttask.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\update.tray-9-0\svchost.exe
C:\WINDOWS\update.tray-8-0\svchost.exe
C:\WINDOWS\l1rezerv.exe
C:\WINDOWS\systemup.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
E:\hamachi-2-ui.exe
E:\hamachi-2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\o2flash.exe
C:\WINDOWS\update.5.0\svchost.exe
C:\WINDOWS\update.2\svchost.exe
C:\WINDOWS\update.5.0\svchost.exe
C:\WINDOWS\sysdriver32.exe
C:\WINDOWS\update.1\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\update.2\svchost.exe
C:\WINDOWS\System32\svchost.exe
E:\Pliki sciągniete z netu\ks1fzg9w.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\ufa\ufa.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (file missing)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [wxpdrv] C:\WINDOWS\services32.exe
O4 - HKLM\..\Run: [5941261.exe] "C:\DOCUME~1\Admin\USTAWI~1\Temp\5941261.exe"
O4 - HKLM\..\Run: [sysdriver32.exe] "C:\WINDOWS\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "C:\WINDOWS\sysdriver32_.exe" rezerv
O4 - HKLM\..\Run: [9948500.exe] "C:\DOCUME~1\Admin\USTAWI~1\Temp\9948500.exe"
O4 - HKLM\..\Run: [tray_ico0] C:\WINDOWS\update.tray-9-0\svchost.exe
O4 - HKLM\..\Run: [tray_ico1] C:\WINDOWS\update.tray-8-0\svchost.exe
O4 - HKLM\..\Run: [10000.exe] "C:\WINDOWS\TEMP\10000.exe"
O4 - HKLM\..\Run: [36524850-loader2.exe] "C:\WINDOWS\TEMP\36524850-loader2.exe"
O4 - HKLM\..\Run: [l1rezerv.exe] "C:\WINDOWS\l1rezerv.exe"
O4 - HKLM\..\Run: [systemup] "C:\WINDOWS\systemup.exe" stand
O4 - HKLM\..\Run: [3014256.exe] "C:\WINDOWS\TEMP\3014256.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "E:\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{7E9D0A10-0E85-4A2A-8ECF-F457EAD1595C}: NameServer = 192.168.1.1
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Unknown owner - C:\Program Files\Avira\AntiVir Desktop\sched.exe (file missing)
O23 - Service: Avira AntiVir Guard (AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (file missing)
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - E:\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (file missing)
O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\system32\o2flash.exe
O23 - Service: srvbtcclient - Unknown owner - C:\WINDOWS\update.5.0\svchost.exe
O23 - Service: srviecheck - Unknown owner - C:\WINDOWS\update.2\svchost.exe
O23 - Service: srvsysdriver32 - Unknown owner - C:\WINDOWS\sysdriver32.exe
O23 - Service: wxpdrivers - Unknown owner - C:\WINDOWS\update.1\svchost.exe

--
End of file - 7590 bytes


[Mikou@j]

Brakuje dwóch logów z OTL obowiazkowe-zasady-wstawiania-logow-wazne-vt117887.html

[tonyleone]

Się robi :

Kod: Zaznacz wszystko

OTL logfile created on: 2011-07-26 11:29:48 - Run 1
OTL by OldTimer - Version 3.2.26.1     Folder = E:\Pliki sciągniete z netu
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1014,11 Mb Total Physical Memory | 442,47 Mb Available Physical Memory | 43,63% Memory free
2,39 Gb Paging File | 1,93 Gb Available in Paging File | 80,94% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78,13 Gb Total Space | 69,71 Gb Free Space | 89,23% Space Free | Partition Type: NTFS
Drive E: | 70,91 Gb Total Space | 67,74 Gb Free Space | 95,53% Space Free | Partition Type: NTFS

