Logi - Mnóstwo wirusów w systemie

Witam. Mam problem z kompem swoim poniewaz po uruchomieniu windowsa uzytkownika odrazu wlaczaja sie dziwne procesy komputer 100% procka pobiera ledwo dziala a jeszcze niedawno smigal tak jak trzeba internet sie wolno laduje zawiesza sie ciagle raz co 2 minuty raz na 1h i po podlaczeniu telefonu do usb albo pendriva to odrazu komputer sie restartuje chcialbym zeby ktos pomogl bo juz formaty robilem i nic to niepomaga ciagle wylaczam te procesy a one same sie wlaczaja

dodaje logi z OTL-u

Niezłą kolekcję "wirusów" nazbierałeś.
Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to:

:OTL
MOD - [2012-09-30 20:21:07 | 000,153,600 | ---- | M] () -- C:\WINDOWS\Temp\VRT6D.tmp
MOD - [2012-09-30 20:20:47 | 000,297,472 | ---- | M] () -- C:\WINDOWS\Temp\VRT5E.tmp
MOD - [2012-09-25 17:56:12 | 000,112,128 | ---- | M] () -- C:\WINDOWS\lsass.exe
MOD - [2012-09-22 11:27:15 | 000,099,340 | -HS- | M] () -- C:\WINDOWS\system32\a70uzien.dll
MOD - [2012-09-21 19:07:30 | 000,099,340 | -HS- | M] () -- C:\WINDOWS\system32\a9.dll
MOD - [2012-09-21 19:07:30 | 000,099,340 | -HS- | M] () -- C:\WINDOWS\system32\228z.dll
MOD - [2012-09-21 11:27:58 | 000,107,520 | ---- | M] () -- C:\WINDOWS\csrss.exe
SRV - [2012-09-25 17:56:12 | 000,112,128 | ---- | M] () [Auto | Running] -- C:\WINDOWS\lsass.exe -- (Antiviruses )
SRV - [2012-09-21 11:27:58 | 000,107,520 | ---- | M] () [Auto | Running] -- C:\WINDOWS\csrss.exe -- (Mozilla Mail)
SRV - [2012-09-21 11:27:57 | 000,204,800 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\system32\antivar.exe -- (ServerNabs4)
SRV - [2012-09-21 10:52:04 | 000,000,103 | -H-- | M] () [Disabled | Stopped] -- C:\Documents and Settings\Pawel\Dane aplikacji\xe21ot7m.bat -- (uncof)
DRV - [2012-09-27 21:16:17 | 000,006,656 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\mcsysx.sys -- (msfindsrv01)
O4 - HKCU..\Run: [Xaiwucov] C:\Documents and Settings\Pawel\Dane aplikacji\Tuas\teme.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 26523 = C:\DOCUME~1\ALLUSE~1\LOCALS~1\Temp\mskieh.exe ()
O29 - HKLM SecurityProviders - (EbzegkOblevc.dll) - C:\WINDOWS\System32\EbzegkOblevc.dll ()
[2012-09-30 18:29:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Dane aplikacji\Veodtu
[2012-09-30 18:29:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Dane aplikacji\Tuas
[2012-09-30 18:29:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Dane aplikacji\Esax
[2012-09-30 17:30:18 | 000,075,776 | ---- | C] (OCnkMPJ) -- C:\WINDOWS\System32\amstream.exe
[2012-09-30 17:18:52 | 000,075,776 | ---- | C] (OCnkMPJ) -- C:\WINDOWS\System32\asycfilt.exe
[2012-09-30 12:14:22 | 000,075,776 | ---- | C] (OCnkMPJ) -- C:\WINDOWS\System32\aaclient.exe
[2012-09-29 22:15:59 | 000,075,776 | ---- | C] (OCnkMPJ) -- C:\WINDOWS\System32\adptif.exe
[2012-09-29 21:38:44 | 000,074,752 | ---- | C] (Eksz99) -- C:\WINDOWS\System32\drivers\468.exe
[2012-09-29 21:24:49 | 000,000,000 | -HSD | C] -- C:\found.000
[2012-09-29 19:46:58 | 000,074,752 | ---- | C] (Eksz99) -- C:\WINDOWS\System32\a70uzien.exe
[2012-09-29 19:41:04 | 000,075,776 | ---- | C] (OCnkMPJ) -- C:\WINDOWS\System32\adsldpc.exe
[2012-09-27 21:04:08 | 000,074,752 | ---- | C] (Eksz99) -- C:\WINDOWS\System32\camocx.exe
[2012-09-27 20:42:42 | 000,074,752 | ---- | C] (Eksz99) -- C:\WINDOWS\System32\cabview.exe
[2012-09-27 20:37:19 | 000,079,360 | ---- | C] (ArjyaC) -- C:\WINDOWS\System32\avmeter.exe
[2012-09-26 22:01:11 | 000,072,704 | ---- | C] (ZbiERBfKcjwBu) -- C:\WINDOWS\System32\drivers\0.exe
[2012-09-22 15:45:09 | 000,072,192 | ---- | C] (BhH3sJXRq) -- C:\WINDOWS\System32\drivers\765.exe
[2012-09-22 15:45:04 | 000,072,192 | ---- | C] (GC46Z3dh) -- C:\WINDOWS\System32\drivers\484.exe
[2012-09-22 15:45:02 | 000,067,584 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\drivers\500.exe
[2012-09-21 19:09:27 | 000,072,192 | ---- | C] (BhH3sJXRq) -- C:\WINDOWS\System32\drivers\546.exe
[2012-09-21 19:08:48 | 000,074,240 | ---- | C] (edJjwHo0Qbg7L) -- C:\WINDOWS\System32\drivers\828.exe
[2012-09-21 19:08:42 | 000,067,584 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\drivers\312.exe
[2012-09-21 11:27:59 | 000,082,944 | ---- | C] (EyPC5ne) -- C:\WINDOWS\System32\drivers\218.exe
[2012-09-21 11:27:58 | 000,107,520 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\drivers\843.exe
[2012-09-21 11:27:53 | 000,067,584 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\drivers\875.exe
[2012-09-21 11:27:06 | 000,145,408 | ---- | C] (Microsoft) -- C:\Documents and Settings\Pawel\Dane aplikacji\ljysba.exe
[2012-09-30 20:10:30 | 000,065,024 | ---- | M] () -- C:\Documents and Settings\Pawel\qykopigturuq.exe
[2012-09-30 20:10:30 | 000,065,024 | ---- | M] () -- C:\Documents and Settings\All Users\qykopigturuq.exe
[2012-09-29 19:50:12 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\a9.exe
[2012-09-29 19:47:50 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\moperti.dll
[2012-09-29 19:46:58 | 000,074,752 | ---- | M] (Eksz99) -- C:\WINDOWS\System32\a70uzien.exe
[2012-09-29 19:41:05 | 000,075,776 | ---- | M] (OCnkMPJ) -- C:\WINDOWS\System32\adsldpc.exe
[2012-09-27 21:16:17 | 000,006,656 | ---- | M] () -- C:\WINDOWS\System32\drivers\mcsysx.sys
[2012-09-27 21:04:09 | 000,074,752 | ---- | M] (Eksz99) -- C:\WINDOWS\System32\camocx.exe
[2012-09-27 21:03:02 | 000,075,776 | ---- | M] () -- C:\WINDOWS\System32\advapi32.exe
[2012-09-27 21:02:00 | 000,075,776 | ---- | M] () -- C:\WINDOWS\System32\acctres.exe
[2012-09-27 20:42:43 | 000,074,752 | ---- | M] (Eksz99) -- C:\WINDOWS\System32\cabview.exe
[2012-09-27 20:37:21 | 000,079,360 | ---- | M] (ArjyaC) -- C:\WINDOWS\System32\avmeter.exe
[2012-09-27 20:35:57 | 000,328,704 | ---- | M] () -- C:\WINDOWS\System32\aclui.exe
[[2012-09-26 22:01:25 | 000,122,368 | ---- | M] () -- C:\WINDOWS\System32\drivers\734.exe
[2012-09-26 22:01:17 | 000,074,240 | ---- | M] (edJjwHo0Qbg7L) -- C:\WINDOWS\System32\drivers\828.exe
[2012-09-26 22:01:11 | 000,072,704 | ---- | M] (ZbiERBfKcjwBu) -- C:\WINDOWS\System32\drivers\0.exe
[2012-09-26 22:01:04 | 000,107,520 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\drivers\843.exe
[2012-09-26 19:37:59 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\goipriw.dll

:Commands
[emptytemp]

Kliknij w Wykonaj Skrypt. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.
Następnie uruchom OTL ponownie, tym razem kliknij Skanuj.
Pokaż nowy log OTL.txt oraz raport z usuwania Skryptem.

