Witajcie! Ostatnio od glupiego klikania na reklamy, zalapalem okropnie denerwujacego wirusa Ukash. Aby ,,splacic kare" musialbym zaplacic 500zl za pomoca Ukash albo Paysafecard. Na szczescie jest od czegos tryb Awaryjny z obsluga sieci... Niestety wirus byl tak zaawansowany, ze dostal sie takze do trybu awaryjnego. Pozostal mi tylko Awaryjny z Wierszem Polecenia. Bardzo prosilbym o szczegulowa pomoc. Ponizej przesylam logi z OLT:
OTL logfile created on: 2012-09-16 13:46:05 - Run 2
OTL by OldTimer - Version 3.2.61.5 Folder = C:\Documents and Settings
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
2,00 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 86,85% Memory free
3,85 Gb Paging File | 3,79 Gb Available in Paging File | 98,42% Paging File free
CHR - Extension: Szukaj w Google = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: No name found = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.2.5.34_0\
[2012-09-07 16:18:11 | 002,911,117 | ---- | M] () -- C:\Documents and Settings\Jacek\Moje dokumenty\Firma - Czas na walkę (Instrumental) pobrano z DjOles.pl pobrano z DjOles.pl.mp3
[2012-09-07 16:17:48 | 002,911,117 | ---- | C] () -- C:\Documents and Settings\Jacek\Moje dokumenty\Firma - Czas na walkę (Instrumental) pobrano z DjOles.pl pobrano z DjOles.pl.mp3
Wirus Ukash: Pomocy!
w Dział pomocy doraźnej
Opublikowano
Witajcie! Ostatnio od glupiego klikania na reklamy, zalapalem okropnie denerwujacego wirusa Ukash. Aby ,,splacic kare" musialbym zaplacic 500zl za pomoca Ukash albo Paysafecard. Na szczescie jest od czegos tryb Awaryjny z obsluga sieci... Niestety wirus byl tak zaawansowany, ze dostal sie takze do trybu awaryjnego. Pozostal mi tylko Awaryjny z Wierszem Polecenia. Bardzo prosilbym o szczegulowa pomoc. Ponizej przesylam logi z OLT:
OTL logfile created on: 2012-09-16 13:46:05 - Run 2
OTL by OldTimer - Version 3.2.61.5 Folder = C:\Documents and Settings
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
2,00 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 86,85% Memory free
3,85 Gb Paging File | 3,79 Gb Available in Paging File | 98,42% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146,48 Gb Total Space | 36,88 Gb Free Space | 25,18% Space Free | Partition Type: NTFS
Drive D: | 86,40 Gb Total Space | 5,78 Gb Free Space | 6,69% Space Free | Partition Type: NTFS
Drive E: | 0,29 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: JACEK | User Name: Jacek | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012-09-16 10:22:33 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\OTL.exe
PRC - [2008-04-15 14:00:00 | 000,396,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012-09-06 20:19:35 | 004,537,664 | ---- | M] () [Auto | Stopped] -- c:\program files\common files\akamai/netsession_win_5891ae0.dll -- (Akamai)
SRV - [2012-08-21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-05-03 20:22:42 | 000,254,464 | ---- | M] (Ryan Conrad) [Auto | Stopped] -- C:\Program Files\Droid Explorer\DroidExplorer.Service.exe -- (DroidExplorerService)
SRV - [2012-04-21 03:16:42 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-03-21 12:23:14 | 000,793,048 | ---- | M] (PC Tools) [Auto | Stopped] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2012-02-29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-01-18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011-08-15 17:18:10 | 001,361,288 | ---- | M] (LogMeIn Inc.) [Auto | Stopped] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011-04-25 05:55:00 | 004,066,168 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc)
SRV - [2011-02-02 11:57:54 | 000,052,288 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper)
SRV - [2010-09-29 03:33:40 | 000,249,856 | ---- | M] () [Auto | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\DCService.exe -- (DCService.exe)
SRV - [2010-06-14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-03-18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2007-03-03 13:48:28 | 000,067,056 | ---- | M] (Ulead Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnet.sys -- (ZTEusbnet)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\massfilter.sys -- (massfilter)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\kqdfryn.sys -- (ayjmud)
DRV - [2012-09-15 19:21:00 | 000,027,424 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hitmanpro36.sys -- (hitmanpro36)
DRV - [2012-08-30 15:40:13 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2012-08-21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012-08-21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012-08-21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012-08-21 11:13:14 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012-08-21 11:13:14 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012-08-21 11:13:13 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012-08-21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012-01-27 13:49:34 | 000,164,992 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\athsgt.sys -- (athsgt)
DRV - [2012-01-27 13:49:33 | 000,012,544 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\limsgt.sys -- (limsgt)