Computer Name: PAWEL-76A2AD | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011-07-26 11:27:40 | 000,579,584 | ---- | M] (OldTimer Tools) -- E:\Pliki sciągniete z netu\OTL.exe
PRC - [2011-07-26 02:08:29 | 000,348,672 | ---- | M] () -- C:\WINDOWS\update.5.0\svchost.exe
PRC - [2011-07-26 02:08:29 | 000,348,672 | ---- | M] () -- C:\WINDOWS\update.5.0\svchost.exe
PRC - [2011-07-25 17:00:48 | 000,256,000 | ---- | M] () -- C:\WINDOWS\sysdriver32.exe
PRC - [2011-07-25 16:15:21 | 000,114,176 | ---- | M] () -- C:\WINDOWS\systemup.exe
PRC - [2011-07-25 15:58:27 | 000,232,960 | ---- | M] () -- C:\WINDOWS\l1rezerv.exe
PRC - [2011-07-25 15:47:08 | 000,495,616 | ---- | M] () -- C:\WINDOWS\update.2\svchost.exe
PRC - [2011-07-25 15:47:08 | 000,495,616 | ---- | M] () -- C:\WINDOWS\update.2\svchost.exe
PRC - [2011-07-25 15:37:00 | 001,185,280 | -H-- | M] () -- C:\WINDOWS\update.tray-9-0\svchost.exe
PRC - [2011-07-25 15:37:00 | 001,185,280 | -H-- | M] () -- C:\WINDOWS\update.tray-8-0\svchost.exe
PRC - [2011-07-25 15:37:00 | 001,185,280 | -H-- | M] () -- C:\WINDOWS\update.1\svchost.exe
PRC - [2011-07-08 09:50:28 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011-06-29 12:20:24 | 000,743,936 | ---- | M] (Ufasoft) -- C:\WINDOWS\ufa\ufa.exe
PRC - [2011-05-25 17:29:54 | 001,951,112 | ---- | M] (LogMeIn Inc.) -- E:\hamachi-2-ui.exe
PRC - [2011-05-25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) -- E:\hamachi-2.exe
PRC - [2010-07-10 13:50:51 | 000,098,304 | ---- | M] (Apple Computer, Inc.) -- C:\WINDOWS\system32\qttask.exe
PRC - [2010-06-22 15:45:51 | 000,544,768 | ---- | M] (Motorola Inc.) -- C:\WINDOWS\sm56hlpr.exe
PRC - [2010-06-22 15:44:56 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\o2flash.exe
PRC - [2008-04-15 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011-07-26 11:27:40 | 000,579,584 | ---- | M] (OldTimer Tools) -- E:\Pliki sciągniete z netu\OTL.exe
MOD - [2010-08-23 18:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] --  -- (McComponentHostService)
SRV - File not found [Disabled | Stopped] --  -- (HidServ)
SRV - File not found [On_Demand | Stopped] --  -- (AppMgmt)
SRV - File not found [Auto | Stopped] --  -- (AntiVirService)
SRV - File not found [Auto | Stopped] --  -- (AntiVirSchedulerService)
SRV - [2011-07-26 02:08:29 | 000,348,672 | ---- | M] () [Auto | Running] -- C:\WINDOWS\update.5.0\svchost.exe -- (srvbtcclient)
SRV - [2011-07-25 17:00:48 | 000,256,000 | ---- | M] () [Auto | Running] -- C:\WINDOWS\sysdriver32.exe -- (srvsysdriver32)
SRV - [2011-07-25 15:47:08 | 000,495,616 | ---- | M] () [Auto | Running] -- C:\WINDOWS\update.2\svchost.exe -- (srviecheck)
SRV - [2011-07-25 15:37:00 | 001,185,280 | -H-- | M] () [Auto | Running] -- C:\WINDOWS\update.1\svchost.exe -- (wxpdrivers)
SRV - [2011-05-25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- E:\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010-06-22 15:44:56 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\o2flash.exe -- (O2Flash)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-06-17 12:37:08 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011-06-17 12:37:08 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011-03-10 18:34:46 | 000,034,608 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2010-06-22 15:45:51 | 000,862,340 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2010-06-22 15:45:38 | 000,081,408 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2010-06-22 15:44:56 | 000,034,880 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\o2media.sys -- (O2MDRDR)
DRV - [2010-06-22 15:44:56 | 000,029,056 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\o2sd.sys -- (O2SDRDR)
DRV - [2010-06-22 15:40:27 | 004,225,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010-06-17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009-11-02 20:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008-04-14 00:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2006-10-23 11:57:38 | 000,092,160 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwusbser.sys -- (NWUSBPort)
DRV - [2006-10-23 11:57:38 | 000,092,160 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwusbmdm.sys -- (NWUSBModem)
DRV - [2003-08-04 14:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1644491937-1085031214-842925246-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=302398&p="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2027: E:\Programy\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1040: E:\Programy\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-07-23 13:45:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011-07-23 13:45:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Extensions
[2011-07-26 01:24:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-07-26 01:27:30 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
File not found (No name found) --
[2010-07-10 13:55:57 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011-07-08 09:50:30 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010-01-01 10:00:00 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2010-01-01 10:00:00 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2010-01-01 10:00:00 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2010-01-01 10:00:00 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2010-01-01 10:00:00 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-01-01 10:00:00 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2011-07-26 10:25:48 | 000,203,160 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1 vkontakte.ru
O1 - Hosts: 127.0.0.1 www.vkontakte.ru
O1 - Hosts: 127.0.0.1 login.vk.com
O1 - Hosts: 127.0.0.1 vk.com
O1 - Hosts: 127.0.0.1 www.vk.com
O1 - Hosts: 127.0.0.1 odnoklassniki.ru
O1 - Hosts: 127.0.0.1 www.odnoklassniki.ru
O1 - Hosts: 127.0.0.1 facebook.com
O1 - Hosts: 127.0.0.1 www.facebook.com
O1 - Hosts: 127.0.0.1 af-za.facebook.com
O1 - Hosts: 127.0.0.1 az-az.facebook.com