.

Użytkownik ordynat edytował ten post 30 09 2012 - 22:40

Oto Raport z OTL po wykonaniu skryptu:

All processes killed
========== OTL ==========
Error: No service named Antiviruses was found to stop!
Service\Driver key Antiviruses not found.
File C:\WINDOWS\lsass.exe not found.
Error: No service named Mozilla Mail was found to stop!
Service\Driver key Mozilla Mail not found.
File C:\WINDOWS\csrss.exe not found.
Error: No service named ServerNabs4 was found to stop!
Service\Driver key ServerNabs4 not found.
File C:\WINDOWS\system32\antivar.exe not found.
Error: No service named uncof was found to stop!
Service\Driver key uncof not found.
File C:\Documents and Settings\Pawel\Dane aplikacji\xe21ot7m.bat not found.
Error: No service named msfindsrv01 was found to stop!
Service\Driver key msfindsrv01 not found.
File C:\WINDOWS\system32\drivers\mcsysx.sys not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Xaiwucov deleted successfully.
File C:\Documents and Settings\Pawel\Dane aplikacji\Tuas\teme.exe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\26523 not found.
File C:\DOCUME~1\ALLUSE~1\LOCALS~1\Temp\mskieh.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders:EbzegkOblevc.dll deleted successfully.
File C:\WINDOWS\System32\EbzegkOblevc.dll not found.
Folder C:\Documents and Settings\Pawel\Dane aplikacji\Veodtu\ not found.
Folder C:\Documents and Settings\Pawel\Dane aplikacji\Tuas\ not found.
Folder C:\Documents and Settings\Pawel\Dane aplikacji\Esax\ not found.
File C:\WINDOWS\System32\amstream.exe not found.
File C:\WINDOWS\System32\asycfilt.exe not found.
File C:\WINDOWS\System32\aaclient.exe not found.
File C:\WINDOWS\System32\adptif.exe not found.
File C:\WINDOWS\System32\drivers\468.exe not found.
Folder C:\found.000\ not found.
File C:\WINDOWS\System32\a70uzien.exe not found.
File C:\WINDOWS\System32\adsldpc.exe not found.
File C:\WINDOWS\System32\camocx.exe not found.
File C:\WINDOWS\System32\cabview.exe not found.
File C:\WINDOWS\System32\avmeter.exe not found.
File C:\WINDOWS\System32\drivers\0.exe not found.
File C:\WINDOWS\System32\drivers\765.exe not found.
File C:\WINDOWS\System32\drivers\484.exe not found.
File C:\WINDOWS\System32\drivers\500.exe not found.
File C:\WINDOWS\System32\drivers\546.exe not found.
File C:\WINDOWS\System32\drivers\828.exe not found.
File C:\WINDOWS\System32\drivers\312.exe not found.
File C:\WINDOWS\System32\drivers\218.exe not found.
File C:\WINDOWS\System32\drivers\843.exe not found.
File C:\WINDOWS\System32\drivers\875.exe not found.
C:\Documents and Settings\Pawel\Dane aplikacji\ljysba.exe moved successfully.
File C:\Documents and Settings\Pawel\qykopigturuq.exe not found.
File C:\Documents and Settings\All Users\qykopigturuq.exe not found.
File C:\WINDOWS\System32\a9.exe not found.
File C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\moperti.dll not found.
File C:\WINDOWS\System32\a70uzien.exe not found.
File C:\WINDOWS\System32\adsldpc.exe not found.
File C:\WINDOWS\System32\drivers\mcsysx.sys not found.
File C:\WINDOWS\System32\camocx.exe not found.
File C:\WINDOWS\System32\advapi32.exe not found.
File C:\WINDOWS\System32\acctres.exe not found.
File C:\WINDOWS\System32\cabview.exe not found.
File C:\WINDOWS\System32\avmeter.exe not found.
File C:\WINDOWS\System32\aclui.exe not found.
File C:\WINDOWS\System32\drivers\734.exe not found.
File C:\WINDOWS\System32\drivers\828.exe not found.
File C:\WINDOWS\System32\drivers\0.exe not found.
File C:\WINDOWS\System32\drivers\843.exe not found.
File C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\goipriw.dll not found.
File ptytemp] not found.

OTL by OldTimer - Version 3.2.69.0 log created on 09302012_232708

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

i załacznik z OTL ze skanowania po wykonaniu skryptu

Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to:

:OTL
MOD - [2012-09-30 21:01:31 | 000,073,728 | RHS- | M] () -- C:\Documents and Settings\Pawel\boazu.exe
MOD - [2008-04-14 23:51:10 | 000,137,728 | ---- | M] () -- C:\WINDOWS\system32\winldsr.exe
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [qykopigturuq] C:\Documents and Settings\All Users\qykopigturuq.exe File not found
O4 - HKLM..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe File not found
O4 - HKLM..\Run: [VideoDrivers] C:\WINDOWS\system32\winldsr.exe ()
O4 - HKCU..\Run: [boazu] C:\Documents and Settings\Pawel\boazu.exe ()
O4 - HKCU..\Run: [qykopigturuq] C:\Documents and Settings\Pawel\qykopigturuq.exe File not found
[2008-04-14 22:51:44 | 210,051,234 | ---- | C] (Microsoft) -- C:\Documents and Settings\Pawel\Dane aplikacji\uncof.exe
[2012-09-30 23:26:14 | 000,059,392 | ---- | M] ( ) -- C:\Documents and Settings\Pawel\Dane aplikacji\alitr3j.exe
[2012-09-30 23:26:07 | 000,059,392 | ---- | M] ( ) -- C:\Documents and Settings\Pawel\Dane aplikacji\napzck.exe
[2012-09-30 23:15:56 | 000,166,983 | ---- | M] () -- C:\WINDOWS\System32\drivers\15.exe
[2012-09-30 22:54:26 | 000,137,728 | ---- | M] () -- C:\WINDOWS\System32\drivers\921.exe
[2012-09-30 22:54:23 | 000,166,983 | ---- | M] () -- C:\WINDOWS\System32\drivers\968.exe
[2012-09-30 21:01:31 | 000,073,728 | RHS- | M] () -- C:\Documents and Settings\Pawel\boazu.exe
[2012-09-30 17:48:51 | 000,000,228 | ---- | M] () -- C:\WINDOWS\System32\228z.exe
[2012-09-30 17:33:26 | 000,166,983 | ---- | M] () -- C:\WINDOWS\System32\3ivx.exe
[2012-09-30 17:29:05 | 000,137,216 | ---- | M] () -- C:\WINDOWS\System32\appmgr.exe
[2012-09-30 17:16:22 | 000,137,728 | ---- | M] () -- C:\WINDOWS\System32\aaaamon.exe
[2012-09-30 12:29:01 | 000,128,512 | ---- | M] () -- C:\WINDOWS\System32\advpack.exe
[2012-09-30 12:20:41 | 000,166,983 | ---- | M] () -- C:\WINDOWS\System32\6to4svc.exe
[2012-09-29 21:39:53 | 000,137,728 | ---- | M] () -- C:\WINDOWS\System32\drivers\859.exe
[2012-09-29 21:39:48 | 000,137,728 | ---- | M] () -- C:\WINDOWS\System32\drivers\31.exe
[2012-09-29 21:39:28 | 000,166,983 | ---- | M] () -- C:\WINDOWS\System32\drivers\703.exe
[2012-09-22 15:45:07 | 000,204,800 | ---- | M] () -- C:\WINDOWS\System32\drivers\578.exe
[2012-09-22 15:45:07 | 000,108,032 | ---- | M] () -- C:\WINDOWS\System32\drivers\515.exe
[2012-09-21 19:09:20 | 000,204,800 | ---- | M] () -- C:\WINDOWS\System32\drivers\453.exe
[2012-09-21 11:27:57 | 000,204,800 | ---- | M] () -- C:\WINDOWS\System32\drivers\906.exe
[2012-09-21 11:27:54 | 000,074,240 | ---- | M] () -- C:\WINDOWS\System32\drivers\140.exe
[2012-09-21 11:27:53 | 000,013,824 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\EbzegkOblevc.dll
[2012-09-21 11:26:49 | 000,035,264 | ---- | M] () -- C:\Documents and Settings\Pawel\gofyttetorib.exe
[2012-09-21 11:26:49 | 000,035,264 | ---- | M] () -- C:\Documents and Settings\All Users\gofyttetorib.exe
[2012-09-21 10:51:54 | 210,051,234 | ---- | M] (Microsoft) -- C:\Documents and Settings\Pawel\Dane aplikacji\uncof.exe
:Commands
[emptytemp]

