Witam mam ogromny problem z komputerem. Gdy włączy mi się już komputer to za chwilkę wyskakuje mi okienko zamykanie systemu w ciągu 60 sekund.
takie czerwone którego nie można zamknąć że wystąpił błąd- 2147483645 c:Windows/system32/services.exe.
nic nie mogę zrobić, odmierza ten czas po czym zacina się komputer i nie chce się zamknąć w czym może być problem ?
skanowałem moim (aktywnym cały czas Nod32), skanerem online mks_vir oraz Element ukryty. Rejestracja zajmie tylko minutę! - Search & Destroy. Raportu z combofixa nie mogę zrobić ponieważ zacina mi się na 8 etapie. Zrobiłem tylko z OTL.
OTL RAPORT:
OTL logfile created on: 2011-07-30 17:29:57 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Tobik33\Pulpit\PLIKI POBRANE
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
3,00 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 74,44% Memory free
4,84 Gb Paging File | 4,32 Gb Available in Paging File | 89,19% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = D:\
Drive C: | 20,68 Gb Total Space | 5,83 Gb Free Space | 28,19% Space Free | Partition Type: NTFS
Drive D: | 10,74 Gb Total Space | 4,63 Gb Free Space | 43,14% Space Free | Partition Type: NTFS
Drive E: | 42,97 Gb Total Space | 9,06 Gb Free Space | 21,09% Space Free | Partition Type: NTFS
Computer Name: TOBIK | User Name: Tobik33 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011-07-30 17:29:19 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tobik33\Pulpit\PLIKI POBRANE\OTL.exe
PRC - [2011-06-24 15:57:45 | 000,924,632 | ---- | M] (Mozilla Corporation) -- D:\Mozilla Firefox\firefox.exe
PRC - [2011-01-20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- D:\DAEMON Tools Lite\DTLite.exe
PRC - [2010-09-13 21:02:44 | 000,399,872 | ---- | M] (Windows Codename Longhorn DDK provider) -- D:\UPHClean\uphclean.exe
PRC - [2010-04-07 22:08:52 | 000,810,120 | ---- | M] (ESET) -- D:\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2010-04-07 22:08:30 | 002,145,000 | ---- | M] (ESET) -- D:\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2010-01-09 22:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
PRC - [2009-02-25 19:28:28 | 001,256,960 | ---- | M] () -- D:\foobar2000\foobar2000.exe
PRC - [2008-04-14 22:51:26 | 001,414,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mmc.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,105,472 | ---- | M] (Microsoft Corp. i Executive Software International, Inc.) -- C:\WINDOWS\system32\dfrgntfs.exe
========== Modules (SafeList) ==========
MOD - [2011-07-30 17:29:19 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tobik33\Pulpit\PLIKI POBRANE\OTL.exe
MOD - [2010-08-23 18:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Running] -- -- (wuauserv)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2010-12-08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- D:\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-09-13 21:02:44 | 000,399,872 | ---- | M] (Windows Codename Longhorn DDK provider) [Auto | Running] -- D:\UPHClean\uphclean.exe -- (UPHClean)
SRV - [2010-04-07 22:13:20 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- D:\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010-04-07 22:08:52 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- D:\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2010-01-09 22:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010-01-09 22:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006-12-01 11:46:28 | 000,918,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)
========== Driver Services (SafeList) ==========
DRV - [2011-07-02 15:24:14 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011-07-02 15:06:22 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011-01-13 17:51:59 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2011-01-13 17:51:59 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010-09-11 04:19:16 | 005,417,472 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010-07-30 15:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010-07-30 15:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-07-30 15:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-07-30 15:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010-07-20 16:00:53 | 000,016,376 | ---- | M] (Windows 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010-04-07 22:09:48 | 000,095,872 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010-04-07 22:08:36 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010-04-07 22:05:12 | 000,140,216 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009-11-18 12:24:26 | 000,095,232 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007-09-19 15:44:46 | 000,101,504 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007-09-19 11:16:32 | 004,617,728 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1606980848-1275210071-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-1606980848-1275210071-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: " "
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: martwebprinting@hp.com">smartwebprinting@hp.com:4.5
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {FBF6D7FB-F305-4445-BB3D-FEF66579A033}:5.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\MI7967~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\MI7967~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: D:\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-07-20 16:11:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: D:\Mozilla Firefox\components [2011-06-24 15:57:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: D:\Mozilla Firefox\plugins [2011-06-15 19:13:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: D:\Mozilla Thunderbird\components [2011-06-24 15:18:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: D:\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-12-30 22:10:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: D:\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-07-20 16:11:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\Tobik33\Dane aplikacji\IDM\idmmzcc3
[2010-09-07 21:32:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tobik33\Dane aplikacji\Mozilla\Extensions
[2010-09-07 21:32:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tobik33\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011-07-01 13:15:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tobik33\Dane aplikacji\Mozilla\Firefox\Profiles\xkkuq7sq.default\extensions
[2011-01-12 16:04:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Tobik33\Dane aplikacji\Mozilla\Firefox\Profiles\xkkuq7sq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011-06-22 22:23:20 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Tobik33\Dane aplikacji\Mozilla\Firefox\Profiles\xkkuq7sq.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011-07-01 13:15:44 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\Tobik33\Dane aplikacji\Mozilla\Firefox\Profiles\xkkuq7sq.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011-04-19 20:07:35 | 000,000,000 | ---D | M] (Multirow Bookmarks Toolbar) -- C:\Documents and Settings\Tobik33\Dane aplikacji\Mozilla\Firefox\Profiles\xkkuq7sq.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
[2011-06-26 08:44:46 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Tobik33\Dane aplikacji\Mozilla\Firefox\Profiles\xkkuq7sq.default\extensions\engine@conduit.com
[2011-06-20 14:07:48 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\Tobik33\Dane aplikacji\Mozilla\Firefox\Profiles\xkkuq7sq.default\searchplugins\conduit.xml
[2011-05-26 18:13:20 | 000,001,709 | ---- | M] () -- C:\Documents and Settings\Tobik33\Dane aplikacji\Mozilla\Firefox\Profiles\xkkuq7sq.default\searchplugins\filmweb.xml
[2011-05-05 21:58:28 | 000,000,000 | ---D | M] (No name found) -- D:\\mozilla firefox\extensions