O1 - Hosts: 127.0.0.1 id-id.facebook.com
O1 - Hosts: 127.0.0.1 ms-my.facebook.com
O1 - Hosts: 127.0.0.1 bs-ba.facebook.com
O1 - Hosts: 127.0.0.1 ca-es.facebook.com
O1 - Hosts: 127.0.0.1 cs-cz.facebook.com
O1 - Hosts: 127.0.0.1 cy-gb.facebook.com
O1 - Hosts: 127.0.0.1 da-dk.facebook.com
O1 - Hosts: 127.0.0.1 de-de.facebook.com
O1 - Hosts: 127.0.0.1 et-ee.facebook.com
O1 - Hosts: 127.0.0.1 en-gb.facebook.com
O1 - Hosts: 127.0.0.1 es-la.facebook.com
O1 - Hosts: 127.0.0.1 eo-eo.facebook.com
O1 - Hosts: 127.0.0.1 eu-es.facebook.com
O1 - Hosts: 50060 more lines...
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} -  File not found
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} -  File not found
O4 - HKLM..\Run: [10000.exe] C:\WINDOWS\TEMP\10000.exe ()
O4 - HKLM..\Run: [3014256.exe] C:\WINDOWS\TEMP\3014256.exe ()
O4 - HKLM..\Run: [36524850-loader2.exe] C:\WINDOWS\TEMP\36524850-loader2.exe ()
O4 - HKLM..\Run: [5941261.exe] C:\Documents and Settings\Admin\Ustawienia lokalne\temp\5941261.exe ()
O4 - HKLM..\Run: [9948500.exe] C:\Documents and Settings\Admin\Ustawienia lokalne\temp\9948500.exe ()
O4 - HKLM..\Run: [avgnt]  File not found
O4 - HKLM..\Run: [l1rezerv.exe] C:\WINDOWS\l1rezerv.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] E:\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\WINDOWS\System32\qttask.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [sysdriver32.exe] C:\WINDOWS\sysdriver32.exe ()
O4 - HKLM..\Run: [sysdriver32_.exe] C:\WINDOWS\sysdriver32_.exe ()
O4 - HKLM..\Run: [systemup] C:\WINDOWS\systemup.exe ()
O4 - HKLM..\Run: [tray_ico]  File not found
O4 - HKLM..\Run: [tray_ico0] C:\WINDOWS\update.tray-9-0\svchost.exe ()
O4 - HKLM..\Run: [tray_ico1] C:\WINDOWS\update.tray-8-0\svchost.exe ()
O4 - HKLM..\Run: [tray_ico2]  File not found
O4 - HKLM..\Run: [tray_ico3]  File not found
O4 - HKLM..\Run: [tray_ico4]  File not found
O4 - HKLM..\Run: [wxpdrv]  File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1644491937-1085031214-842925246-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1644491937-1085031214-842925246-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1644491937-1085031214-842925246-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1644491937-1085031214-842925246-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O31 - SafeBoot: AlternateShell - services32.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-06-22 15:03:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011-07-26 10:59:51 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011-07-26 10:59:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Menu Start\Programy\HiJackThis
[2011-07-26 02:24:34 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-8-0-lnk
[2011-07-26 02:24:34 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-8-0
[2011-07-26 02:22:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Avira
[2011-07-26 02:21:53 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011-07-26 02:21:50 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011-07-26 02:21:50 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011-07-26 02:21:50 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011-07-26 02:21:50 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011-07-26 01:27:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Kaspersky Anti-Virus 2012
[2011-07-26 01:25:52 | 000,565,552 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2011-07-25 17:39:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2011-07-25 17:39:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
[2011-07-25 17:39:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\LogMeIn Hamachi
[2011-07-25 17:33:38 | 002,643,456 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpdx32.dll
[2011-07-25 17:33:38 | 001,670,144 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpdv32.dll
[2011-07-25 17:33:38 | 000,176,128 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrsky.lrc
[2011-07-25 17:33:38 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrslv.lrc
[2011-07-25 17:33:38 | 000,151,040 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpgd32.dll
[2011-07-25 17:33:38 | 000,057,344 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxprd32.dll
[2011-07-25 17:33:36 | 000,920,088 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\igxpun.exe
[2011-07-25 17:33:36 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difxapi.dll
[2011-07-25 17:33:29 | 000,000,000 | ---D | C] -- C:\Intel
[2011-07-25 17:24:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Lavalys
[2011-07-25 17:19:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\.minecraft
[2011-07-25 17:19:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Minecraft
[2011-07-25 16:26:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\ufa
[2011-07-25 16:26:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\rpcminer
[2011-07-25 16:26:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\phoenix
[2011-07-25 16:03:51 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.5.0
[2011-07-25 15:47:09 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.2
[2011-07-25 15:46:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\WinRAR
[2011-07-25 15:45:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\av_ico
[2011-07-25 15:44:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-9-0-lnk
[2011-07-25 15:44:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-9-0
[2011-07-25 15:41:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\McAfee Security Scan Plus
[2011-07-25 15:40:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Solid State Networks
[2011-07-25 15:37:14 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.1
[2011-07-25 14:46:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2011-07-24 13:27:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011-07-23 14:49:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\LolClient