Kliknij w Wykonaj Skrypt. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.
Następnie uruchom OTL ponownie, tym razem kliknij Skanuj.
Pokaż nowy log OTL.txt oraz raport z usuwania Skryptem.
******************************************

Użytkownik ordynat edytował ten post 01 10 2012 - 00:32

Kolejny raport z OTL po wklejeniu skryptu

All processes killed
========== OTL ==========
Releasing module C:\Documents and Settings\Pawel\boazu.exe
C:\Documents and Settings\Pawel\boazu.exe moved successfully.
Releasing module C:\WINDOWS\system32\winldsr.exe
C:\WINDOWS\system32\winldsr.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\qykopigturuq deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Regedit32 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\VideoDrivers deleted successfully.
File C:\WINDOWS\system32\winldsr.exe not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\boazu deleted successfully.
File C:\Documents and Settings\Pawel\boazu.exe not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\qykopigturuq deleted successfully.
C:\Documents and Settings\Pawel\Dane aplikacji\uncof.exe moved successfully.
C:\Documents and Settings\Pawel\Dane aplikacji\alitr3j.exe moved successfully.
C:\Documents and Settings\Pawel\Dane aplikacji\napzck.exe moved successfully.
C:\WINDOWS\system32\drivers\15.exe moved successfully.
C:\WINDOWS\system32\drivers\921.exe moved successfully.
C:\WINDOWS\system32\drivers\968.exe moved successfully.
File C:\Documents and Settings\Pawel\boazu.exe not found.
C:\WINDOWS\system32\228z.exe moved successfully.
C:\WINDOWS\system32\3ivx.exe moved successfully.
C:\WINDOWS\system32\appmgr.exe moved successfully.
C:\WINDOWS\system32\aaaamon.exe moved successfully.
C:\WINDOWS\system32\advpack.exe moved successfully.
C:\WINDOWS\system32\6to4svc.exe moved successfully.
C:\WINDOWS\system32\drivers\859.exe moved successfully.
C:\WINDOWS\system32\drivers\31.exe moved successfully.
C:\WINDOWS\system32\drivers\703.exe moved successfully.
C:\WINDOWS\system32\drivers\578.exe moved successfully.
C:\WINDOWS\system32\drivers\515.exe moved successfully.
C:\WINDOWS\system32\drivers\453.exe moved successfully.
C:\WINDOWS\system32\drivers\906.exe moved successfully.
C:\WINDOWS\system32\drivers\140.exe moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\EbzegkOblevc.dll moved successfully.
C:\Documents and Settings\Pawel\gofyttetorib.exe moved successfully.
C:\Documents and Settings\All Users\gofyttetorib.exe moved successfully.
File C:\Documents and Settings\Pawel\Dane aplikacji\uncof.exe not found.
File ptytemp] not found.

OTL by OldTimer - Version 3.2.69.0 log created on 10012012_183417

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

i załacznik z OTL ze skanowania po wykonaniu skryptu:

Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to:

:OTL
[2012-10-01 18:40:28 | 000,000,016 | ---- | M] () -- C:\Documents and Settings\Pawel\Dane aplikacji\lyjsb
[2012-10-01 18:38:43 | 000,000,103 | -H-- | M] () -- C:\Documents and Settings\Pawel\Dane aplikacji\yn1qvv.bat
[2012-10-01 18:38:32 | 210,051,234 | ---- | M] (Microsoft) -- C:\Documents and Settings\Pawel\Dane aplikacji\uncof.exe
[2012-10-01 18:37:36 | 000,059,392 | ---- | M] ( ) -- C:\Documents and Settings\Pawel\Dane aplikacji\alitr3j.exe
[2012-10-01 18:37:19 | 000,059,392 | ---- | M] ( ) -- C:\Documents and Settings\Pawel\Dane aplikacji\napzck.exe
O4 - HKCU..\Run: [boazu] C:\Documents and Settings\Pawel\boazu.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 26523 = C:\DOCUME~1\ALLUSE~1\LOCALS~1\Temp\mskckuuvw.pif ()

:Commands
[emptytemp]

Kliknij w Wykonaj Skrypt. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.
Następnie uruchom OTL ponownie, tym razem kliknij Skanuj.
Pokaż nowy log OTL.txt oraz raport z usuwania Skryptem.
.

RAport z usuwania z OTL:

All processes killed
========== OTL ==========
File C:\Documents and Settings\Pawel\Dane aplikacji\lyjsb not found.
C:\Documents and Settings\Pawel\Dane aplikacji\yn1qvv.bat moved successfully.
C:\Documents and Settings\Pawel\Dane aplikacji\uncof.exe moved successfully.
C:\Documents and Settings\Pawel\Dane aplikacji\alitr3j.exe moved successfully.
C:\Documents and Settings\Pawel\Dane aplikacji\napzck.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\boazu not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\26523 deleted successfully.
File move failed. C:\DOCUME~1\ALLUSE~1\LOCALS~1\Temp\mskckuuvw.pif scheduled to be moved on reboot.
File ptytemp] not found.

OTL by OldTimer - Version 3.2.70.1 log created on 10022012_191516

Files\Folders moved on Reboot...
C:\DOCUME~1\ALLUSE~1\LOCALS~1\Temp\mskckuuvw.pif moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Nowy log z OTL:

OTL logfile created on: 2012-10-02 19:17:22 - Run 1
OTL by OldTimer - Version 3.2.70.1 Folder = C:\Documents and Settings\Pawel\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

767,49 Mb Total Physical Memory | 595,26 Mb Available Physical Memory | 77,56% Memory free
1,83 Gb Paging File | 1,71 Gb Available in Paging File | 93,39% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,44 Gb Total Space | 17,93 Gb Free Space | 73,38% Space Free | Partition Type: NTFS
Drive D: | 31,48 Gb Total Space | 0,49 Gb Free Space | 1,56% Space Free | Partition Type: NTFS

Computer Name: XXX-70D9B06889F | User Name: Pawel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-10-02 19:14:48 | 000,628,224 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pawel\Pulpit\OTL.exe
PRC - [2012-09-30 13:18:08 | 000,112,128 | ---- | M] () -- C:\WINDOWS\smtss.exe
PRC - [2011-01-20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010-12-09 12:45:58 | 000,102,400 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2008-04-14 22:51:46 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userinit.exe
PRC - [2008-04-14 22:51:18 | 001,062,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-08-02 23:12:00 | 000,606,208 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2004-12-14 14:44:06 | 000,057,344 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe


========== Modules (No Company Name) ==========

MOD - [2012-09-30 13:18:08 | 000,112,128 | ---- | M] () -- C:\WINDOWS\smtss.exe


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Documents and Settings\Pawel\Dane aplikacji\yn1qvv.bat -- (uncof)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012-09-30 13:18:08 | 000,112,128 | ---- | M] () [Auto | Running] -- C:\WINDOWS\smtss.exe -- (AVG FireWall)
SRV - [2008-04-14 22:51:40 | 000,008,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\nwcwks.dll -- (NWCWorkstation)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012-09-21 11:28:16 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2012-09-20 21:10:46 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2008-05-02 08:48:55 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112)
DRV - [2008-04-14 23:30:58 | 000,701,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008-04-14 02:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008-04-14 00:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2006-08-18 07:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM)
DRV - [2004-07-16 08:19:52 | 000,070,400 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2001-08-18 00:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)



========== Chrome ==========

CHR - homepage: http://google.pl/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://google.pl/
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.111\npGoogleUpdate3.dll