DRV - [2010-11-01 06:08:46 | 000,014,416 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0)
DRV - [2010-08-27 14:53:32 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2010-08-07 18:48:30 | 000,106,496 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010-07-27 16:25:48 | 000,072,832 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010-07-27 10:52:02 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010-03-20 13:06:58 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2010-02-26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010-02-26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-02-26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-02-26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010-02-26 14:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010-01-27 04:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009-03-18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007-05-10 12:28:08 | 004,419,584 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2007-04-14 10:28:00 | 000,094,592 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2006-12-24 05:15:18 | 000,027,904 | ---- | M] (Compuware Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\xPADFL02.sys -- (XPADFL02)
DRV - [2006-11-02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006-04-01 17:16:44 | 000,162,176 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V0260Vid.sys -- (V0260VID)
DRV - [2005-01-01 11:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{4fa67103-5daf-45a1-9ddb-236d1ff7a590}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg....r=&d=2012-09-14 17:56:52&v=12.2.5.34&sap=hp
IE - HKCU\..\URLSearchHook: {22dbe5ef-4a42-4a71-85db-502caed821fc} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...0000019dbd0b4b2
IE - HKCU\..\SearchScopes\{4fa67103-5daf-45a1-9ddb-236d1ff7a590}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKCU\..\SearchScopes\{8095CFA5-4A48-4EFA-ABFE-EEFEA04EB379}: "URL" = http://www.google.co...q={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....r=&d=2012-09-14 17:56:52&v=12.2.5.34&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpr...q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2612669
IE - HKCU\..\SearchScopes\{C2529EE5-9EED-412F-B3E2-6F2DE94E3FB1}: "URL" = http://websearch.ask...B-85C62CD4C7F5
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://isearch.avg.com?cid=%7Bb5bf6539-08db-40c9-9fcb-07e41c78b9a5%7D&mid=87e7d85621174e188e24cdc58575a011-e41fa53fe9f36fd0e273bc36718ba8099b9fa4a9&ds=ax011&v=12.2.5.34&lang=pl&pr=&d=2012-09-14%2017%3A56%3A52&sap=hp"
FF - prefs.js..extensions.enabledAddons: m3ffxtbr@mywebsearch.com:1.3
FF - prefs.js..extensions.enabledAddons: battlefieldplay4free@ea.com:1.0.66.2
FF - prefs.js..extensions.enabledAddons: 3gffxtbr@FestiveBar_3g.com:2.26.0.46753
FF - prefs.js..extensions.enabledAddons: {90b49673-5506-483e-b92b-ca0265bd9ca8}:3.15.1.0
FF - prefs.js..extensions.enabledAddons: ffxtlbr@babylon.com:1.5.0
FF - prefs.js..extensions.enabledAddons: battlefieldheroespatcher@ea.com:5.0.145.0
FF - prefs.js..extensions.enabledAddons: avg@toolbar:12.2.5.34
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.227.0
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.90
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {75656794-AB59-4712-BFBC-5D816D56F3BC}:1.1.7
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2612669&SearchSource=2&q="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 51455
FF - prefs.js..network.proxy.type: 4
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.90: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.99: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010-09-13 20:52:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-09-15 19:42:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-05-08 00:35:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-11-28 18:05:27 | 000,000,000 | ---D | M]
[2010-07-26 19:53:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Extensions
[2012-09-10 19:15:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\extensions
[2010-09-10 21:27:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012-08-24 09:42:19 | 000,000,000 | ---D | M] (IMVU Inc Community Toolbar) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}
[2012-08-24 09:42:18 | 000,000,000 | ---D | M] (FestiveBar) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\extensions\3gffxtbr@FestiveBar_3g.com
[2012-09-10 19:15:38 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\extensions\battlefieldheroespatcher@ea.com
[2012-04-28 13:29:04 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\extensions\battlefieldplay4free@ea.com
[2012-08-30 17:10:15 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\extensions\ffxtlbr@babylon.com
[2012-02-20 20:32:42 | 000,000,000 | ---D | M] (My Web Search) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\extensions\m3ffxtbr@mywebsearch.com
[2011-03-28 20:13:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\extensions\nostmp
[2012-05-01 14:18:33 | 000,000,000 | ---D | M] (YouTube to ALLPlayer) -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\extensions\YouTubetoALL@ALLPlayer.org