[2011-07-23 14:49:04 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2011-07-23 14:49:04 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2011-07-23 14:49:04 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2011-07-23 14:49:04 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2011-07-23 14:49:03 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2011-07-23 14:49:03 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2011-07-23 14:49:03 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2011-07-23 14:49:02 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2011-07-23 14:49:02 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2011-07-23 14:49:02 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2011-07-23 14:49:01 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2011-07-23 14:49:01 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2011-07-23 14:49:00 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2011-07-23 14:49:00 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2011-07-23 14:49:00 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2011-07-23 14:48:59 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2011-07-23 14:48:59 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2011-07-23 14:48:59 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2011-07-23 14:48:58 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2011-07-23 14:48:58 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2011-07-23 14:48:58 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2011-07-23 14:48:57 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2011-07-23 14:48:57 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2011-07-23 14:48:57 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2011-07-23 14:48:56 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2011-07-23 14:48:56 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2011-07-23 14:48:56 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2011-07-23 14:48:56 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2011-07-23 14:48:55 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2011-07-23 14:48:55 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2011-07-23 14:48:55 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2011-07-23 14:48:54 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2011-07-23 14:48:54 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2011-07-23 14:48:53 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2011-07-23 14:48:53 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2011-07-23 14:48:52 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2011-07-23 14:48:52 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2011-07-23 14:48:52 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2011-07-23 14:48:52 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2011-07-23 14:48:51 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2011-07-23 14:48:51 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2011-07-23 14:48:51 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2011-07-23 14:48:50 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2011-07-23 14:48:50 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2011-07-23 14:48:50 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2011-07-23 14:48:50 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2011-07-23 14:48:49 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2011-07-23 14:48:49 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2011-07-23 14:48:48 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2011-07-23 14:48:48 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2011-07-23 14:48:48 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2011-07-23 14:48:47 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2011-07-23 14:48:47 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2011-07-23 14:48:46 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2011-07-23 14:48:46 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2011-07-23 14:48:46 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2011-07-23 14:48:45 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2011-07-23 14:48:45 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2011-07-23 14:48:45 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2011-07-23 14:48:44 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2011-07-23 14:48:44 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2011-07-23 14:48:44 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2011-07-23 14:48:43 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2011-07-23 14:48:43 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2011-07-23 14:48:42 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2011-07-23 14:48:42 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2011-07-23 14:48:41 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2011-07-23 14:48:40 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2011-07-23 14:48:40 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2011-07-23 14:48:38 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2011-07-23 14:48:38 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2011-07-23 14:48:38 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2011-07-23 14:48:37 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2011-07-23 14:48:37 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2011-07-23 14:48:37 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2011-07-23 14:48:37 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2011-07-23 14:48:36 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2011-07-23 14:48:36 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2011-07-23 14:48:36 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2011-07-23 14:48:36 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2011-07-23 14:48:35 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2011-07-23 14:48:35 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2011-07-23 14:48:35 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2011-07-23 14:48:35 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2011-07-23 14:48:34 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2011-07-23 14:48:34 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2011-07-23 14:48:33 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2011-07-23 14:48:33 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2011-07-23 14:48:33 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2011-07-23 14:48:32 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2011-07-23 14:48:32 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2011-07-23 14:48:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2011-07-23 14:47:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\Gadu-Gadu 10