[2010-07-20 16:22:45 | 000,000,000 | ---D | M] (No name found) -- D:\\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-08-18 10:37:43 | 000,000,000 | ---D | M] (Java Console) -- D:\\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-11-09 22:53:43 | 000,000,000 | ---D | M] (Java Console) -- D:\\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-01-02 14:10:28 | 000,000,000 | ---D | M] (Java Console) -- D:\\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011-02-28 17:15:12 | 000,000,000 | ---D | M] (Java Console) -- D:\\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\DOCUMENTS AND SETTINGS\TOBIK33\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\XKKUQ7SQ.DEFAULT\EXTENSIONS\{4C7097F7-08F2-4EF2-9B9F-F95FA4CBB064}.XPI
[2010-08-18 10:37:36 | 000,000,000 | ---D | M] (Java Quick Starter) -- D:\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010-08-18 10:37:43 | 000,000,000 | ---D | M] (Java Console) -- D:\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-11-09 22:53:43 | 000,000,000 | ---D | M] (Java Console) -- D:\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-01-02 14:10:28 | 000,000,000 | ---D | M] (Java Console) -- D:\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011-02-28 17:15:12 | 000,000,000 | ---D | M] (Java Console) -- D:\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-06-24 15:57:45 | 000,142,296 | ---- | M] () -- D:\\mozilla firefox\components\browsercomps.dll
[2011-02-02 22:40:24 | 000,472,808 | ---- | M] () -- D:\\mozilla firefox\plugins\npdeployJava1.dll
[2011-05-05 22:03:11 | 000,002,767 | ---- | M] () -- D:\\mozilla firefox\searchplugins\allegro-pl.xml
[2011-05-05 22:03:11 | 000,001,406 | ---- | M] () -- D:\\mozilla firefox\searchplugins\fbc-pl.xml
[2011-05-05 22:03:11 | 000,000,917 | ---- | M] () -- D:\\mozilla firefox\searchplugins\merlin-pl.xml
[2011-05-05 22:03:11 | 000,000,858 | ---- | M] () -- D:\\mozilla firefox\searchplugins\pwn-pl.xml
[2011-05-05 22:03:11 | 000,001,183 | ---- | M] () -- D:\\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-05-05 22:03:11 | 000,001,683 | ---- | M] () -- D:\\mozilla firefox\searchplugins\wp-pl.xml
O1 HOSTS File: ([2011-01-12 15:25:51 | 000,000,906 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 http://www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Microsoft Office 2010\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ATICustomerCare] D:\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [egui] D:\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKU\S-1-5-21-1606980848-1275210071-1801674531-1003..\Run: [DAEMON Tools Lite] D:\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1606980848-1275210071-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1606980848-1275210071-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Microsoft Office 2010\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Ściągnij przy poomocy FlashGet3 - C:\Documents and Settings\Tobik33\Dane aplikacji\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet3 - C:\Documents and Settings\Tobik33\Dane aplikacji\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: 使用快车3下载 - C:\Documents and Settings\Tobik33\Dane aplikacji\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Documents and Settings\Tobik33\Dane aplikacji\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.p...kanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Tobik33\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Tobik33\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-07-20 15:49:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{35c9e640-a4a8-11e0-bfd0-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{35c9e640-a4a8-11e0-bfd0-806d6172696f}\Shell\AutoRun\command - "" = G:\Autorun.exe
O33 - MountPoints2\{42eaf786-2962-11e0-bb7f-001d7d72357e}\Shell - "" = Autorun
O33 - MountPoints2\{42eaf786-2962-11e0-bb7f-001d7d72357e}\Shell\AutoRun\command - "" = Install_Nokia_Ovi_Suite.exe
O33 - MountPoints2\{cbe14856-94de-11df-b97d-001d7d72357e}\Shell\AutoRun\command - "" = G:\i8gcgmg.exe
O33 - MountPoints2\{cbe14856-94de-11df-b97d-001d7d72357e}\Shell\open\Command - "" = G:\i8gcgmg.exe
O33 - MountPoints2\{fbf04a22-940d-11df-b978-001d7d72357e}\Shell\AutoRun\command - "" = H:\lpl.exe
O33 - MountPoints2\{fbf04a22-940d-11df-b978-001d7d72357e}\Shell\open\Command - "" = H:\lpl.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: wuauserv - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk - D:\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - D:\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: ALLUpdate - hkey= - key= - D:\ALLPlayer\ALLUpdate.exe ()
MsConfig - StartUpReg: BCSSync - hkey= - key= - D:\Microsoft Office 2010\Office14\BCSSync.exe (Microsoft Corporation)
MsConfig - StartUpReg: HP Software Update - hkey= - key= - D:\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - File not found
MsConfig - StartUpReg: RDFNSListener - hkey= - key= - D:\RegDefense\RDFNSListener.exe ()
MsConfig - StartUpReg: RTHDCPL - hkey= - key= - C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: SkyTel - hkey= - key= - C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: StartCCC - hkey= - key= - D:\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: swg - hkey= - key= - D:\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
========== Files/Folders - Created Within 30 Days ==========
[2011-07-30 16:22:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Tobik33\Recent
[2011-07-30 16:03:22 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011-07-30 15:46:53 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011-07-30 15:45:18 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011-07-30 15:45:18 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011-07-30 15:45:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011-07-30 15:45:18 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011-07-30 15:45:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011-07-30 15:44:45 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011-07-24 16:22:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tobik33\Pulpit\Pro.Evolution.Soccer.2011-RELOADED
[2011-07-24 16:07:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tobik33\EurekaLog
[2011-07-24 12:31:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tobik33\Moje dokumenty\FIFA 11
[2011-07-23 11:33:07 | 000,000,000 | ---D | C] -- D:\fra
[2011-07-21 16:31:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\microsoft
[2011-07-13 15:05:14 | 000,019,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2011-07-11 17:24:55 | 000,000,000 | ---D | C] -- D:\HDDGURU FreeWipe Tool
[2011-07-03 09:23:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tobik33\Moje dokumenty\Rockstar Games
[2011-07-03 09:11:36 | 000,000,000 | ---D | C] -- D:\Rockstar Games
[2011-07-03 09:06:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive
[2011-07-03 09:06:14 | 000,000,000 | ---D | C] -- D:\Microsoft Games for Windows - LIVE
[2011-07-02 16:28:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tobik33\Ustawienia lokalne\Dane aplikacji\Rockstar Games
[2011-07-02 16:09:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Tobik33\Dane aplikacji\SecuROM
[2011-07-02 16:08:58 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2011-07-02 16:08:10 | 000,000,000 | ---D | C] -- D:\Windows Media Player
[2011-07-02 15:21:56 | 000,218,688 | ---- | C] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2011-07-02 15:20:54 | 000,000,000 | ---D | C] -- D:\DAEMON Tools Lite
[2011-07-02 15:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tobik33\Dane aplikacji\DAEMON Tools Lite
[2011-07-02 15:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011-07-30 16:01:58 | 007,340,032 | -H-- | M] () -- C:\Documents and Settings\Tobik33\NTUSER.DAT
[2011-07-30 15:46:57 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011-07-30 15:45:26 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2011-07-30 15:21:03 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011-07-30 14:42:37 | 000,000,204 | ---- | M] () -- C:\WINDOWS\tasks\AutoKMS.job
[2011-07-30 14:42:08 | 000,001,006 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011-07-30 14:42:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-07-30 09:16:15 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Tobik33\ntuser.ini