[2011-08-23 22:16:36 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\searchplugins\askcom.xml
[2011-10-26 21:21:44 | 000,009,932 | ---- | M] () -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\searchplugins\mywebsearch.xml
[2010-11-29 21:47:37 | 000,002,374 | ---- | M] () -- C:\Documents and Settings\Jacek\Dane aplikacji\Mozilla\Firefox\Profiles\zg4jvt8i.default\searchplugins\search.xml
[2012-05-08 00:35:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-08-30 09:53:46 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DANE APLIKACJI\AVG SECURE SEARCH\12.2.5.34
[2012-04-21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-10-03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012-04-21 04:18:44 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-08-30 15:39:51 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012-04-21 04:18:44 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-04-21 04:18:44 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-04-21 04:18:44 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-04-21 04:18:44 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-04-21 04:18:44 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
========== Chrome ==========
CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: getPlusPlus for Adobe 16290 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files\FestiveBar_3g\bar\1.bin\NP3gStub.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: No name found = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.2.5.34_0\
CHR - Extension: Gmail = C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
Hosts file not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (YouTube To ALLPlayer) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLPlayer\YouTubeToALLPlayer.dll (ALLPlayer.org)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {CCCADFDB-F59C-578E-34B0-4C80C69F0003} - c:\windows\system32\dll221.dll File not found
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {9AE277E9-32F4-46D5-94F4-20201609D1D0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [iPlusManager] C:\Program Files\iPlus\iPlusChecker.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [ROC_ROC_NT] "C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT File not found
O4 - HKLM..\Run: [uVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe (InterVideo Digital Technology Corporation)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [engel] C:\Documents and Settings\Jacek\Dane aplikacji\updates\updates.exe File not found
O4 - HKCU..\Run: [MusicWrzuta] G:\MusicWrzuta.exe /v File not found
O4 - HKCU..\Run: [sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKCU..\Run: [steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [tuaca] C:\Documents and Settings\Jacek\tuaca.exe /d File not found
O4 - HKCU..\Run: [Windows Init] "C:\Documents and Settings\Jacek\Dane aplikacji\xwxa1zco1usyyzoiybsoxgfygdrqgqoi2\svcnost.exe" File not found
O4 - Startup: C:\Documents and Settings\Jacek\Menu Start\Programy\Autostart\IMVU.lnk = C:\Documents and Settings\Jacek\Dane aplikacji\IMVUClient\IMVUQualityAgent.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Jacek\Menu Start\Programy\IMVU\Run IMVU.lnk ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{08AB8CA5-F305-432C-B2BB-26F421F94263}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Documents and Settings\Jacek\Dane aplikacji\msconfig.dat) - C:\Documents and Settings\Jacek\Dane aplikacji\msconfig.dat ()
O24 - Desktop Components:0 () - http://pl.memgenerat...bkowy-pl-ffffff
O31 - SafeBoot: UseAlternatShell - 1
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-07-26 18:59:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012-09-16 12:37:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\DeepBurner
[2012-09-16 12:37:08 | 000,000,000 | ---D | C] -- C:\Program Files\Astonsoft
[2012-09-16 12:33:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Nero
[2012-09-16 12:33:47 | 000,089,184 | ---- | C] (Ahead Software AG and its licensors) -- C:\WINDOWS\System32\drivers\imagedrv.sys
[2012-09-16 12:33:47 | 000,057,344 | ---- | C] (Ahead Software AG) -- C:\WINDOWS\System32\ImageDrive.cpl
[2012-09-16 12:33:38 | 000,569,344 | ---- | C] (Pegasus Software,LLC) -- C:\WINDOWS\System32\imagr5.dll
[2012-09-16 12:33:38 | 000,544,768 | ---- | C] (Pegasus Software, LLC) -- C:\WINDOWS\System32\imagx5.dll
[2012-09-16 12:33:38 | 000,283,920 | ---- | C] (Pegasus Software, LLC) -- C:\WINDOWS\System32\ImagXpr5.dll
[2012-09-16 12:33:38 | 000,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe
[2012-09-16 12:33:38 | 000,038,912 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\picn20.dll
[2012-09-16 12:33:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2012-09-16 12:33:35 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead
[2012-09-16 10:44:39 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012-09-15 19:42:14 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012-09-15 19:42:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\avast! Free Antivirus