[2011-07-23 14:46:19 | 000,000,000 | ---D | C] -- C:\DirectX
[2011-07-23 14:44:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2011-07-23 14:44:25 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10
[2011-07-23 14:24:30 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Admin\Recent
[2011-07-23 14:24:30 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011-07-23 14:22:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
[2011-07-23 14:22:24 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011-07-23 14:04:54 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011-07-23 14:03:40 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011-07-23 14:03:40 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011-07-23 14:03:40 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011-07-23 14:03:40 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011-07-23 14:03:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011-07-23 14:03:30 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011-07-23 14:03:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Admin\Menu Start\Programy\Narzędzia administracyjne
[2011-07-23 13:50:48 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011-07-23 13:46:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Moje dokumenty\Pobieranie
[2011-07-23 13:45:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Mozilla
[2011-07-23 13:45:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dane aplikacji\Mozilla
[2011-07-23 13:45:10 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011-07-23 13:35:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011-07-23 13:22:24 | 000,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2011-07-23 13:22:20 | 000,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011-07-26 10:25:48 | 000,203,160 | -H-- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011-07-26 10:25:48 | 000,000,734 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hîsts
[2011-07-26 10:25:43 | 000,001,694 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Avira AntiVir Control Center.lnk
[2011-07-26 10:25:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-07-26 02:24:51 | 000,000,331 | ---- | M] () -- C:\boot.ini
[2011-07-26 02:08:30 | 000,000,176 | ---- | M] () -- C:\WINDOWS\info1
[2011-07-26 01:36:24 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-07-26 01:28:50 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\WebpageIcons.db
[2011-07-26 01:28:50 | 000,003,608 | ---- | M] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\WebpageIcons.db-journal
[2011-07-26 01:27:36 | 000,115,267 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2011-07-26 01:27:36 | 000,097,859 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2011-07-26 01:25:52 | 000,565,552 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2011-07-25 17:24:57 | 000,000,467 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\EVEREST Home Edition.lnk
[2011-07-25 17:19:06 | 000,000,378 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Minecraft.lnk
[2011-07-25 17:00:48 | 000,256,000 | ---- | M] () -- C:\WINDOWS\sysdriver32_.exe
[2011-07-25 17:00:48 | 000,256,000 | ---- | M] () -- C:\WINDOWS\sysdriver32.exe
[2011-07-25 16:26:09 | 005,589,370 | ---- | M] () -- C:\WINDOWS\phoenix.rar
[2011-07-25 16:26:09 | 000,246,272 | ---- | M] () -- C:\WINDOWS\unrar.exe
[2011-07-25 16:26:09 | 000,182,617 | ---- | M] () -- C:\WINDOWS\ufa.rar
[2011-07-25 16:26:08 | 001,075,284 | ---- | M] () -- C:\WINDOWS\rpcminer.rar
[2011-07-25 16:15:21 | 000,114,176 | ---- | M] () -- C:\WINDOWS\systemup.exe
[2011-07-25 15:58:27 | 000,232,960 | ---- | M] () -- C:\WINDOWS\l1rezerv.exe
[2011-07-25 15:46:52 | 000,904,792 | ---- | M] () -- C:\WINDOWS\geoiplist.rar
[2011-07-25 15:38:14 | 000,000,000 | ---- | M] () -- C:\WINDOWS\loader2.exe_ok
[2011-07-24 01:16:52 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Skrót do lol.launcher.lnk
[2011-07-23 18:15:28 | 000,000,359 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Muza Krzysia.lnk
[2011-07-23 18:07:12 | 000,290,088 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-07-23 17:38:44 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011-07-23 14:44:52 | 000,000,791 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2011-07-23 14:44:52 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2011-07-23 14:30:17 | 000,000,392 | ---- | M] () -- C:\Documents and Settings\Admin\Pulpit\Skrót do Pliki sciągniete z netu.lnk
[2011-07-23 14:22:40 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
[2011-07-23 13:50:48 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011-07-23 13:45:20 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2011-07-23 13:45:13 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2011-07-17 03:24:20 | 004,636,907 | ---- | M] () -- C:\WINDOWS\geoiplist
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-07-26 02:22:06 | 000,001,694 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Avira AntiVir Control Center.lnk
[2011-07-26 01:28:47 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\WebpageIcons.db