O1 HOSTS File: ([2001-10-26 17:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0771D3FD-B8B5-4A96-BF07-8792ADF7225E}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - about:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-09-20 20:42:57 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{aaadcffd-0be6-11e2-bcf2-0020ed718425}\Shell - "" = AutoRun
O33 - MountPoints2\{aaadcffd-0be6-11e2-bcf2-0020ed718425}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL PktIer.eXe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012-10-02 19:14:34 | 000,628,224 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Pawel\Pulpit\OTL.exe
[2012-10-01 19:56:54 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-10-01 19:03:56 | 000,069,120 | ---- | C] (RzD4XnT3i5cVz) -- C:\WINDOWS\System32\drivers\93.exe
[2012-09-30 19:28:11 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012-09-30 19:28:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Menu Start\Programy\HiJackThis
[2012-09-30 18:29:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\Identities
[2012-09-23 19:25:23 | 001,378,744 | ---- | C] (ESET) -- C:\Documents and Settings\Pawel\Moje dokumenty\eset_nod32_antivirus_live_installer.exe
[2012-09-22 20:13:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Giant
[2012-09-22 19:52:29 | 000,000,000 | ---D | C] -- C:\Program Files\Giant
[2012-09-22 19:44:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Moje dokumenty\Shrek 2
[2012-09-22 15:44:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Local Settings
[2012-09-22 11:47:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012-09-21 21:36:24 | 000,000,000 | ---D | C] -- C:\Program Files\Warner Bros. Interactive Entertainment
[2012-09-21 11:28:16 | 000,281,104 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll
[2012-09-21 11:28:16 | 000,100,880 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll
[2012-09-21 11:28:16 | 000,050,704 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys
[2012-09-21 10:53:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\Adobe
[2012-09-20 22:33:21 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2012-09-20 22:33:21 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2012-09-20 22:33:21 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2012-09-20 22:33:21 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2012-09-20 22:33:20 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2012-09-20 22:33:20 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2012-09-20 22:33:05 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gameenum.sys
[2012-09-20 22:32:54 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msmpu401.sys
[2012-09-20 22:32:53 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2012-09-20 22:32:53 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2012-09-20 22:32:53 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2012-09-20 22:32:53 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2012-09-20 22:32:48 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\RTL8139.sys
[2012-09-20 22:32:39 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys
[2012-09-20 22:32:36 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2012-09-20 22:31:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka
[2012-09-20 22:31:16 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2012-09-20 22:31:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2012-09-20 22:31:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2012-09-20 22:31:10 | 000,000,000 | R--D | C] -- C:\Program Files
[2012-09-20 22:31:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2012-09-20 22:31:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2012-09-20 22:31:00 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2012-09-20 22:31:00 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2012-09-20 22:31:00 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2012-09-20 22:30:58 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2012-09-20 22:30:58 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2012-09-20 22:30:58 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2012-09-20 22:30:58 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2012-09-20 22:30:58 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2012-09-20 22:30:58 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2012-09-20 22:30:58 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2012-09-20 22:30:58 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2012-09-20 22:30:58 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2012-09-20 22:30:58 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2012-09-20 22:30:58 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2012-09-20 22:30:58 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2012-09-20 22:30:56 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2012-09-20 22:30:56 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2012-09-20 22:30:56 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2012-09-20 22:30:56 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2012-09-20 22:30:56 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2012-09-20 22:30:56 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2012-09-20 22:30:56 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2012-09-20 22:30:54 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2012-09-20 22:30:54 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2012-09-20 22:30:54 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2012-09-20 22:30:54 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2012-09-20 22:30:54 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2012-09-20 22:30:48 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2012-09-20 22:30:48 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2012-09-20 22:30:48 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2012-09-20 22:30:47 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2012-09-20 22:30:47 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2012-09-20 22:30:47 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2012-09-20 22:30:47 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2012-09-20 22:30:47 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2012-09-20 22:30:47 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2012-09-20 22:30:47 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2012-09-20 22:30:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2012-09-20 22:30:40 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2012-09-20 22:30:40 | 000,085,532 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2012-09-20 22:30:40 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2012-09-20 22:30:40 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2012-09-20 22:30:39 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2012-09-20 22:30:39 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2012-09-20 22:30:39 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2012-09-20 22:30:39 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2012-09-20 22:30:39 | 000,009,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2012-09-20 22:30:39 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2012-09-20 22:30:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2012-09-20 22:30:39 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2012-09-20 22:30:39 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2012-09-20 22:30:39 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2012-09-20 22:30:38 | 000,127,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2012-09-20 22:30:38 | 000,109,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2012-09-20 22:30:38 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2012-09-20 22:30:38 | 000,073,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2012-09-20 22:30:38 | 000,033,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2012-09-20 22:30:38 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2012-09-20 22:30:38 | 000,025,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2012-09-20 22:30:38 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2012-09-20 22:30:38 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2012-09-20 22:30:38 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2012-09-20 22:30:38 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2012-09-20 22:30:37 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2012-09-20 22:30:37 | 000,070,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2012-09-20 22:30:37 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2012-09-20 22:30:37 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2012-09-20 22:30:36 | 000,069,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2012-09-20 22:30:35 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2012-09-20 22:30:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start
[2012-09-20 22:30:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty
[2012-09-20 22:30:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
[2012-09-20 22:30:25 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Szablony
[2012-09-20 22:30:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Ulubione
[2012-09-20 22:30:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Pulpit
[2012-09-20 22:28:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2012-09-20 22:28:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2012-09-20 22:28:35 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft
[2012-09-20 22:28:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji
[2012-09-20 22:28:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2012-09-20 22:28:08 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012-09-20 22:22:36 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2012-09-20 22:22:36 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2012-09-20 22:22:36 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2012-09-20 22:22:36 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\Offline Web Pages
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\NLDRV
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1045
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2012-09-20 22:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2012-09-20 21:45:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\Opera
[2012-09-20 21:45:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Dane aplikacji\Opera
[2012-09-20 21:45:08 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2012-09-20 21:43:21 | 012,272,352 | ---- | C] (Opera Software ASA) -- C:\Documents and Settings\Pawel\Moje dokumenty\Opera_1202_int_Setup.exe
[2012-09-20 21:33:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Menu Start\Programy\Google Chrome
[2012-09-20 21:20:44 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012-09-20 21:20:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\Google
[2012-09-20 21:19:58 | 010,559,488 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTLCPL.exe
[2012-09-20 21:19:56 | 018,804,736 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\alsndmgr.cpl
[2012-09-20 21:19:56 | 004,017,536 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\alcxwdm.sys
[2012-09-20 21:19:56 | 000,606,208 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
[2012-09-20 21:19:51 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek Sound Manager
[2012-09-20 21:19:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Realtek Sound Manager
[2012-09-20 21:19:50 | 000,000,000 | ---D | C] -- C:\Program Files\AvRack
[2012-09-20 21:19:40 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97
[2012-09-20 21:19:33 | 000,344,064 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\alcupd.exe
[2012-09-20 21:19:33 | 000,245,760 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcrmv.exe
[2012-09-20 21:18:13 | 000,070,400 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtlnicxp.sys