[2012-09-15 19:42:13 | 000,355,632 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012-09-15 19:42:10 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012-09-15 19:42:10 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012-09-15 19:42:09 | 000,729,752 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012-09-15 19:42:08 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012-09-15 19:42:08 | 000,089,624 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012-09-15 19:42:08 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012-09-15 19:41:44 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012-09-15 19:41:43 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012-09-15 19:41:23 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012-09-15 19:41:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2012-09-15 19:06:39 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2012-09-15 19:06:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\HitmanPro
[2012-09-15 17:25:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
[2012-09-15 17:24:59 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012-09-15 16:49:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2012-09-15 16:48:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012-09-15 16:39:07 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012-09-15 16:39:07 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012-09-15 16:39:07 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012-09-15 16:39:07 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012-09-15 16:39:00 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012-09-15 15:12:03 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-09-15 14:40:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\wxDownload Fast
[2012-09-15 14:40:35 | 000,000,000 | ---D | C] -- C:\Program Files\wxDownload Fast
[2012-09-15 14:40:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Premium
[2012-09-15 14:40:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\GBox
[2012-09-15 14:40:29 | 000,000,000 | ---D | C] -- C:\Program Files\SProtector
[2012-09-15 14:38:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\InstallMate
[2012-09-14 17:57:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\AVG Secure Search
[2012-09-14 17:56:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\AVG Secure Search
[2012-09-14 17:54:50 | 000,368,104 | ---- | C] (Ringier Axel Springer Polska) -- C:\Documents and Settings\Jacek\Moje dokumenty\gimp-282-setupexe.exe
[2012-09-12 20:40:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Menu Start\Programy\Fraps
[2012-09-12 20:28:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Game Booster 3
[2012-09-12 20:28:42 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2012-09-12 20:28:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit
[2012-09-12 20:18:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Moje dokumenty\Battlefield Heroes
[2012-09-12 19:01:54 | 000,000,000 | ---D | C] -- C:\Program Files\EA Games
[2012-09-08 11:39:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Moje dokumenty\Kolaże
[2012-09-07 19:01:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\Registry Mechanic
[2012-09-07 17:21:09 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBox210.ocx
[2012-09-07 17:21:09 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBox10.ocx
[2012-09-07 17:21:09 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBoxVB12.ocx
[2012-09-07 17:21:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\PC Tools Registry Mechanic
[2012-09-07 17:21:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2012-09-07 17:21:06 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Registry Mechanic
[2012-09-03 16:44:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Adobe
[2012-09-03 15:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Moje dokumenty\f_data
[2012-09-02 11:31:53 | 000,000,000 | ---D | C] -- C:\Premiere
[2012-09-02 11:22:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012-09-02 11:22:53 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Download Assistant
[2012-08-30 15:40:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\BabylonToolbar
[2012-08-28 14:50:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Menu Start\Programy\ElcomSoft
[2012-08-28 14:50:13 | 000,000,000 | ---D | C] -- C:\Program Files\ElcomSoft
[2012-08-28 11:23:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Softwrap
[2012-08-28 11:23:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Fonts
[2012-08-28 11:23:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Config
[2012-08-28 11:23:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Menu Start\Programy\Game Maker 7
[2012-08-28 11:23:15 | 000,000,000 | ---D | C] -- C:\Program Files\Game_Maker7
[2012-08-28 11:03:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Moje dokumenty\New Unity Project 3
[2012-08-28 10:59:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Moje dokumenty\New Unity Project 2
[2012-08-27 10:08:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\IMVU
[2012-08-27 10:08:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Menu Start\Programy\IMVU