[2011-07-26 01:28:47 | 000,003,608 | ---- | C] () -- C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\WebpageIcons.db-journal
[2011-07-26 01:27:36 | 000,115,267 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2011-07-26 01:27:36 | 000,097,859 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2011-07-25 17:33:38 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4906.dll
[2011-07-25 17:24:57 | 000,000,467 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\EVEREST Home Edition.lnk
[2011-07-25 17:19:06 | 000,000,378 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Minecraft.lnk
[2011-07-25 16:26:09 | 005,589,370 | ---- | C] () -- C:\WINDOWS\phoenix.rar
[2011-07-25 16:26:09 | 000,182,617 | ---- | C] () -- C:\WINDOWS\ufa.rar
[2011-07-25 16:26:08 | 001,075,284 | ---- | C] () -- C:\WINDOWS\rpcminer.rar
[2011-07-25 16:15:29 | 000,114,176 | ---- | C] () -- C:\WINDOWS\systemup.exe
[2011-07-25 15:58:32 | 000,232,960 | ---- | C] () -- C:\WINDOWS\l1rezerv.exe
[2011-07-25 15:46:54 | 004,636,907 | ---- | C] () -- C:\WINDOWS\geoiplist
[2011-07-25 15:46:52 | 000,904,792 | ---- | C] () -- C:\WINDOWS\geoiplist.rar
[2011-07-25 15:46:52 | 000,246,272 | ---- | C] () -- C:\WINDOWS\unrar.exe
[2011-07-25 15:46:31 | 000,000,176 | ---- | C] () -- C:\WINDOWS\info1
[2011-07-25 15:38:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\loader2.exe_ok
[2011-07-25 15:38:10 | 000,256,000 | ---- | C] () -- C:\WINDOWS\sysdriver32_.exe
[2011-07-25 15:37:56 | 000,256,000 | ---- | C] () -- C:\WINDOWS\sysdriver32.exe
[2011-07-24 01:16:52 | 000,000,618 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Skrót do lol.launcher.lnk
[2011-07-23 18:15:28 | 000,000,359 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Muza Krzysia.lnk
[2011-07-23 17:31:26 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011-07-23 14:44:52 | 000,000,791 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2011-07-23 14:44:52 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2011-07-23 14:44:34 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Gadu-Gadu 10.lnk
[2011-07-23 14:30:17 | 000,000,392 | ---- | C] () -- C:\Documents and Settings\Admin\Pulpit\Skrót do Pliki sciągniete z netu.lnk
[2011-07-23 14:22:40 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
[2011-07-23 14:04:58 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011-07-23 14:04:55 | 000,262,400 | RHS- | C] () -- C:\cmldr
[2011-07-23 14:03:40 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011-07-23 14:03:40 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011-07-23 14:03:40 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011-07-23 14:03:40 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011-07-23 14:03:40 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011-07-23 13:45:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011-07-23 13:45:13 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk
[2011-07-23 13:45:13 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2011-03-11 12:43:54 | 000,029,763 | ---- | C] () -- C:\WINDOWS\System32\drivers\klopp.dat
[2010-07-10 13:50:21 | 000,000,761 | ---- | C] () -- C:\WINDOWS\m3jp2k.ini
[2010-07-10 13:50:21 | 000,000,714 | ---- | C] () -- C:\WINDOWS\m3jpeg.ini
[2010-07-10 13:50:21 | 000,000,702 | ---- | C] () -- C:\WINDOWS\mmtvmj.ini
[2010-07-10 13:50:18 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2010-07-10 13:50:17 | 000,152,064 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-07-10 13:50:15 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-06-29 10:06:54 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2010-06-22 16:51:16 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-06-22 16:49:50 | 000,290,088 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-06-22 15:55:38 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010-06-22 15:44:56 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\o2flash.exe
[2010-06-22 15:44:56 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\RMDevice.dll
[2010-06-22 15:06:39 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010-06-22 15:00:43 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008-04-15 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008-04-15 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008-04-15 14:00:00 | 000,359,416 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2008-04-15 14:00:00 | 000,314,842 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008-04-15 14:00:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2008-04-15 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008-04-15 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008-04-15 14:00:00 | 000,051,166 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2008-04-15 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008-04-15 14:00:00 | 000,041,170 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008-04-15 14:00:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2008-04-15 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008-04-15 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008-04-15 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008-04-15 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008-04-15 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006-01-20 05:34:30 | 000,049,152 | ---- | C] () -- C:\WINDOWS\sm56cht.dll
[2006-01-20 05:34:28 | 000,061,440 | ---- | C] () -- C:\WINDOWS\sm56fra.dll
[2006-01-20 05:34:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\sm56jpn.dll
[2006-01-20 05:34:28 | 000,049,152 | ---- | C] () -- C:\WINDOWS\sm56chs.dll
[2006-01-20 05:34:26 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56spn.dll
[2006-01-20 05:34:26 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56itl.dll
[2006-01-20 05:34:26 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56eng.dll
[2006-01-20 05:34:26 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56brz.dll
[2006-01-20 05:34:26 | 000,061,440 | ---- | C] () -- C:\WINDOWS\sm56ger.dll