[2012-09-20 21:18:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2012-09-20 21:13:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2012-09-20 21:13:54 | 000,000,000 | ---D | C] -- C:\Program Files\VIA Technologies, INC
[2012-09-20 21:13:45 | 000,333,824 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[2012-09-20 21:13:04 | 000,446,464 | ---- | C] (On2.com) -- C:\WINDOWS\System32\vp31vfw.dll
[2012-09-20 21:13:04 | 000,438,272 | ---- | C] (On2.com) -- C:\WINDOWS\System32\vp6vfw.dll
[2012-09-20 21:13:04 | 000,327,680 | ---- | C] (On2.com Inc.) -- C:\WINDOWS\System32\vp6dec.ax
[2012-09-20 21:13:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\K-Lite Codec Pack
[2012-09-20 21:13:03 | 000,075,264 | ---- | C] (Matthew T. Ashland) -- C:\WINDOWS\System32\MACDec.dll
[2012-09-20 21:13:02 | 001,024,000 | ---- | C] (3ivx.com) -- C:\WINDOWS\System32\3ivx.dll
[2012-09-20 21:13:02 | 000,774,144 | ---- | C] (Gabest) -- C:\WINDOWS\System32\vsfilter.dll
[2012-09-20 21:13:02 | 000,409,600 | ---- | C] (3ivx.com) -- C:\WINDOWS\System32\3ivxDSAudioDecoder.ax
[2012-09-20 21:13:02 | 000,368,640 | ---- | C] (Gabest) -- C:\WINDOWS\System32\vobsub.dll
[2012-09-20 21:13:02 | 000,327,680 | ---- | C] (3ivx.com) -- C:\WINDOWS\System32\3ivxDSMediaMux.ax
[2012-09-20 21:13:02 | 000,315,392 | ---- | C] (3ivx.com) -- C:\WINDOWS\System32\3ivxDSEncoder.ax
[2012-09-20 21:13:02 | 000,290,816 | ---- | C] (3ivx.com) -- C:\WINDOWS\System32\3ivxDSMediaSplitter.ax
[2012-09-20 21:13:02 | 000,290,816 | ---- | C] (3ivx.com) -- C:\WINDOWS\System32\3ivxDSDecoder.ax
[2012-09-20 21:13:02 | 000,286,720 | ---- | C] (3ivx.com) -- C:\WINDOWS\System32\3ivxVfWCodec.dll
[2012-09-20 21:13:02 | 000,039,936 | ---- | C] (Disappearing Inc.) -- C:\WINDOWS\System32\huffyuv.dll
[2012-09-20 21:13:01 | 001,415,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WMV9VCM.dll
[2012-09-20 21:13:01 | 000,401,408 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm
[2012-09-20 21:13:01 | 000,368,640 | ---- | C] (Gabest) -- C:\WINDOWS\System32\MatroskaSplitter.ax
[2012-09-20 21:13:01 | 000,245,760 | ---- | C] (-) -- C:\WINDOWS\System32\CoreVorbis.ax
[2012-09-20 21:13:01 | 000,098,304 | ---- | C] (RadLight) -- C:\WINDOWS\System32\MPCDec.ax
[2012-09-20 21:13:01 | 000,081,920 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2012-09-20 21:13:00 | 002,024,448 | ---- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\divx.dll
[2012-09-20 21:13:00 | 000,577,536 | ---- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\divxdec.ax
[2012-09-20 21:12:59 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr70.dll
[2012-09-20 21:12:59 | 000,245,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unicows.dll
[2012-09-20 21:12:59 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2012-09-20 21:11:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Dane aplikacji\Adobe
[2012-09-20 21:11:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Dane aplikacji\Macromedia
[2012-09-20 21:10:46 | 000,218,688 | ---- | C] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2012-09-20 21:10:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\DAEMON Tools Lite
[2012-09-20 21:10:33 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2012-09-20 21:10:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Dane aplikacji\DAEMON Tools Lite
[2012-09-20 21:10:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2012-09-20 21:09:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Dane aplikacji\Gadu-Gadu 10
[2012-09-20 21:09:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2012-09-20 21:08:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Winamp
[2012-09-20 21:08:52 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10
[2012-09-20 21:08:51 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2012-09-20 21:08:50 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2012-09-20 21:08:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2012-09-20 21:08:14 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2012-09-20 21:08:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Menu Start\Programy\Detektor Winampa
[2012-09-20 21:08:04 | 000,066,544 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe
[2012-09-20 21:08:04 | 000,066,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe
[2012-09-20 21:08:04 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
[2012-09-20 21:08:04 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
[2012-09-20 21:08:03 | 001,858,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll
[2012-09-20 21:08:03 | 000,670,192 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2012-09-20 21:08:03 | 000,551,408 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2012-09-20 21:08:03 | 000,436,720 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2012-09-20 21:08:03 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2012-09-20 21:08:03 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll
[2012-09-20 21:08:03 | 000,096,752 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2012-09-20 21:08:03 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2012-09-20 21:08:03 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2012-09-20 21:08:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Dane aplikacji\Winamp
[2012-09-20 21:07:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Menu Start\Programy\WinRAR
[2012-09-20 21:07:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Dane aplikacji\WinRAR
[2012-09-20 21:07:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\WinRAR
[2012-09-20 21:07:34 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012-09-20 21:05:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Nero
[2012-09-20 21:05:31 | 000,125,184 | ---- | C] (Ahead Software AG) -- C:\WINDOWS\System32\drivers\imagesrv.sys
[2012-09-20 21:05:31 | 000,005,504 | ---- | C] (Ahead Software AG) -- C:\WINDOWS\System32\drivers\imagedrv.sys
[2012-09-20 21:05:18 | 001,568,768 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagX7.dll
[2012-09-20 21:05:18 | 000,476,320 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXpr7.dll
[2012-09-20 21:05:18 | 000,471,040 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXRA7.dll
[2012-09-20 21:05:18 | 000,364,544 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\TwnLib4.dll
[2012-09-20 21:05:18 | 000,262,144 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXR7.dll
[2012-09-20 21:05:18 | 000,106,496 | ---- | C] (Pegasus Software) -- C:\WINDOWS\System32\TwnLib20.dll
[2012-09-20 21:05:18 | 000,038,912 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\picn20.dll
[2012-09-20 21:05:17 | 000,184,320 | ---- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe
[2012-09-20 21:05:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2012-09-20 21:05:14 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead
[2012-09-20 21:04:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012-09-20 21:04:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe
[2012-09-20 21:03:31 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012-09-20 21:01:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\USB Vibration
[2012-09-20 21:01:35 | 000,000,000 | ---D | C] -- C:\Program Files\USB Vibration
[2012-09-20 21:00:09 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012-09-20 21:00:09 | 000,000,000 | ---D | C] -- C:\Program Files\Axesstel
[2012-09-20 21:00:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Axesstel
[2012-09-20 20:59:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012-09-20 20:54:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Dane aplikacji\Identities
[2012-09-20 20:54:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Pawel\Moje dokumenty\Moje obrazy
[2012-09-20 20:54:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Pawel\Moje dokumenty\Moja muzyka
[2012-09-20 20:54:08 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2012-09-20 20:53:53 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Pawel\Ustawienia lokalne\Dane aplikacji\Microsoft
[2012-09-20 20:53:53 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Pawel\Dane aplikacji\Microsoft
[2012-09-20 20:53:53 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Pawel\SendTo
[2012-09-20 20:53:53 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Pawel\Recent
[2012-09-20 20:53:53 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Pawel\Dane aplikacji
[2012-09-20 20:53:53 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Pawel\Ulubione
[2012-09-20 20:53:53 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Pawel\Moje dokumenty
[2012-09-20 20:53:53 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Pawel\Menu Start
[2012-09-20 20:53:53 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Pawel\Menu Start\Programy\Autostart
[2012-09-20 20:53:53 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Pawel\Menu Start\Programy\Akcesoria
[2012-09-20 20:53:53 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Pawel\Cookies
[2012-09-20 20:53:53 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Pawel\Ustawienia lokalne
[2012-09-20 20:53:53 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Pawel\Szablony
[2012-09-20 20:53:53 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Pawel\PrintHood
[2012-09-20 20:53:53 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Pawel\NetHood
[2012-09-20 20:53:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pawel\Pulpit
[2012-09-20 20:49:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2012-09-20 20:49:34 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2012-09-20 20:49:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012-09-20 20:49:33 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2012-09-20 20:49:33 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2012-09-20 20:45:45 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2012-09-20 20:45:45 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2012-09-20 20:43:36 | 001,036,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2012-09-20 20:43:36 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2012-09-20 20:43:36 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2012-09-20 20:43:36 | 000,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2012-09-20 20:43:36 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieaksie.dll
[2012-09-20 20:43:36 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakui.dll
[2012-09-20 20:43:36 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakeng.dll
[2012-09-20 20:43:36 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2012-09-20 20:43:36 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iernonce.dll
[2012-09-20 20:43:35 | 002,455,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2012-09-20 20:43:35 | 001,159,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2012-09-20 20:43:35 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2012-09-20 20:43:35 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2012-09-20 20:43:35 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2012-09-20 20:43:35 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webcheck.dll
[2012-09-20 20:43:35 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advpack.dll
[2012-09-20 20:43:35 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2012-09-20 20:43:35 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pngfilt.dll
[2012-09-20 20:43:35 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2012-09-20 20:43:34 | 001,831,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2012-09-20 20:43:34 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2012-09-20 20:43:34 | 000,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2012-09-20 20:43:34 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtmsft.dll
[2012-09-20 20:43:34 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrating.dll
[2012-09-20 20:43:34 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\extmgr.dll
[2012-09-20 20:43:34 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2012-09-20 20:43:34 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2012-09-20 20:43:33 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtrans.dll