[2012-08-27 10:07:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\IMVUClient
[2012-08-25 12:14:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Caphyon
[2012-08-25 12:14:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Google SketchUp 8
[2012-08-25 12:14:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Google
[2012-08-25 12:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\ProGrupa sp. z o.o
[2012-08-24 12:31:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Moje dokumenty\New Unity Project 1
[2012-08-24 12:13:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Moje dokumenty\New Unity Project
[2012-08-24 11:59:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\Unity
[2012-08-24 11:48:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Moje dokumenty\Nowy folder
[2012-08-24 11:39:50 | 000,000,000 | ---D | C] -- C:\tmp
[2012-08-24 11:37:34 | 000,000,000 | ---D | C] -- C:\Program Files\2.63
[2012-08-24 11:20:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\FaceGen
[2012-08-24 11:20:28 | 000,000,000 | ---D | C] -- C:\Program Files\Singular Inversions
[2012-08-24 11:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PACE Anti-Piracy
[2012-08-24 11:02:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\PACE Anti-Piracy
[2012-08-24 11:02:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\PACE Anti-Piracy
[2012-08-24 11:02:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PACE Anti-Piracy
[2012-08-24 11:01:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Blender Foundation
[2012-08-24 10:56:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Unity Projects
[2012-08-24 10:56:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Unity
[2012-08-24 09:42:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\FestiveBar_3g
[2012-08-23 09:22:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\Mocyot
[2012-08-23 09:22:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\Isonhi
[2012-08-23 09:22:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\Giim
[2012-08-23 09:21:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jacek\Dane aplikacji\x2hrewgthpqxznnxovzywufevitsphki2
[2012-05-10 11:57:00 | 015,195,136 | ---- | C] (Blender Foundation) -- C:\Program Files\blenderplayer.exe
[2012-05-10 11:56:06 | 028,058,624 | ---- | C] (Blender Foundation) -- C:\Program Files\blender.exe
[2012-02-20 10:21:02 | 000,174,592 | ---- | C] (Creative Labs) -- C:\Program Files\wrap_oal.dll
[2012-02-20 10:21:02 | 000,090,112 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Program Files\OpenAL32.dll
[2012-01-27 17:24:31 | 002,161,160 | ---- | C] (DownVision ) -- C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\setup.exe
[2012-01-13 18:59:31 | 003,623,592 | ---- | C] (Ask) -- C:\Program Files\Common Files\ApnToolbarInstaller.exe
[2012-01-13 18:59:31 | 000,143,240 | ---- | C] (Ask.com) -- C:\Program Files\Common Files\ApnStub.exe
[2011-03-04 02:13:52 | 002,343,936 | ---- | C] (Python Software Foundation) -- C:\Program Files\python32.dll
[2008-04-11 03:32:14 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcr90.dll
[2008-04-11 03:32:14 | 000,572,928 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcp90.dll
[2008-04-10 21:52:48 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcm90.dll
[2007-12-28 23:23:04 | 000,086,070 | ---- | C] (Open Source Software community project) -- C:\Program Files\pthreadVC2.dll
[2007-11-07 01:19:22 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Program Files\vcomp90.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012-09-16 13:37:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-09-16 13:23:54 | 000,000,432 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2012-09-16 13:19:14 | 000,000,045 | ---- | M] () -- C:\Documents and Settings\Jacek\Dane aplikacji\msconfig.ini
[2012-09-16 13:18:47 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RMAutoUpdate.job
[2012-09-16 13:18:45 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
[2012-09-16 13:18:42 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-09-16 13:18:42 | 000,000,506 | -H-- | M] () -- C:\WINDOWS\tasks\WxDFastUpdaterTask{A94E8C95-6149-4EBB-982A-34A97DDDF140}.job
[2012-09-16 13:18:42 | 000,000,488 | -H-- | M] () -- C:\WINDOWS\tasks\GBoxUpdaterTask{A7B223BD-0AE7-4775-8D8B-09754DB14821}.job
[2012-09-16 13:18:42 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012-09-16 13:18:42 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\Express Files Updater.job
[2012-09-16 12:31:27 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012-09-16 06:54:03 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-09-16 06:37:15 | 000,001,132 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-57989841-117609710-682003330-1004UA.job
[2012-09-15 22:16:25 | 000,001,112 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-57989841-117609710-682003330-500Core.job
[2012-09-15 19:42:14 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2012-09-15 19:42:09 | 000,002,644 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012-09-15 19:21:00 | 000,027,424 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro36.sys