[color=#E56717]========== LOP Check ==========[/color]

[2011-07-25 23:10:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\.minecraft
[2011-07-23 14:47:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\Gadu-Gadu 10
[2011-07-23 14:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\LolClient
[2010-10-28 09:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Dane aplikacji\OpenOffice.org
[2011-07-23 14:44:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10

[color=#E56717]========== Purity Check ==========[/color]



< End of report >


Kod: Zaznacz wszystko

OTL Extras logfile created on: 2011-07-26 11:29:48 - Run 1
OTL by OldTimer - Version 3.2.26.1     Folder = E:\Pliki sciągniete z netu
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1014,11 Mb Total Physical Memory | 442,47 Mb Available Physical Memory | 43,63% Memory free
2,39 Gb Paging File | 1,93 Gb Available in Paging File | 80,94% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78,13 Gb Total Space | 69,71 Gb Free Space | 89,23% Space Free | Partition Type: NTFS
Drive E: | 70,91 Gb Total Space | 67,74 Gb Free Space | 95,53% Space Free | Partition Type: NTFS

Computer Name: PAWEL-76A2AD | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1644491937-1085031214-842925246-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 1
"DisableThumbnailCache" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"E:\Pliki sciągniete z netu\Flash-Player.exe" = E:\Pliki sciągniete z netu\Flash-Player.exe:*:Enabled:E:\Pliki sciągniete z netu\Flash-Player.exe -- ()
"C:\WINDOWS\update.1\svchost.exe" = C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe -- ()
"C:\WINDOWS\update.2\svchost.exe" = C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe -- ()


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{8727531E-6C58-4852-A90B-39CF45E269A9}" = OpenOffice.org 3.2
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (Polish) 12
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_SMALLBUSINESSR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_SMALLBUSINESSR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_SMALLBUSINESSR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_SMALLBUSINESSR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_SMALLBUSINESSR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_SMALLBUSINESSR_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_SMALLBUSINESSR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3.3 - Polish
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{EB1B0104-6A57-446F-B855-FDF49151BE0C}" = O2Micro Flash Memory Card Windows Driver V2.04
"{EEF985E8-8B36-4230-B174-117A2381C17F}" = LogMeIn Hamachi
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1" = ACE Mega CoDecS Pack
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BBAD1A7054D7B16ED03E62627C123F5CBA70A4E7" = Windows Driver Package - Intel (NETw3x32) net  (09/27/2006 10.5.1.68)
"CCleaner" = CCleaner
"D16AA00FE65B9D2C6E0A57F54400303BF3259CC3" = Windows Driver Package - Intel (w29n51) net  (06/26/2006 9.0.4.17)
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FranceTelecomUninstall_NOVXU870" = Novatel Wireless Merlin XU870 Card
"Gadu-Gadu 10" = Gadu-Gadu 10
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"InstallShield_{EB1B0104-6A57-446F-B855-FDF49151BE0C}" = O2Micro Flash Memory Card Windows Driver V2.04
"LogMeIn Hamachi" = LogMeIn Hamachi
"Minecraft 1.2.0_02" = Minecraft 1.2.0_02
"Mozilla Firefox 5.0.1 (x86 pl)" = Mozilla Firefox 5.0.1 (x86 pl)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"SMALLBUSINESSR" = Microsoft Office Small Business 2007
"SMSERIAL" = Motorola SM56 Data Fax Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = Archiwizator WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-11-20 05:54:26 | Computer Name = RYCHLICK-76A2AD | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca wmplayer.exe, wersja 11.0.5721.5262, moduł
zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2010-11-20 06:57:16 | Computer Name = RYCHLICK-76A2AD | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca wmplayer.exe, wersja 11.0.5721.5262, moduł
zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2010-12-11 05:40:22 | Computer Name = RYCHLICK-76A2AD | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca wmplayer.exe, wersja 11.0.5721.5262, moduł
zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2010-12-29 14:20:32 | Computer Name = RYCHLICK-76A2AD | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca wmplayer.exe, wersja 11.0.5721.5262, moduł
zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2011-02-16 21:49:00 | Computer Name = RYCHLICK-76A2AD | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca wmplayer.exe, wersja 11.0.5721.5262, moduł
zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2011-02-21 22:15:27 | Computer Name = RYCHLICK-76A2AD | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca wmplayer.exe, wersja 11.0.5721.5262, moduł
zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2011-04-22 04:12:52 | Computer Name = RYCHLICK-76A2AD | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca wmplayer.exe, wersja 11.0.5721.5262, moduł
zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2011-07-23 08:50:20 | Computer Name = RYCHLICK-76A2AD | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej. 