[2011-07-29 18:58:12 | 012,123,630 | -H-- | M] () -- C:\Documents and Settings\Tobik33\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2011-07-29 18:16:19 | 000,062,976 | ---- | M] () -- C:\Documents and Settings\Tobik33\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-07-29 18:16:19 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011-07-24 13:52:28 | 000,002,205 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2011-07-24 13:44:51 | 000,000,162 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2011-07-18 07:51:02 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-07-13 15:24:47 | 000,193,776 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-07-02 16:08:58 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2011-07-02 15:25:21 | 001,191,652 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2011-07-02 15:25:21 | 000,532,518 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-07-02 15:25:21 | 000,472,866 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-07-02 15:25:21 | 000,093,948 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-07-02 15:25:21 | 000,075,960 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-07-02 15:24:14 | 000,218,688 | ---- | M] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2011-07-02 15:06:22 | 000,443,448 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011-07-30 15:46:57 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011-07-30 15:46:54 | 000,262,400 | RHS- | C] () -- C:\cmldr
[2011-07-30 15:45:18 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011-07-30 15:45:18 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011-07-30 15:45:18 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011-07-30 15:45:18 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011-07-30 15:45:18 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011-07-02 15:06:22 | 000,443,448 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2011-06-04 19:49:18 | 012,123,630 | -H-- | C] () -- C:\Documents and Settings\Tobik33\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2011-02-23 21:03:15 | 000,000,046 | ---- | C] () -- C:\WINDOWS\adiras.ini
[2011-02-19 10:54:17 | 000,130,048 | RHS- | C] () -- C:\WINDOWS\System32\arking0.dll
[2011-02-07 20:09:37 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat
[2011-01-14 13:42:50 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfmonnt.dll
[2011-01-13 18:41:09 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2011-01-13 17:51:59 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2011-01-13 17:51:59 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2011-01-12 16:50:11 | 000,000,135 | ---- | C] () -- C:\WINDOWS\AutoKMS.ini
[2011-01-12 16:50:10 | 000,614,400 | ---- | C] () -- C:\WINDOWS\AutoKMS.exe
[2011-01-12 15:03:33 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI
[2010-12-25 22:31:12 | 000,130,048 | RHS- | C] () -- C:\WINDOWS\System32\arking1.dll
[2010-11-22 20:54:48 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-11-22 20:54:48 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll
[2010-11-21 22:09:58 | 000,000,204 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat
[2010-11-21 22:08:45 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2010-11-10 00:58:02 | 003,380,970 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1606980848-1275210071-1801674531-1003-0.dat
[2010-11-10 00:58:02 | 000,214,414 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
[2010-09-15 16:46:47 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010-09-13 23:56:40 | 003,323,936 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2010-08-28 10:57:29 | 000,000,162 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2010-08-28 10:50:45 | 000,002,205 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2010-07-30 18:34:28 | 000,000,284 | ---- | C] () -- C:\WINDOWS\game.ini
[2010-07-26 19:39:24 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010-07-22 17:41:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010-07-22 17:41:38 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010-07-22 17:41:38 | 000,224,342 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010-07-22 17:41:38 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010-07-22 17:40:54 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2010-07-22 17:40:50 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2010-07-20 17:41:34 | 001,191,652 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-07-20 17:41:33 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-07-20 17:39:00 | 000,193,776 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-07-20 16:22:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010-07-20 16:12:32 | 000,000,606 | ---- | C] () -- C:\WINDOWS\hpomdl46.dat.temp
[2010-07-20 16:06:31 | 000,062,976 | ---- | C] () -- C:\Documents and Settings\Tobik33\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-07-20 16:03:25 | 000,209,445 | ---- | C] () -- C:\WINDOWS\hpoins46.dat
[2010-07-20 16:03:25 | 000,000,606 | ---- | C] () -- C:\WINDOWS\hpomdl46.dat
[2010-07-20 15:59:31 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010-07-20 15:58:31 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4864.dll
[2010-07-20 15:54:31 | 000,045,272 | ---- | C] () -- C:\Documents and Settings\Tobik33\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-07-20 15:50:35 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010-07-20 15:49:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2010-07-20 15:48:17 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010-07-20 15:48:16 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010-07-20 15:46:36 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010-07-20 15:46:26 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2010-07-20 15:46:26 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2010-07-20 15:45:46 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2010-07-20 15:45:45 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2008-10-22 05:29:06 | 000,173,550 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008-04-14 23:16:20 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008-04-14 22:50:46 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2008-04-14 22:50:38 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2008-04-14 22:50:32 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2008-04-14 22:50:14 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll
[2008-04-14 22:50:00 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2008-04-13 22:51:34 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2008-04-13 22:25:02 | 000,053,920 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe
[2008-04-13 22:22:36 | 000,003,346 | ---- | C] () -- C:\WINDOWS\System32\redir.exe
[2008-04-13 22:20:56 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2008-04-13 22:19:58 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2008-04-13 22:19:44 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2008-04-13 22:19:44 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2008-04-13 22:19:42 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2008-04-13 22:19:40 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2007-04-02 23:04:28 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2006-12-31 07:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2001-10-26 19:29:54 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\dvdplay.exe
[2001-10-26 19:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll
[2001-10-26 19:29:40 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll
[2001-10-26 19:29:32 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2001-10-26 19:28:34 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2001-10-26 19:27:02 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2001-10-26 18:15:16 | 000,532,518 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2001-10-26 18:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2001-10-26 18:15:16 | 000,093,948 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2001-10-26 18:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2001-10-26 18:15:10 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\vwipxspx.exe
[2001-10-26 18:15:08 | 000,011,859 | ---- | C] () -- C:\WINDOWS\System32\setver.exe
[2001-10-26 18:15:08 | 000,003,260 | ---- | C] () -- C:\WINDOWS\System32\nw16.exe