[2012-09-20 20:43:33 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2012-09-20 20:43:33 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2012-09-20 20:43:32 | 006,066,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2012-09-20 20:43:23 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2012-09-20 20:43:19 | 000,016,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2012-09-20 20:42:37 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2012-09-20 20:42:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache
[2012-09-20 20:41:32 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2012-09-20 20:41:10 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2012-09-20 20:41:06 | 000,000,000 | ---D | C] -- C:\Program Files\Usługi online
[2012-09-20 20:40:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2012-09-20 20:40:39 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2012-09-20 20:40:26 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2012-09-20 20:40:25 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2012-09-20 20:40:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2012-09-20 20:40:21 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2012-09-20 20:40:21 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2012-09-20 20:40:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2012-09-20 20:40:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2012-09-20 20:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2012-09-20 20:40:13 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2012-09-20 20:40:13 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2012-09-20 20:40:12 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2012-09-20 20:40:12 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2012-09-20 20:40:12 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2012-09-20 20:40:12 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2012-09-20 20:40:12 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2012-09-20 20:40:12 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2012-09-20 20:40:12 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2012-09-20 20:40:07 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2012-09-20 20:39:48 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2012-09-20 20:39:48 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2012-09-20 20:39:48 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2012-09-20 20:39:47 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2012-09-20 20:39:43 | 000,240,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2012-09-20 20:39:43 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2012-09-20 20:39:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2012-09-20 20:39:42 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2012-09-20 20:39:42 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2012-09-20 20:39:42 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2012-09-20 20:39:42 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2012-09-20 20:39:41 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2012-09-20 20:39:39 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2012-09-20 20:39:38 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2012-09-20 20:39:38 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2012-09-20 20:39:37 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2012-09-20 20:39:35 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2012-09-20 20:39:35 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2012-09-20 20:39:34 | 000,278,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2012-09-20 20:39:34 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2012-09-20 20:39:34 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2012-09-20 20:39:34 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2012-09-20 20:39:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2012-09-20 20:39:26 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2012-09-20 20:39:24 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy
[2012-09-20 20:38:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Gry
[2012-09-20 20:38:33 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2012-09-20 20:38:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Narzędzia administracyjne
[2012-09-20 20:38:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2012-09-20 20:38:05 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2012-09-20 20:38:04 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2012-09-20 20:38:03 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2012-09-20 20:37:59 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2012-09-20 20:37:59 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2012-09-20 20:37:49 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2012-09-20 20:37:49 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2012-09-20 20:37:49 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2012-09-20 20:37:49 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2012-09-20 20:37:49 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2012-09-20 20:37:48 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2012-09-20 20:37:41 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2012-09-20 20:37:41 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2012-09-20 20:37:41 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2012-09-20 20:37:40 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2012-09-20 20:37:40 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2012-09-20 20:37:40 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2012-09-20 20:37:40 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2012-09-20 20:37:39 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2012-09-20 20:37:39 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2012-09-20 20:37:39 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2012-09-20 20:37:39 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2012-09-20 20:37:39 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2012-09-20 20:37:39 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2012-09-20 20:37:39 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2012-09-20 20:37:39 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2012-09-20 20:37:39 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2012-09-20 20:37:39 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2012-09-20 20:37:38 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2012-09-20 20:37:38 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2012-09-20 20:37:38 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2012-09-20 20:37:38 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2012-09-20 20:37:31 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2012-09-20 20:37:31 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2012-09-20 20:37:31 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2012-09-20 20:37:30 | 000,351,744 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2012-09-20 20:37:30 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2012-09-20 20:37:30 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2012-09-20 20:37:29 | 000,565,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2012-09-20 20:37:29 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2012-09-20 20:37:29 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2012-09-20 20:37:28 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2012-09-20 20:37:28 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2012-09-20 20:37:27 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2012-09-20 20:37:27 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2012-09-20 20:37:26 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2012-09-20 20:37:26 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2012-09-20 20:37:26 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2012-09-20 20:37:25 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2012-09-20 20:37:25 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2012-09-20 20:37:25 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2012-09-20 20:37:25 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2012-09-20 20:37:25 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2012-09-20 20:37:25 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2012-09-20 20:37:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2012-09-20 20:37:24 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2012-09-20 20:37:24 | 000,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2012-09-20 20:37:24 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2012-09-20 20:37:24 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2012-09-20 20:37:23 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2012-09-20 20:37:23 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2012-09-20 20:37:23 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2012-09-20 20:37:23 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2012-09-20 20:37:23 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2012-09-20 20:37:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2012-09-20 20:37:22 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2012-09-20 20:37:22 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2012-09-20 20:37:22 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2012-09-20 20:37:22 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2012-09-20 20:37:21 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2012-09-20 20:37:21 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2012-09-20 20:37:14 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2012-09-20 20:37:14 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2012-09-20 20:37:14 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2012-09-20 20:37:13 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2012-09-20 20:37:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo
[2012-09-20 20:36:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Akcesoria
[61 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-10-02 19:19:16 | 000,059,392 | ---- | M] ( ) -- C:\Documents and Settings\Pawel\Dane aplikacji\alitr3j.exe
[2012-10-02 19:19:00 | 000,059,392 | ---- | M] ( ) -- C:\Documents and Settings\Pawel\Dane aplikacji\napzck.exe
[2012-10-02 19:18:32 | 000,000,003 | ---- | M] () -- C:\Documents and Settings\Pawel\Dane aplikacji\ljysba.exe
[2012-10-02 19:16:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-10-02 19:16:52 | 804,839,424 | -HS- | M] () -- C:\hiberfil.sys
[2012-10-02 19:14:48 | 000,628,224 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pawel\Pulpit\OTL.exe
[2012-10-01 22:10:49 | 000,105,017 | ---- | M] () -- C:\Documents and Settings\Pawel\Pulpit\bez tytułu.JPG
[2012-10-01 19:53:39 | 000,002,443 | ---- | M] () -- C:\Documents and Settings\Pawel\Pulpit\HiJackThis.lnk
[2012-10-01 19:46:09 | 000,093,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-10-01 19:30:09 | 000,001,132 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-113007714-1606980848-1003UA.job
[2012-10-01 19:03:56 | 000,069,120 | ---- | M] (RzD4XnT3i5cVz) -- C:\WINDOWS\System32\drivers\93.exe
[2012-10-01 19:03:34 | 000,166,910 | ---- | M] () -- C:\WINDOWS\System32\drivers\562.exe
[2012-10-01 19:03:23 | 000,073,728 | RHS- | M] () -- C:\Documents and Settings\Pawel\janed.exe
[2012-10-01 19:01:58 | 000,065,024 | ---- | M] () -- C:\Documents and Settings\Pawel\beanifkeafal.exe
[2012-10-01 19:01:58 | 000,065,024 | ---- | M] () -- C:\Documents and Settings\All Users\beanifkeafal.exe
[2012-09-30 19:46:40 | 000,445,544 | ---- | M] () -- C:\Documents and Settings\Pawel\Moje dokumenty\OTL(19450).exe
[2012-09-30 19:27:19 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Pawel\Moje dokumenty\6982-up-HJT_204_Install_master.msi
[2012-09-30 19:19:53 | 000,445,544 | ---- | M] () -- C:\Documents and Settings\Pawel\Moje dokumenty\HijackThis(12030).exe