[2012-09-15 19:18:03 | 000,015,364 | ---- | M] () -- C:\WINDOWS\System32\.crusader
[2012-09-15 18:21:01 | 000,079,360 | ---- | M] () -- C:\Documents and Settings\Jacek\3hnx.exe
[2012-09-15 18:19:12 | 000,000,884 | ---- | M] () -- C:\Documents and Settings\Jacek\Menu Start\Programy\Autostart\IMVU.lnk
[2012-09-15 15:47:16 | 000,131,072 | ---- | M] () -- C:\Documents and Settings\Jacek\xouhof.com
[2012-09-15 15:37:09 | 000,549,584 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-09-14 21:43:34 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RMSchedule.job
[2012-09-14 18:01:09 | 000,270,240 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2012-09-14 17:54:49 | 000,368,104 | ---- | M] (Ringier Axel Springer Polska) -- C:\Documents and Settings\Jacek\Moje dokumenty\gimp-282-setupexe.exe
[2012-09-14 17:53:19 | 000,468,072 | ---- | M] () -- C:\Documents and Settings\Jacek\Moje dokumenty\GIMP(13219).exe
[2012-09-14 17:36:54 | 000,270,240 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2012-09-14 16:33:49 | 000,000,056 | ---- | M] () -- C:\WINDOWS\Kulki.ini
[2012-09-14 15:37:00 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-57989841-117609710-682003330-1004Core.job
[2012-09-14 15:28:55 | 000,238,592 | ---- | M] () -- C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-09-14 13:22:18 | 000,002,645 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\Global.sw2
[2012-09-14 12:52:59 | 000,094,208 | ---- | M] () -- C:\Documents and Settings\Jacek\kaukus.com
[2012-09-14 11:32:41 | 000,208,188 | ---- | M] () -- C:\Documents and Settings\Jacek\Pulpit\piknikrodzinny.pdf
[2012-09-14 10:09:52 | 000,094,208 | ---- | M] () -- C:\Documents and Settings\Jacek\maamal.com
[2012-09-13 17:56:18 | 000,200,761 | ---- | M] () -- C:\Documents and Settings\Jacek\zqdb.exe
[2012-09-12 20:17:35 | 000,138,056 | ---- | M] () -- C:\Documents and Settings\Jacek\Dane aplikacji\PnkBstrK.sys
[2012-09-10 07:14:18 | 000,131,072 | ---- | M] () -- C:\Documents and Settings\Jacek\zeubov.com
[2012-09-09 12:35:22 | 000,073,728 | ---- | M] () -- C:\Documents and Settings\Jacek\xouliv.com
[2012-09-08 10:51:56 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Jacek\wieiw.com
[2012-09-07 19:32:07 | 000,779,598 | ---- | M] () -- C:\Documents and Settings\Jacek\Pulpit\cz.bmp
[2012-09-07 17:21:09 | 000,000,871 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\PC Tools Registry Mechanic.lnk
[2012-09-07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012-09-07 16:18:11 | 002,911,117 | ---- | M] () -- C:\Documents and Settings\Jacek\Moje dokumenty\Firma - Czas na walkę (Instrumental) pobrano z DjOles.pl pobrano z DjOles.pl.mp3
[2012-09-07 16:10:06 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Jacek\yaugev.com
[2012-09-03 15:55:06 | 000,001,340 | ---- | M] () -- C:\Documents and Settings\Jacek\Moje dokumenty\f.aup
[2012-09-03 15:13:54 | 000,016,000 | ---- | M] () -- C:\Documents and Settings\Jacek\tnol.com
[2012-09-03 13:21:30 | 000,028,253 | ---- | M] () -- C:\Documents and Settings\Jacek\ynat.com
[2012-09-03 12:38:36 | 000,024,000 | ---- | M] () -- C:\Documents and Settings\Jacek\faawof.com
[2012-09-03 07:25:40 | 000,028,253 | ---- | M] () -- C:\Documents and Settings\Jacek\xujez.com
[2012-09-03 07:23:14 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-09-01 17:28:44 | 000,028,253 | ---- | M] () -- C:\Documents and Settings\Jacek\wipoc.com
[2012-09-01 10:52:22 | 000,028,253 | ---- | M] () -- C:\Documents and Settings\Jacek\qeoqek.com
[2012-09-01 10:46:37 | 000,028,253 | ---- | M] () -- C:\Documents and Settings\Jacek\dyaf.com
[2012-09-01 08:41:24 | 000,028,253 | ---- | M] () -- C:\Documents and Settings\Jacek\beixec.com
[2012-08-31 12:05:25 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\Jacek\xaijoz.com
[2012-08-31 11:27:38 | 000,202,888 | ---- | M] () -- C:\Documents and Settings\Jacek\2guf.exe
[2012-08-30 15:40:28 | 000,000,463 | ---- | M] () -- C:\user.js
[2012-08-28 11:31:52 | 000,010,694 | ---- | M] () -- C:\Documents and Settings\Jacek\Moje dokumenty\ads.bmp
[2012-08-28 11:23:34 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SwSys2.bmp
[2012-08-28 11:23:34 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SwSys1.bmp
[2012-08-24 11:37:47 | 000,134,382 | ---- | M] () -- C:\Program Files\uninstall.exe
[2012-08-23 21:51:09 | 133,183,672 | ---- | M] () -- C:\Documents and Settings\Jacek\Moje dokumenty\setup_11.0.0.1245.x01_2012_08_23_21_03.exe
[2012-08-23 20:35:56 | 000,000,043 | ---- | M] () -- C:\Documents and Settings\Jacek\Dane aplikacji\B9F2E7.dat
[2012-08-23 09:21:00 | 000,000,054 | ---- | M] () -- C:\Documents and Settings\Jacek\inv.vbs
[2012-08-21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012-08-21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012-08-21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012-08-21 11:13:14 | 000,097,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012-08-21 11:13:14 | 000,089,624 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012-08-21 11:13:14 | 000,035,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012-08-21 11:13:13 | 000,025,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012-08-21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012-08-21 11:12:33 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012-08-21 11:12:23 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012-09-16 11:52:25 | 000,161,720 | ---- | C] () -- C:\Program Files\3gres.dll