[2001-10-26 18:15:04 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2001-10-26 18:14:58 | 000,007,116 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe
[2001-10-26 18:14:56 | 000,039,434 | ---- | C] () -- C:\WINDOWS\System32\mem.exe
[2001-10-26 18:14:54 | 000,014,913 | ---- | C] () -- C:\WINDOWS\System32\kb16.com
[2001-10-26 18:14:54 | 000,001,168 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com
[2001-10-26 18:14:52 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2001-10-26 18:14:50 | 000,019,806 | ---- | C] () -- C:\WINDOWS\System32\graphics.com
[2001-10-26 18:14:48 | 000,008,520 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe
[2001-10-26 18:14:46 | 000,012,866 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe
[2001-10-26 18:14:42 | 000,020,986 | ---- | C] () -- C:\WINDOWS\System32\debug.exe
[2001-10-26 18:14:38 | 000,051,823 | ---- | C] () -- C:\WINDOWS\System32\command.com
[2001-10-26 18:14:34 | 000,012,594 | ---- | C] () -- C:\WINDOWS\System32\append.exe
[2001-10-26 18:14:32 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2001-10-26 18:12:52 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2001-10-26 17:45:26 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2001-10-26 17:45:26 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2001-10-26 17:45:24 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2001-10-26 17:45:10 | 000,070,622 | ---- | C] () -- C:\WINDOWS\System32\edit.com
[2001-10-26 17:42:08 | 000,020,629 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini
[2001-10-26 17:42:08 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2001-10-26 17:42:08 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2001-10-26 17:42:08 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2001-08-23 15:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-23 15:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-17 23:35:10 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe
[2001-08-17 23:32:34 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe
[2001-08-17 23:32:34 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe
[2001-08-17 23:31:56 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2001-08-17 23:31:56 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2001-08-17 23:31:50 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2001-08-17 23:31:46 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2001-08-17 23:31:46 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2001-08-17 23:31:44 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2001-08-17 23:30:24 | 000,472,866 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-17 23:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-17 23:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-17 23:30:22 | 000,075,960 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-17 23:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-08-17 23:13:24 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv
[2001-08-17 21:55:06 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2001-07-22 04:25:18 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2001-07-22 00:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-07-22 00:36:06 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2001-07-22 00:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-07-22 00:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001-07-22 00:16:20 | 000,000,542 | ---- | C] () -- C:\WINDOWS\win.ini
[2001-07-22 00:15:52 | 000,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2001-07-22 00:15:50 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll
========== LOP Check ==========
[2011-07-02 15:20:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-12-30 22:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2011-01-13 13:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2011-01-30 20:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2011-01-30 19:56:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache
[2011-01-30 19:40:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaMusic
[2011-01-30 19:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2010-09-04 15:10:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sports Interactive
[2011-07-30 16:30:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2011-06-18 10:12:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\AnvSoft
[2010-11-22 21:31:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\Azureus
[2011-06-29 19:22:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\BitComet
[2010-11-21 22:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\BITS
[2011-01-10 17:49:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\CrypTool
[2011-07-02 15:25:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\DAEMON Tools Lite
[2011-06-28 19:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\Day 1 Studios
[2010-12-02 18:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\DMCache
[2010-11-21 22:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\FlashGet
[2010-11-21 22:08:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\FlashGetBHO
[2011-07-29 18:58:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\foobar2000
[2011-01-13 13:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\Gadu-Gadu 10
[2010-07-22 18:41:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\Leadertech
[2011-02-25 17:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\Nokia
[2011-02-25 17:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\Nokia Ovi Suite
[2011-01-30 20:15:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\PC Suite
[2010-11-05 17:15:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\Sports Interactive
[2010-07-20 16:23:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\Thunderbird
[2010-07-20 16:19:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\URSoft
[2011-07-24 19:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\uTorrent
[2010-11-22 22:26:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\WinAVI
[2011-07-30 14:42:37 | 000,000,204 | ---- | M] () -- C:\WINDOWS\Tasks\AutoKMS.job
========== Purity Check ==========
========== Custom Scans ==========
< %systemdrive%\*.* >
[2010-07-20 15:49:02 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011-06-17 21:49:24 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2011-07-30 15:46:57 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2001-07-22 00:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2004-08-03 23:00:14 | 000,262,400 | RHS- | M] () -- C:\cmldr
[2010-07-20 15:49:02 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-07-20 15:49:02 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011-07-29 17:00:29 | 000,045,378 | ---- | M] () -- C:\mksbasel.cpp.log
[2010-07-20 15:49:02 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008-04-13 22:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-04-14 00:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2011-07-30 14:42:03 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
< MD5 for: AGP440.SYS >
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
< MD5 for: ATAPI.SYS >
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\atapi.sys
< MD5 for: BEEP.SYS >
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys
< MD5 for: CDROM.SYS >
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: NDIS.SYS >
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: USERINIT.EXE >
[2008-04-14 22:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008-04-14 22:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe
========== Alternate Data Streams ==========
@Alternate Data Stream - 246 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:B3D74A13
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:1CE11B51
< End of report >
takie czerwone którego nie można zamknąć że wystąpił błąd- 2147483645 c:Windows/system32/services.exe.
nic nie mogę zrobić, odmierza ten czas po czym zacina się komputer i nie chce się zamknąć w czym może być problem ?
skanowałem moim (aktywnym cały czas Nod32), skanerem online mks_vir oraz Element ukryty. Rejestracja zajmie tylko minutę! - Search & Destroy. Raportu z combofixa nie mogę zrobić ponieważ zacina mi się na 8 etapie. Zrobiłem tylko z OTL.