Error - 2011-07-23 08:50:20 | Computer Name = RYCHLICK-76A2AD | Source = crypt32 | ID = 131083
Description = Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej. 

Error - 2011-07-24 14:25:33 | Computer Name = PAWEL-76A2AD | Source = SecurityCenter | ID = 1802
Description = Usługa Centrum zabezpieczeń systemu Windows nie może ustanowić kwerend
zdarzeń z WMI, aby monitorować zaporę i program antywirusowy innej firmy.

[ System Events ]
Error - 2011-07-26 04:05:58 | Computer Name = PAWEL-76A2AD | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego:   avgio  KL1  kl2

Error - 2011-07-26 04:23:14 | Computer Name = PAWEL-76A2AD | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Avira AntiVir Scheduler z powodu następującego
błędu:   %%3

Error - 2011-07-26 04:23:14 | Computer Name = PAWEL-76A2AD | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Avira AntiVir Guard z powodu następującego
błędu:   %%3

Error - 2011-07-26 04:23:14 | Computer Name = PAWEL-76A2AD | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego:   avgio  KL1  kl2

Error - 2011-07-26 04:25:41 | Computer Name = PAWEL-76A2AD | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Avira AntiVir Scheduler z powodu następującego
błędu:   %%3

Error - 2011-07-26 04:25:41 | Computer Name = PAWEL-76A2AD | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Avira AntiVir Guard z powodu następującego
błędu:   %%3

Error - 2011-07-26 04:25:41 | Computer Name = PAWEL-76A2AD | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego:   avgio  KL1  kl2

Error - 2011-07-26 04:27:36 | Computer Name = PAWEL-76A2AD | Source = atapi | ID = 262153
Description = Urządzenie \Device\Ide\IdePort1 nie odpowiedziało w ramach ustalonego
limitu czasu.

Error - 2011-07-26 04:32:04 | Computer Name = PAWEL-76A2AD | Source = atapi | ID = 262153
Description = Urządzenie \Device\Ide\IdePort1 nie odpowiedziało w ramach ustalonego
limitu czasu.

Error - 2011-07-26 04:42:57 | Computer Name = PAWEL-76A2AD | Source = atapi | ID = 262153
Description = Urządzenie \Device\Ide\IdePort1 nie odpowiedziało w ramach ustalonego
limitu czasu.


< End of report >


[NieWiem]

Sporo tego badziewia, do tego prawdopodobnie będzie Cię czekała zmiana wszystkich haseł jakie masz do logowania.

Zamknij wszystko nad czym aktualnie pracujesz, także wyłącz swój program antywirusowy, zaporę, programy antyspyware. To ważne. Jak to zrobić, opisane tutaj.

Pamiętaj także o wyinstalowaniu wirtualnych napędów i usunięciu ich sterownika: klik

Pobierz ComboFixa od sUBs'a:
stąd lub stąd

ZANIM UŻYJESZ - Przeczytaj dokładnie jego instrukcję:
http://www.bleepingcomputer.com/combofix/pl/instrukcja-uzycia-combofix

Zalecam instalowanie Konsoli Odzyskiwania (XP, 2000), lub zaopatrzenie się w płytę WinRE (Vista, Se7en). Mimo wszystko ComboFix nie jest doskonały.

Przeklej na forum wyniki pracy narzędzia. Będą automatycznie otwarte w notatniku, znajdziesz je także w pliku C:\ComboFix.txt