[2012-09-15 19:42:14 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2012-09-15 19:42:09 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012-09-15 19:32:40 | 000,001,112 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-57989841-117609710-682003330-500Core.job
[2012-09-15 19:19:32 | 000,027,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro36.sys
[2012-09-15 19:18:03 | 000,015,364 | ---- | C] () -- C:\WINDOWS\System32\.crusader
[2012-09-15 16:39:07 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012-09-15 16:39:07 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012-09-15 16:39:07 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012-09-15 16:39:07 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012-09-15 16:39:07 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012-09-15 15:47:16 | 000,131,072 | ---- | C] () -- C:\Documents and Settings\Jacek\xouhof.com
[2012-09-15 14:40:31 | 000,000,488 | -H-- | C] () -- C:\WINDOWS\tasks\GBoxUpdaterTask{A7B223BD-0AE7-4775-8D8B-09754DB14821}.job
[2012-09-15 14:38:52 | 000,000,506 | -H-- | C] () -- C:\WINDOWS\tasks\WxDFastUpdaterTask{A94E8C95-6149-4EBB-982A-34A97DDDF140}.job
[2012-09-15 08:35:53 | 000,000,045 | ---- | C] () -- C:\Documents and Settings\Jacek\Dane aplikacji\msconfig.ini
[2012-09-15 08:35:49 | 000,079,360 | ---- | C] () -- C:\Documents and Settings\Jacek\3hnx.exe
[2012-09-14 17:53:34 | 000,468,072 | ---- | C] () -- C:\Documents and Settings\Jacek\Moje dokumenty\GIMP(13219).exe
[2012-09-14 12:52:59 | 000,094,208 | ---- | C] () -- C:\Documents and Settings\Jacek\kaukus.com
[2012-09-14 11:32:41 | 000,208,188 | ---- | C] () -- C:\Documents and Settings\Jacek\Pulpit\piknikrodzinny.pdf
[2012-09-14 10:09:52 | 000,094,208 | ---- | C] () -- C:\Documents and Settings\Jacek\maamal.com
[2012-09-13 17:56:18 | 000,200,761 | ---- | C] () -- C:\Documents and Settings\Jacek\zqdb.exe
[2012-09-12 20:28:53 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
[2012-09-10 07:14:18 | 000,131,072 | ---- | C] () -- C:\Documents and Settings\Jacek\zeubov.com
[2012-09-09 12:35:22 | 000,073,728 | ---- | C] () -- C:\Documents and Settings\Jacek\xouliv.com
[2012-09-08 10:51:56 | 000,122,880 | ---- | C] () -- C:\Documents and Settings\Jacek\wieiw.com
[2012-09-07 19:32:06 | 000,779,598 | ---- | C] () -- C:\Documents and Settings\Jacek\Pulpit\cz.bmp
[2012-09-07 19:00:01 | 000,000,272 | ---- | C] () -- C:\WINDOWS\tasks\RMAutoUpdate.job
[2012-09-07 17:21:14 | 000,000,274 | ---- | C] () -- C:\WINDOWS\tasks\RMSchedule.job
[2012-09-07 17:21:09 | 000,000,871 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\PC Tools Registry Mechanic.lnk
[2012-09-07 17:21:08 | 000,037,336 | ---- | C] () -- C:\WINDOWS\System32\CleanMFT32.exe
[2012-09-07 16:17:48 | 002,911,117 | ---- | C] () -- C:\Documents and Settings\Jacek\Moje dokumenty\Firma - Czas na walkę (Instrumental) pobrano z DjOles.pl pobrano z DjOles.pl.mp3
[2012-09-07 16:10:06 | 000,122,880 | ---- | C] () -- C:\Documents and Settings\Jacek\yaugev.com
[2012-09-03 15:55:06 | 000,001,340 | ---- | C] () -- C:\Documents and Settings\Jacek\Moje dokumenty\f.aup
[2012-09-03 15:13:54 | 000,016,000 | ---- | C] () -- C:\Documents and Settings\Jacek\tnol.com
[2012-09-03 13:21:30 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jacek\ynat.com
[2012-09-03 12:38:36 | 000,024,000 | ---- | C] () -- C:\Documents and Settings\Jacek\faawof.com
[2012-09-03 07:25:40 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jacek\xujez.com
[2012-09-02 11:22:53 | 000,000,796 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Download Assistant.lnk
[2012-09-01 17:28:44 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jacek\wipoc.com
[2012-09-01 10:52:22 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jacek\qeoqek.com
[2012-09-01 10:46:37 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jacek\dyaf.com
[2012-09-01 08:41:24 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jacek\beixec.com
[2012-08-31 12:05:25 | 000,036,864 | ---- | C] () -- C:\Documents and Settings\Jacek\xaijoz.com
[2012-08-31 11:27:38 | 000,202,888 | ---- | C] () -- C:\Documents and Settings\Jacek\2guf.exe
[2012-08-28 11:31:52 | 000,010,694 | ---- | C] () -- C:\Documents and Settings\Jacek\Moje dokumenty\ads.bmp
[2012-08-28 11:23:34 | 000,002,645 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\Global.sw2
[2012-08-28 11:23:34 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SwSys2.bmp
[2012-08-28 11:23:34 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SwSys1.bmp
[2012-08-27 10:15:17 | 000,000,884 | ---- | C] () -- C:\Documents and Settings\Jacek\Menu Start\Programy\Autostart\IMVU.lnk
[2012-08-24 11:37:47 | 000,134,382 | ---- | C] () -- C:\Program Files\uninstall.exe
[2012-08-24 11:20:33 | 000,002,621 | ---- | C] () -- C:\Documents and Settings\Jacek\Menu Start\Programy\FaceGen Modeller 3.5 Free.lnk