OTL RAPORT:
OTL logfile created on: 2011-07-30 17:29:57 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Tobik33\Pulpit\PLIKI POBRANE
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
3,00 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 74,44% Memory free
4,84 Gb Paging File | 4,32 Gb Available in Paging File | 89,19% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = D:\
Drive C: | 20,68 Gb Total Space | 5,83 Gb Free Space | 28,19% Space Free | Partition Type: NTFS
Drive D: | 10,74 Gb Total Space | 4,63 Gb Free Space | 43,14% Space Free | Partition Type: NTFS
Drive E: | 42,97 Gb Total Space | 9,06 Gb Free Space | 21,09% Space Free | Partition Type: NTFS
Computer Name: TOBIK | User Name: Tobik33 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011-07-30 17:29:19 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tobik33\Pulpit\PLIKI POBRANE\OTL.exe
PRC - [2011-06-24 15:57:45 | 000,924,632 | ---- | M] (Mozilla Corporation) -- D:\Mozilla Firefox\firefox.exe
PRC - [2011-01-20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- D:\DAEMON Tools Lite\DTLite.exe
PRC - [2010-09-13 21:02:44 | 000,399,872 | ---- | M] (Windows Codename Longhorn DDK provider) -- D:\UPHClean\uphclean.exe
PRC - [2010-04-07 22:08:52 | 000,810,120 | ---- | M] (ESET) -- D:\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2010-04-07 22:08:30 | 002,145,000 | ---- | M] (ESET) -- D:\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2010-01-09 22:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
PRC - [2009-02-25 19:28:28 | 001,256,960 | ---- | M] () -- D:\foobar2000\foobar2000.exe
PRC - [2008-04-14 22:51:26 | 001,414,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mmc.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,105,472 | ---- | M] (Microsoft Corp. i Executive Software International, Inc.) -- C:\WINDOWS\system32\dfrgntfs.exe
========== Modules (SafeList) ==========
MOD - [2011-07-30 17:29:19 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tobik33\Pulpit\PLIKI POBRANE\OTL.exe
MOD - [2010-08-23 18:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Running] -- -- (wuauserv)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2010-12-08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- D:\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-09-13 21:02:44 | 000,399,872 | ---- | M] (Windows Codename Longhorn DDK provider) [Auto | Running] -- D:\UPHClean\uphclean.exe -- (UPHClean)
SRV - [2010-04-07 22:13:20 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- D:\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010-04-07 22:08:52 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- D:\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2010-01-09 22:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010-01-09 22:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006-12-01 11:46:28 | 000,918,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)
========== Driver Services (SafeList) ==========
DRV - [2011-07-02 15:24:14 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011-07-02 15:06:22 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011-01-13 17:51:59 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2011-01-13 17:51:59 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010-09-11 04:19:16 | 005,417,472 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010-07-30 15:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010-07-30 15:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-07-30 15:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-07-30 15:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010-07-20 16:00:53 | 000,016,376 | ---- | M] (Windows 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010-04-07 22:09:48 | 000,095,872 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010-04-07 22:08:36 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010-04-07 22:05:12 | 000,140,216 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009-11-18 12:24:26 | 000,095,232 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007-09-19 15:44:46 | 000,101,504 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007-09-19 11:16:32 | 004,617,728 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1606980848-1275210071-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-1606980848-1275210071-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: " "
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: martwebprinting@hp.com">smartwebprinting@hp.com:4.5
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {FBF6D7FB-F305-4445-BB3D-FEF66579A033}:5.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\MI7967~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\MI7967~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: D:\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-07-20 16:11:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: D:\Mozilla Firefox\components [2011-06-24 15:57:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: D:\Mozilla Firefox\plugins [2011-06-15 19:13:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: D:\Mozilla Thunderbird\components [2011-06-24 15:18:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: D:\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-12-30 22:10:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: D:\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-07-20 16:11:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\Tobik33\Dane aplikacji\IDM\idmmzcc3
[2010-09-07 21:32:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tobik33\Dane aplikacji\Mozilla\Extensions
[2010-09-07 21:32:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tobik33\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011-07-01 13:15:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tobik33\Dane aplikacji\Mozilla\Firefox\Profiles\xkkuq7sq.default\extensions
[2011-01-12 16:04:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Tobik33\Dane aplikacji\Mozilla\Firefox\Profiles\xkkuq7sq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011-06-22 22:23:20 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Tobik33\Dane aplikacji\Mozilla\Firefox\Profiles\xkkuq7sq.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011-07-01 13:15:44 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\Tobik33\Dane aplikacji\Mozilla\Firefox\Profiles\xkkuq7sq.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011-04-19 20:07:35 | 000,000,000 | ---D | M] (Multirow Bookmarks Toolbar) -- C:\Documents and Settings\Tobik33\Dane aplikacji\Mozilla\Firefox\Profiles\xkkuq7sq.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
[2011-06-26 08:44:46 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Tobik33\Dane aplikacji\Mozilla\Firefox\Profiles\xkkuq7sq.default\extensions\engine@conduit.com
[2011-06-20 14:07:48 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\Tobik33\Dane aplikacji\Mozilla\Firefox\Profiles\xkkuq7sq.default\searchplugins\conduit.xml
[2011-05-26 18:13:20 | 000,001,709 | ---- | M] () -- C:\Documents and Settings\Tobik33\Dane aplikacji\Mozilla\Firefox\Profiles\xkkuq7sq.default\searchplugins\filmweb.xml
[2011-05-05 21:58:28 | 000,000,000 | ---D | M] (No name found) -- D:\\mozilla firefox\extensions
[2010-07-20 16:22:45 | 000,000,000 | ---D | M] (No name found) -- D:\\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-08-18 10:37:43 | 000,000,000 | ---D | M] (Java Console) -- D:\\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-11-09 22:53:43 | 000,000,000 | ---D | M] (Java Console) -- D:\\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-01-02 14:10:28 | 000,000,000 | ---D | M] (Java Console) -- D:\\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011-02-28 17:15:12 | 000,000,000 | ---D | M] (Java Console) -- D:\\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\DOCUMENTS AND SETTINGS\TOBIK33\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\XKKUQ7SQ.DEFAULT\EXTENSIONS\{4C7097F7-08F2-4EF2-9B9F-F95FA4CBB064}.XPI