[2012-09-30 13:18:08 | 000,112,128 | ---- | M] () -- C:\WINDOWS\smtss.exe
[2012-09-30 12:04:23 | 000,137,216 | ---- | M] () -- C:\WINDOWS\System32\3ivxVfWCodec.exe
[2012-09-29 21:36:02 | 000,355,830 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-09-29 21:36:02 | 000,049,712 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-09-29 21:36:01 | 000,311,740 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-09-29 21:36:01 | 000,040,128 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-09-29 19:07:27 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-09-23 19:25:28 | 001,378,744 | ---- | M] (ESET) -- C:\Documents and Settings\Pawel\Moje dokumenty\eset_nod32_antivirus_live_installer.exe
[2012-09-23 16:30:03 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-113007714-1606980848-1003Core.job
[2012-09-22 20:15:46 | 000,001,591 | ---- | M] () -- C:\Documents and Settings\Pawel\Pulpit\LEGO Star Wars.lnk
[2012-09-21 11:28:16 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll
[2012-09-21 11:28:16 | 000,100,880 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll
[2012-09-21 11:28:16 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys
[2012-09-20 22:34:59 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2012-09-20 21:50:21 | 000,000,169 | ---- | M] () -- C:\WINDOWS\RtlRack.ini
[2012-09-20 21:45:12 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2012-09-20 21:43:21 | 012,272,352 | ---- | M] (Opera Software ASA) -- C:\Documents and Settings\Pawel\Moje dokumenty\Opera_1202_int_Setup.exe
[2012-09-20 21:22:04 | 000,000,796 | ---- | M] () -- C:\Documents and Settings\Pawel\Pulpit\Cabal Online.lnk
[2012-09-20 21:21:49 | 000,000,680 | ---- | M] () -- C:\Documents and Settings\Pawel\Pulpit\NosTale.lnk
[2012-09-20 21:19:51 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AvRack.lnk
[2012-09-20 21:10:46 | 000,218,688 | ---- | M] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2012-09-20 21:10:39 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2012-09-20 21:09:18 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2012-09-20 21:08:58 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk
[2012-09-20 21:05:44 | 000,001,239 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk
[2012-09-20 21:04:51 | 000,001,740 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 7.0.lnk
[2012-09-20 21:04:50 | 000,001,757 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk
[2012-09-20 21:00:09 | 000,000,575 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AxessManager.lnk
[2012-09-20 20:45:49 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2012-09-20 20:44:21 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012-09-20 20:42:57 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012-09-20 20:42:57 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012-09-20 20:42:57 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012-09-20 20:42:57 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2012-09-20 20:42:57 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012-09-20 20:42:49 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012-09-20 20:42:48 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012-09-20 20:42:47 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012-09-20 20:42:37 | 000,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012-09-20 20:38:43 | 000,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012-09-20 20:35:42 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[61 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-10-02 19:19:19 | 000,000,016 | -H-- | C] () -- C:\Documents and Settings\Pawel\Dane aplikacji\alij
[2012-10-02 19:19:16 | 000,059,392 | ---- | C] ( ) -- C:\Documents and Settings\Pawel\Dane aplikacji\alitr3j.exe
[2012-10-02 19:19:00 | 000,059,392 | ---- | C] ( ) -- C:\Documents and Settings\Pawel\Dane aplikacji\napzck.exe
[2012-10-01 22:10:48 | 000,105,017 | ---- | C] () -- C:\Documents and Settings\Pawel\Pulpit\bez tytułu.JPG
[2012-10-01 19:38:04 | 000,065,024 | ---- | C] () -- C:\Documents and Settings\Pawel\beanifkeafal.exe
[2012-10-01 19:03:36 | 000,112,128 | ---- | C] () -- C:\WINDOWS\smtss.exe
[2012-10-01 19:03:34 | 000,166,910 | ---- | C] () -- C:\WINDOWS\System32\drivers\562.exe
[2012-10-01 19:03:23 | 000,073,728 | RHS- | C] () -- C:\Documents and Settings\Pawel\janed.exe
[2012-10-01 19:02:15 | 000,000,003 | ---- | C] () -- C:\Documents and Settings\Pawel\Dane aplikacji\ljysba.exe
[2012-10-01 19:01:58 | 000,065,024 | ---- | C] () -- C:\Documents and Settings\All Users\beanifkeafal.exe
[2012-09-30 19:46:32 | 000,445,544 | ---- | C] () -- C:\Documents and Settings\Pawel\Moje dokumenty\OTL(19450).exe
[2012-09-30 19:28:11 | 000,002,443 | ---- | C] () -- C:\Documents and Settings\Pawel\Pulpit\HiJackThis.lnk
[2012-09-30 19:27:03 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Pawel\Moje dokumenty\6982-up-HJT_204_Install_master.msi
[2012-09-30 19:19:48 | 000,445,544 | ---- | C] () -- C:\Documents and Settings\Pawel\Moje dokumenty\HijackThis(12030).exe
[2012-09-30 12:04:21 | 000,137,216 | ---- | C] () -- C:\WINDOWS\System32\3ivxVfWCodec.exe
[2012-09-22 20:15:46 | 000,001,591 | ---- | C] () -- C:\Documents and Settings\Pawel\Pulpit\LEGO Star Wars.lnk
[2012-09-21 11:27:58 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\sLT.exf
[2012-09-20 22:34:59 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2012-09-20 22:31:15 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012-09-20 22:30:37 | 000,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2012-09-20 22:28:08 | 000,093,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-09-20 22:26:50 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2012-09-20 22:26:46 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2012-09-20 21:50:21 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2012-09-20 21:45:12 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk
[2012-09-20 21:45:12 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk
[2012-09-20 21:22:04 | 000,000,796 | ---- | C] () -- C:\Documents and Settings\Pawel\Pulpit\Cabal Online.lnk
[2012-09-20 21:21:11 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\Pawel\Pulpit\NosTale.lnk
[2012-09-20 21:20:21 | 000,001,132 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-113007714-1606980848-1003UA.job
[2012-09-20 21:20:20 | 000,001,080 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-113007714-1606980848-1003Core.job
[2012-09-20 21:20:09 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012-09-20 21:19:58 | 000,143,360 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2012-09-20 21:19:58 | 000,141,016 | R--- | C] () -- C:\WINDOWS\System32\alsndmgr.wav
[2012-09-20 21:19:51 | 000,001,519 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AvRack.lnk
[2012-09-20 21:19:50 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2012-09-20 21:13:03 | 000,177,152 | ---- | C] () -- C:\WINDOWS\System32\MonkeySource.ax
[2012-09-20 21:13:02 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2012-09-20 21:13:02 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012-09-20 21:13:01 | 001,163,264 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2012-09-20 21:13:01 | 001,040,384 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2012-09-20 21:13:01 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2012-09-20 21:13:01 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2012-09-20 21:13:01 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.ax
[2012-09-20 21:13:01 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2012-09-20 21:13:01 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\vorbisfile.dll
[2012-09-20 21:13:01 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax
[2012-09-20 21:13:01 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2012-09-20 21:13:01 | 000,000,401 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml
[2012-09-20 21:12:59 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2012-09-20 21:10:39 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\DAEMON Tools Lite.lnk
[2012-09-20 21:09:18 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2012-09-20 21:09:03 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Gadu-Gadu 10.lnk
[2012-09-20 21:08:58 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk
[2012-09-20 21:05:44 | 000,001,239 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk
[2012-09-20 21:04:51 | 000,001,740 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 7.0.lnk
[2012-09-20 21:04:50 | 000,001,810 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader 7.0.lnk
[2012-09-20 21:04:50 | 000,001,757 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk
[2012-09-20 21:00:09 | 000,000,575 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AxessManager.lnk
[2012-09-20 20:54:19 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Pawel\Menu Start\Programy\Internet Explorer.lnk
[2012-09-20 20:54:11 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Pawel\Menu Start\Programy\Outlook Express.lnk
[2012-09-20 20:53:54 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Pawel\Menu Start\Programy\Pomoc zdalna.lnk
[2012-09-20 20:53:54 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\Pawel\Menu Start\Programy\Windows Media Player.lnk
[2012-09-20 20:53:52 | 804,839,424 | -HS- | C] () -- C:\hiberfil.sys
[2012-09-20 20:45:48 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2012-09-20 20:44:21 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012-09-20 20:43:10 | 000,050,105 | ---- | C] () -- C:\WINDOWS\activ.exe
[2012-09-20 20:42:57 | 000,002,596 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2012-09-20 20:42:57 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012-09-20 20:42:57 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012-09-20 20:42:57 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2012-09-20 20:42:57 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2012-09-20 20:42:49 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2012-09-20 20:42:48 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2012-09-20 20:42:47 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2012-09-20 20:41:09 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Movie Maker.lnk
[2012-09-20 20:40:37 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2012-09-20 20:40:37 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2012-09-20 20:38:45 | 000,000,643 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Messenger.lnk
[2012-09-20 20:38:43 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012-09-20 20:37:43 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Pod mikroskopem.bmp
[2012-09-20 20:37:43 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Stiuk z Santa Fe.bmp
[2012-09-20 20:37:43 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Wachlarze.bmp
[2012-09-20 20:37:43 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Nefryt.bmp
[2012-09-20 20:37:43 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp
[2012-09-20 20:37:43 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybkach.bmp
[2012-09-20 20:37:43 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Puch.bmp
[2012-09-20 20:37:43 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Indiański pled.bmp
[2012-09-20 20:37:42 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Bąbelki.bmp
[2012-09-20 20:37:42 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kawa.bmp
[2012-09-20 20:37:42 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Niebieska koronka 16.bmp
[2012-09-20 20:37:39 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2012-09-20 20:37:39 | 000,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2012-09-20 20:37:38 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2012-09-20 20:37:32 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 22:50:48 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2008-04-14 22:50:32 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 22:50:58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