[2012-08-23 21:37:34 | 133,183,672 | ---- | C] () -- C:\Documents and Settings\Jacek\Moje dokumenty\setup_11.0.0.1245.x01_2012_08_23_21_03.exe
[2012-08-23 09:22:48 | 000,000,043 | ---- | C] () -- C:\Documents and Settings\Jacek\Dane aplikacji\B9F2E7.dat
[2012-08-23 09:21:00 | 000,000,054 | ---- | C] () -- C:\Documents and Settings\Jacek\inv.vbs
[2012-08-10 17:39:13 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jacek\jde.com
[2012-08-10 13:26:53 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jacek\baudof.com
[2012-08-10 13:26:21 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jacek\wavaj.com
[2012-08-10 13:25:37 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jacek\noopih.com
[2012-08-10 13:25:28 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jacek\ziw.com
[2012-08-10 13:25:09 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jacek\soesew.com
[2012-06-28 20:02:53 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2012-05-21 20:03:04 | 000,000,047 | ---- | C] () -- C:\Program Files\FotoCyfraFotocyfra.url
[2012-05-09 21:01:08 | 000,005,712 | ---- | C] () -- C:\Program Files\readme.html
[2012-03-08 13:39:57 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\WebpageIcons.db
[2012-01-27 17:23:59 | 000,460,624 | ---- | C] () -- C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\promo.exe
[2012-01-27 13:49:34 | 000,164,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\athsgt.sys
[2012-01-27 13:49:33 | 000,012,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\limsgt.sys
[2012-01-04 22:17:54 | 001,073,152 | ---- | C] () -- C:\WINDOWS\System32\libmysql_c.dll
[2011-12-17 17:40:58 | 000,000,604 | ---- | C] () -- C:\WINDOWS\Spiderman.INI
[2011-12-15 19:56:13 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\Jacek\.recently-used.xbel
[2011-12-15 19:56:12 | 000,010,440 | ---- | C] () -- C:\Documents and Settings\Jacek\Dokument bez nazwy 2
[2011-11-25 21:22:15 | 000,255,906 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
[2011-11-25 21:22:15 | 000,255,906 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-57989841-117609710-682003330-1004-0.dat
[2011-10-31 00:04:54 | 000,002,048 | -HS- | C] () -- C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\7174992b\@
[2011-09-16 20:56:54 | 000,100,864 | ---- | C] () -- C:\Program Files\BlendThumb64.dll
[2011-09-16 20:56:54 | 000,067,584 | ---- | C] () -- C:\Program Files\BlendThumb.dll
[2011-07-20 13:25:52 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2011-07-13 21:27:46 | 002,304,512 | ---- | C] () -- C:\Program Files\libsndfile-1.dll
[2011-07-07 17:08:48 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\Jacek\Dane aplikacji\PnkBstrK.sys
[2011-07-07 17:08:27 | 000,270,240 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2011-07-07 17:08:26 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2011-05-22 08:58:09 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\{1A72F6F6-C1BE-461C-BFEA-C50EAA06F1BD}
[2011-05-21 10:04:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\{12A1FCB0-F662-4972-BB2D-9523A174CFB9}
[2011-04-13 21:30:23 | 000,000,189 | ---- | C] () -- C:\WINDOWS\GNMIDI.INI
[2011-04-09 17:36:23 | 000,162,304 | ---- | C] () -- C:\Program Files\UNWISE.EXE
[2011-03-24 21:31:44 | 000,210,456 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2011-03-24 21:31:44 | 000,206,360 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2011-03-24 21:31:44 | 000,198,168 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2011-03-24 21:31:44 | 000,198,168 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2011-03-24 21:31:44 | 000,194,072 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2011-03-24 21:31:44 | 000,026,136 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2011-02-28 19:55:25 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2011-02-18 13:29:01 | 000,000,056 | ---- | C] () -- C:\WINDOWS\Kulki.ini
[2011-02-07 17:06:12 | 000,011,239 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010-12-21 18:46:32 | 000,000,284 | ---- | C] () -- C:\WINDOWS\game.ini
[2010-11-30 20:06:55 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010-11-13 21:33:56 | 000,111,104 | ---- | C] () -- C:\WINDOWS\System32\Uharc.exe
[2010-09-23 17:13:24 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2010-07-27 20:30:30 | 000,238,592 | ---- | C] () -- C:\Documents and Settings\Jacek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-07-02 14:28:02 | 000,120,320 | ---- | C] () -- C:\Program Files\zlib.dll
[2008-04-15 14:00:00 | 000,079,360 | ---- | C] () -- C:\Documents and Settings\Jacek\Dane aplikacji\msconfig.dat
========== Alternate Data Streams ==========
@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:D1B5B4F1
@Alternate Data Stream - 963 bytes -> C:\Program Files\WindowsUpdate:GN3RjJGZrAvKnmLrIlrQNGrM1
@Alternate Data Stream - 904 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\Microsoft:hmW2rMRrVRuruv5SrbMmaMzKK
@Alternate Data Stream - 1064 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\Microsoft:JL1zJiq1oi8mAjgQi4ZFh8g
@Alternate Data Stream - 1033 bytes -> C:\Program Files\WindowsUpdate:x0rS8AfXlXGI7dTcnJhL2h
< End of report >