[2010-08-18 10:37:36 | 000,000,000 | ---D | M] (Java Quick Starter) -- D:\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010-08-18 10:37:43 | 000,000,000 | ---D | M] (Java Console) -- D:\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-11-09 22:53:43 | 000,000,000 | ---D | M] (Java Console) -- D:\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-01-02 14:10:28 | 000,000,000 | ---D | M] (Java Console) -- D:\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011-02-28 17:15:12 | 000,000,000 | ---D | M] (Java Console) -- D:\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-06-24 15:57:45 | 000,142,296 | ---- | M] () -- D:\\mozilla firefox\components\browsercomps.dll
[2011-02-02 22:40:24 | 000,472,808 | ---- | M] () -- D:\\mozilla firefox\plugins\npdeployJava1.dll
[2011-05-05 22:03:11 | 000,002,767 | ---- | M] () -- D:\\mozilla firefox\searchplugins\allegro-pl.xml
[2011-05-05 22:03:11 | 000,001,406 | ---- | M] () -- D:\\mozilla firefox\searchplugins\fbc-pl.xml
[2011-05-05 22:03:11 | 000,000,917 | ---- | M] () -- D:\\mozilla firefox\searchplugins\merlin-pl.xml
[2011-05-05 22:03:11 | 000,000,858 | ---- | M] () -- D:\\mozilla firefox\searchplugins\pwn-pl.xml
[2011-05-05 22:03:11 | 000,001,183 | ---- | M] () -- D:\\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-05-05 22:03:11 | 000,001,683 | ---- | M] () -- D:\\mozilla firefox\searchplugins\wp-pl.xml
O1 HOSTS File: ([2011-01-12 15:25:51 | 000,000,906 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 http://www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Microsoft Office 2010\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ATICustomerCare] D:\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [egui] D:\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKU\S-1-5-21-1606980848-1275210071-1801674531-1003..\Run: [DAEMON Tools Lite] D:\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1606980848-1275210071-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1606980848-1275210071-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Microsoft Office 2010\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Ściągnij przy poomocy FlashGet3 - C:\Documents and Settings\Tobik33\Dane aplikacji\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet3 - C:\Documents and Settings\Tobik33\Dane aplikacji\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: 使用快车3下载 - C:\Documents and Settings\Tobik33\Dane aplikacji\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Documents and Settings\Tobik33\Dane aplikacji\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.p...kanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Tobik33\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Tobik33\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-07-20 15:49:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{35c9e640-a4a8-11e0-bfd0-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{35c9e640-a4a8-11e0-bfd0-806d6172696f}\Shell\AutoRun\command - "" = G:\Autorun.exe
O33 - MountPoints2\{42eaf786-2962-11e0-bb7f-001d7d72357e}\Shell - "" = Autorun
O33 - MountPoints2\{42eaf786-2962-11e0-bb7f-001d7d72357e}\Shell\AutoRun\command - "" = Install_Nokia_Ovi_Suite.exe
O33 - MountPoints2\{cbe14856-94de-11df-b97d-001d7d72357e}\Shell\AutoRun\command - "" = G:\i8gcgmg.exe
O33 - MountPoints2\{cbe14856-94de-11df-b97d-001d7d72357e}\Shell\open\Command - "" = G:\i8gcgmg.exe
O33 - MountPoints2\{fbf04a22-940d-11df-b978-001d7d72357e}\Shell\AutoRun\command - "" = H:\lpl.exe
O33 - MountPoints2\{fbf04a22-940d-11df-b978-001d7d72357e}\Shell\open\Command - "" = H:\lpl.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: wuauserv - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk - D:\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - D:\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: ALLUpdate - hkey= - key= - D:\ALLPlayer\ALLUpdate.exe ()
MsConfig - StartUpReg: BCSSync - hkey= - key= - D:\Microsoft Office 2010\Office14\BCSSync.exe (Microsoft Corporation)
MsConfig - StartUpReg: HP Software Update - hkey= - key= - D:\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - File not found
MsConfig - StartUpReg: RDFNSListener - hkey= - key= - D:\RegDefense\RDFNSListener.exe ()
MsConfig - StartUpReg: RTHDCPL - hkey= - key= - C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: SkyTel - hkey= - key= - C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: StartCCC - hkey= - key= - D:\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: swg - hkey= - key= - D:\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
========== Files/Folders - Created Within 30 Days ==========
[2011-07-30 16:22:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Tobik33\Recent
[2011-07-30 16:03:22 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011-07-30 15:46:53 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011-07-30 15:45:18 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011-07-30 15:45:18 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011-07-30 15:45:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011-07-30 15:45:18 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011-07-30 15:45:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011-07-30 15:44:45 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011-07-24 16:22:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tobik33\Pulpit\Pro.Evolution.Soccer.2011-RELOADED
[2011-07-24 16:07:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tobik33\EurekaLog
[2011-07-24 12:31:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tobik33\Moje dokumenty\FIFA 11
[2011-07-23 11:33:07 | 000,000,000 | ---D | C] -- D:\fra
[2011-07-21 16:31:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\microsoft
[2011-07-13 15:05:14 | 000,019,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2011-07-11 17:24:55 | 000,000,000 | ---D | C] -- D:\HDDGURU FreeWipe Tool
[2011-07-03 09:23:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tobik33\Moje dokumenty\Rockstar Games
[2011-07-03 09:11:36 | 000,000,000 | ---D | C] -- D:\Rockstar Games
[2011-07-03 09:06:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive
[2011-07-03 09:06:14 | 000,000,000 | ---D | C] -- D:\Microsoft Games for Windows - LIVE
[2011-07-02 16:28:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tobik33\Ustawienia lokalne\Dane aplikacji\Rockstar Games
[2011-07-02 16:09:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Tobik33\Dane aplikacji\SecuROM
[2011-07-02 16:08:58 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2011-07-02 16:08:10 | 000,000,000 | ---D | C] -- D:\Windows Media Player
[2011-07-02 15:21:56 | 000,218,688 | ---- | C] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2011-07-02 15:20:54 | 000,000,000 | ---D | C] -- D:\DAEMON Tools Lite
[2011-07-02 15:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tobik33\Dane aplikacji\DAEMON Tools Lite
[2011-07-02 15:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011-07-30 16:01:58 | 007,340,032 | -H-- | M] () -- C:\Documents and Settings\Tobik33\NTUSER.DAT
[2011-07-30 15:46:57 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011-07-30 15:45:26 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2011-07-30 15:21:03 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011-07-30 14:42:37 | 000,000,204 | ---- | M] () -- C:\WINDOWS\tasks\AutoKMS.job
[2011-07-30 14:42:08 | 000,001,006 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011-07-30 14:42:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-07-30 09:16:15 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Tobik33\ntuser.ini
[2011-07-29 18:58:12 | 012,123,630 | -H-- | M] () -- C:\Documents and Settings\Tobik33\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2011-07-29 18:16:19 | 000,062,976 | ---- | M] () -- C:\Documents and Settings\Tobik33\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-07-29 18:16:19 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011-07-24 13:52:28 | 000,002,205 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2011-07-24 13:44:51 | 000,000,162 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2011-07-18 07:51:02 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-07-13 15:24:47 | 000,193,776 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-07-02 16:08:58 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2011-07-02 15:25:21 | 001,191,652 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2011-07-02 15:25:21 | 000,532,518 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-07-02 15:25:21 | 000,472,866 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-07-02 15:25:21 | 000,093,948 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-07-02 15:25:21 | 000,075,960 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-07-02 15:24:14 | 000,218,688 | ---- | M] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2011-07-02 15:06:22 | 000,443,448 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011-07-30 15:46:57 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011-07-30 15:46:54 | 000,262,400 | RHS- | C] () -- C:\cmldr
[2011-07-30 15:45:18 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011-07-30 15:45:18 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011-07-30 15:45:18 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011-07-30 15:45:18 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011-07-30 15:45:18 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011-07-02 15:06:22 | 000,443,448 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2011-06-04 19:49:18 | 012,123,630 | -H-- | C] () -- C:\Documents and Settings\Tobik33\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2011-02-23 21:03:15 | 000,000,046 | ---- | C] () -- C:\WINDOWS\adiras.ini
[2011-02-19 10:54:17 | 000,130,048 | RHS- | C] () -- C:\WINDOWS\System32\arking0.dll
[2011-02-07 20:09:37 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat
[2011-01-14 13:42:50 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfmonnt.dll
[2011-01-13 18:41:09 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2011-01-13 17:51:59 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2011-01-13 17:51:59 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2011-01-12 16:50:11 | 000,000,135 | ---- | C] () -- C:\WINDOWS\AutoKMS.ini
[2011-01-12 16:50:10 | 000,614,400 | ---- | C] () -- C:\WINDOWS\AutoKMS.exe
[2011-01-12 15:03:33 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI
[2010-12-25 22:31:12 | 000,130,048 | RHS- | C] () -- C:\WINDOWS\System32\arking1.dll
[2010-11-22 20:54:48 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-11-22 20:54:48 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll
[2010-11-21 22:09:58 | 000,000,204 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat
[2010-11-21 22:08:45 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2010-11-10 00:58:02 | 003,380,970 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1606980848-1275210071-1801674531-1003-0.dat
[2010-11-10 00:58:02 | 000,214,414 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
[2010-09-15 16:46:47 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010-09-13 23:56:40 | 003,323,936 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2010-08-28 10:57:29 | 000,000,162 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2010-08-28 10:50:45 | 000,002,205 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2010-07-30 18:34:28 | 000,000,284 | ---- | C] () -- C:\WINDOWS\game.ini
[2010-07-26 19:39:24 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010-07-22 17:41:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010-07-22 17:41:38 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010-07-22 17:41:38 | 000,224,342 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010-07-22 17:41:38 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010-07-22 17:40:54 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2010-07-22 17:40:50 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2010-07-20 17:41:34 | 001,191,652 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-07-20 17:41:33 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-07-20 17:39:00 | 000,193,776 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-07-20 16:22:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010-07-20 16:12:32 | 000,000,606 | ---- | C] () -- C:\WINDOWS\hpomdl46.dat.temp
[2010-07-20 16:06:31 | 000,062,976 | ---- | C] () -- C:\Documents and Settings\Tobik33\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-07-20 16:03:25 | 000,209,445 | ---- | C] () -- C:\WINDOWS\hpoins46.dat
[2010-07-20 16:03:25 | 000,000,606 | ---- | C] () -- C:\WINDOWS\hpomdl46.dat
[2010-07-20 15:59:31 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010-07-20 15:58:31 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4864.dll
[2010-07-20 15:54:31 | 000,045,272 | ---- | C] () -- C:\Documents and Settings\Tobik33\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-07-20 15:50:35 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010-07-20 15:49:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2010-07-20 15:48:17 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010-07-20 15:48:16 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010-07-20 15:46:36 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010-07-20 15:46:26 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2010-07-20 15:46:26 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2010-07-20 15:45:46 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2010-07-20 15:45:45 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2008-10-22 05:29:06 | 000,173,550 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008-04-14 23:16:20 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008-04-14 22:50:46 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2008-04-14 22:50:38 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2008-04-14 22:50:32 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2008-04-14 22:50:14 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll
[2008-04-14 22:50:00 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2008-04-13 22:51:34 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2008-04-13 22:25:02 | 000,053,920 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe
[2008-04-13 22:22:36 | 000,003,346 | ---- | C] () -- C:\WINDOWS\System32\redir.exe
[2008-04-13 22:20:56 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2008-04-13 22:19:58 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2008-04-13 22:19:44 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2008-04-13 22:19:44 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2008-04-13 22:19:42 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2008-04-13 22:19:40 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2007-04-02 23:04:28 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2006-12-31 07:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2001-10-26 19:29:54 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\dvdplay.exe
[2001-10-26 19:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll
[2001-10-26 19:29:40 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll
[2001-10-26 19:29:32 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2001-10-26 19:28:34 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2001-10-26 19:27:02 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2001-10-26 18:15:16 | 000,532,518 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2001-10-26 18:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2001-10-26 18:15:16 | 000,093,948 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2001-10-26 18:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2001-10-26 18:15:10 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\vwipxspx.exe
[2001-10-26 18:15:08 | 000,011,859 | ---- | C] () -- C:\WINDOWS\System32\setver.exe
[2001-10-26 18:15:08 | 000,003,260 | ---- | C] () -- C:\WINDOWS\System32\nw16.exe
[2001-10-26 18:15:04 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2001-10-26 18:14:58 | 000,007,116 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe
[2001-10-26 18:14:56 | 000,039,434 | ---- | C] () -- C:\WINDOWS\System32\mem.exe
[2001-10-26 18:14:54 | 000,014,913 | ---- | C] () -- C:\WINDOWS\System32\kb16.com
[2001-10-26 18:14:54 | 000,001,168 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com
[2001-10-26 18:14:52 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2001-10-26 18:14:50 | 000,019,806 | ---- | C] () -- C:\WINDOWS\System32\graphics.com
[2001-10-26 18:14:48 | 000,008,520 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe
[2001-10-26 18:14:46 | 000,012,866 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe
[2001-10-26 18:14:42 | 000,020,986 | ---- | C] () -- C:\WINDOWS\System32\debug.exe
[2001-10-26 18:14:38 | 000,051,823 | ---- | C] () -- C:\WINDOWS\System32\command.com
[2001-10-26 18:14:34 | 000,012,594 | ---- | C] () -- C:\WINDOWS\System32\append.exe
[2001-10-26 18:14:32 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2001-10-26 18:12:52 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2001-10-26 17:45:26 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2001-10-26 17:45:26 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2001-10-26 17:45:24 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2001-10-26 17:45:10 | 000,070,622 | ---- | C] () -- C:\WINDOWS\System32\edit.com
[2001-10-26 17:42:08 | 000,020,629 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini
[2001-10-26 17:42:08 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2001-10-26 17:42:08 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2001-10-26 17:42:08 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2001-08-23 15:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-23 15:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-17 23:35:10 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe
[2001-08-17 23:32:34 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe
[2001-08-17 23:32:34 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe
[2001-08-17 23:31:56 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2001-08-17 23:31:56 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2001-08-17 23:31:50 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2001-08-17 23:31:46 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2001-08-17 23:31:46 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2001-08-17 23:31:44 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2001-08-17 23:30:24 | 000,472,866 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-17 23:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-17 23:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-17 23:30:22 | 000,075,960 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-17 23:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-08-17 23:13:24 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv
[2001-08-17 21:55:06 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2001-07-22 04:25:18 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2001-07-22 00:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-07-22 00:36:06 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2001-07-22 00:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-07-22 00:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001-07-22 00:16:20 | 000,000,542 | ---- | C] () -- C:\WINDOWS\win.ini
[2001-07-22 00:15:52 | 000,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2001-07-22 00:15:50 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll
========== LOP Check ==========
[2011-07-02 15:20:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-12-30 22:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2011-01-13 13:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2011-01-30 20:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2011-01-30 19:56:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache
[2011-01-30 19:40:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaMusic
[2011-01-30 19:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2010-09-04 15:10:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sports Interactive
[2011-07-30 16:30:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2011-06-18 10:12:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\AnvSoft
[2010-11-22 21:31:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\Azureus
[2011-06-29 19:22:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\BitComet
[2010-11-21 22:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\BITS
[2011-01-10 17:49:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\CrypTool
[2011-07-02 15:25:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\DAEMON Tools Lite
[2011-06-28 19:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\Day 1 Studios
[2010-12-02 18:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\DMCache
[2010-11-21 22:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\FlashGet
[2010-11-21 22:08:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\FlashGetBHO
[2011-07-29 18:58:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\foobar2000
[2011-01-13 13:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\Gadu-Gadu 10
[2010-07-22 18:41:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\Leadertech
[2011-02-25 17:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\Nokia
[2011-02-25 17:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\Nokia Ovi Suite
[2011-01-30 20:15:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\PC Suite
[2010-11-05 17:15:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\Sports Interactive
[2010-07-20 16:23:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\Thunderbird
[2010-07-20 16:19:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\URSoft
[2011-07-24 19:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\uTorrent
[2010-11-22 22:26:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tobik33\Dane aplikacji\WinAVI
[2011-07-30 14:42:37 | 000,000,204 | ---- | M] () -- C:\WINDOWS\Tasks\AutoKMS.job
========== Purity Check ==========
========== Custom Scans ==========
< %systemdrive%\*.* >
[2010-07-20 15:49:02 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011-06-17 21:49:24 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2011-07-30 15:46:57 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2001-07-22 00:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2004-08-03 23:00:14 | 000,262,400 | RHS- | M] () -- C:\cmldr
[2010-07-20 15:49:02 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-07-20 15:49:02 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011-07-29 17:00:29 | 000,045,378 | ---- | M] () -- C:\mksbasel.cpp.log
[2010-07-20 15:49:02 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008-04-13 22:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-04-14 00:02:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2011-07-30 14:42:03 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
< MD5 for: AGP440.SYS >
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
< MD5 for: ATAPI.SYS >
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\atapi.sys
< MD5 for: BEEP.SYS >
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 23:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys
< MD5 for: CDROM.SYS >
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: NDIS.SYS >
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: USERINIT.EXE >
[2008-04-14 22:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008-04-14 22:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe
========== Alternate Data Streams ==========
@Alternate Data Stream - 246 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:B3D74A13
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:1CE11B51
< End of report >
rogramy tak to rozumiem ? a o co chodzi z tą ścieżką środowiskową jak ją dodać ?