Extras.txt z OTL

OTL Extras logfile created on: 2012-10-02 19:17:22 - Run 1
OTL by OldTimer - Version 3.2.70.1 Folder = C:\Documents and Settings\Pawel\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

767,49 Mb Total Physical Memory | 595,26 Mb Available Physical Memory | 77,56% Memory free
1,83 Gb Paging File | 1,71 Gb Available in Paging File | 93,39% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,44 Gb Total Space | 17,93 Gb Free Space | 73,38% Space Free | Partition Type: NTFS
Drive D: | 31,48 Gb Total Space | 0,49 Gb Free Space | 1,56% Space Free | Partition Type: NTFS

Computer Name: XXX-70D9B06889F | User Name: Pawel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Unable to open value key
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Unable to open value key
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Unable to open value key
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DoNotAllowExceptions" = 0
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
"\??\C:\WINDOWS\system32\winlogon.exe" = \??\C:\WINDOWS\system32\winlogon.exe:*:enabled:@shell32.dll,-1 -- (Microsoft Corporation)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\WINDOWS\system32\svchost.exe" = C:\WINDOWS\system32\svchost.exe:*:Enabled:Microsoft Office -- (Microsoft Corporation)
"C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Disabled:Winamp -- (Nullsoft, Inc.)
"C:\Program Files\Axesstel\AxessManager\AxessManager.exe" = C:\Program Files\Axesstel\AxessManager\AxessManager.exe:*:Enabled:AxessManager Application -- (Axesstel Inc.)
"C:\DOCUME~1\Pawel\USTAWI~1\Temp\0002bc9f.exe" = C:\DOCUME~1\Pawel\USTAWI~1\Temp\0002bc9f.exe:*:Enabled:0002bc9f -- ()
"C:\DOCUME~1\Pawel\USTAWI~1\Temp\000077c0.exe" = C:\DOCUME~1\Pawel\USTAWI~1\Temp\000077c0.exe:*:Enabled:KL -- ()
"C:\DOCUME~1\Pawel\USTAWI~1\Temp\0025af85.exe" = C:\DOCUME~1\Pawel\USTAWI~1\Temp\0025af85.exe:*:Enabled:0025af85 -- ()
"C:\WINDOWS\system32\advpack.exe" = C:\WINDOWS\system32\advpack.exe:*:Enabled:KL
"C:\WINDOWS\Debug\furw.exe" = C:\WINDOWS\Debug\furw.exe:*:Enabled:KL -- ()
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Eksplorator Windows -- (Microsoft Corporation)
"C:\WINDOWS\system32\aclui.exe" = C:\WINDOWS\system32\aclui.exe:*:Enabled:enable
"C:\Documents and Settings\Pawel\Dane aplikacji\uncof.exe" = C:\Documents and Settings\Pawel\Dane aplikacji\uncof.exe:*:Enabled:uncof.exe


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}" = PC TWIN SHOCK
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{AC76BA86-7AD7-1045-7B44-A70000000000}" = Adobe Reader 7.0 - Polish
"{B52D7A21-03E5-4C0C-82FA-FD8EB4C92149}" = AxessManager
"{E914A24F-2412-4374-B420-86D21D6D444A}" = LEGO Star Wars
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"DAEMON Tools Lite" = DAEMON Tools Lite
"Gadu-Gadu 10" = Gadu-Gadu 10
"InstallShield_{E914A24F-2412-4374-B420-86D21D6D444A}" = LEGO Star Wars
"KLiteCodecPack_is1" = K-Lite Codec Pack 2.44 Full
"Nero - Burning Rom!UninstallKey" = Nero 6 Enterprise Edition
"Opera 12.02.1578" = Opera 12.02
"Winamp" = Winamp
"WinRAR archiver" = WinRAR 4.11 (32-bitowy)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Detektor Winampa

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2012-09-29 13:08:56 | Computer Name = XXX-70D9B06889F | Source = ESENT | ID = 485
Description = wuauclt (884) Próba usunięcia pliku "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb"
zakończyła się niepomyślnie z błędem systemowym 1392 (0x00000570): "Plik lub katalog
jest uszkodzony i nieczytelny. ". Operacja usuwania pliku zostanie zakończona z
błędem -1022 (0xfffffc02).

Error - 2012-09-29 13:08:56 | Computer Name = XXX-70D9B06889F | Source = ESENT | ID = 490
Description = wuauclt (884) Próba otwarcia pliku "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb"
w trybie odczytu lub zapisu zakończyła się niepomyślnie z błędem systemowym 1392
(0x00000570): "Plik lub katalog jest uszkodzony i nieczytelny. ". Operacja otwierania
pliku zostanie zakończona z błędem -1022 (0xfffffc02).

Error - 2012-09-29 13:08:56 | Computer Name = XXX-70D9B06889F | Source = ESENT | ID = 439
Description = wuauclt (884) Nie można dokonać zapisu lustrzanego nagłówka pliku
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb. Błąd -1022.

Error - 2012-09-29 13:08:57 | Computer Name = XXX-70D9B06889F | Source = ESENT | ID = 485
Description = wuauclt (200) Próba usunięcia pliku "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb"
zakończyła się niepomyślnie z błędem systemowym 1392 (0x00000570): "Plik lub katalog
jest uszkodzony i nieczytelny. ". Operacja usuwania pliku zostanie zakończona z
błędem -1022 (0xfffffc02).

Error - 2012-09-29 13:08:57 | Computer Name = XXX-70D9B06889F | Source = ESENT | ID = 485
Description = wuauclt (200) Próba usunięcia pliku "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb"
zakończyła się niepomyślnie z błędem systemowym 1392 (0x00000570): "Plik lub katalog
jest uszkodzony i nieczytelny. ". Operacja usuwania pliku zostanie zakończona z
błędem -1022 (0xfffffc02).

Error - 2012-09-29 13:08:57 | Computer Name = XXX-70D9B06889F | Source = ESENT | ID = 485
Description = wuauclt (200) Próba usunięcia pliku "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb"
zakończyła się niepomyślnie z błędem systemowym 1392 (0x00000570): "Plik lub katalog
jest uszkodzony i nieczytelny. ". Operacja usuwania pliku zostanie zakończona z
błędem -1022 (0xfffffc02).

Error - 2012-09-29 13:08:57 | Computer Name = XXX-70D9B06889F | Source = ESENT | ID = 485
Description = wuauclt (200) Próba usunięcia pliku "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb"
zakończyła się niepomyślnie z błędem systemowym 1392 (0x00000570): "Plik lub katalog
jest uszkodzony i nieczytelny. ". Operacja usuwania pliku zostanie zakończona z
błędem -1022 (0xfffffc02).

Error - 2012-09-29 13:08:57 | Computer Name = XXX-70D9B06889F | Source = ESENT | ID = 485
Description = wuauclt (200) Próba usunięcia pliku "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb"
zakończyła się niepomyślnie z błędem systemowym 1392 (0x00000570): "Plik lub katalog
jest uszkodzony i nieczytelny. ". Operacja usuwania pliku zostanie zakończona z
błędem -1022 (0xfffffc02).

Error - 2012-09-29 13:08:58 | Computer Name = XXX-70D9B06889F | Source = ESENT | ID = 485
Description = wuauclt (200) Próba usunięcia pliku "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb"
zakończyła się niepomyślnie z błędem systemowym 1392 (0x00000570): "Plik lub katalog
jest uszkodzony i nieczytelny. ". Operacja usuwania pliku zostanie zakończona z
błędem -1022 (0xfffffc02).

Error - 2012-09-29 13:08:58 | Computer Name = XXX-70D9B06889F | Source = ESENT | ID = 485
Description = wuauclt (200) Próba usunięcia pliku "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb"
zakończyła się niepomyślnie z błędem systemowym 1392 (0x00000570): "Plik lub katalog
jest uszkodzony i nieczytelny. ". Operacja usuwania pliku zostanie zakończona z
błędem -1022 (0xfffffc02).

[ System Events ]
Error - 2012-09-30 15:08:04 | Computer Name = XXX-70D9B06889F | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk2\D wystąpił zły blok.

Error - 2012-09-30 15:08:04 | Computer Name = XXX-70D9B06889F | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk2\D wystąpił zły blok.

Error - 2012-09-30 15:08:04 | Computer Name = XXX-70D9B06889F | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk2\D wystąpił zły blok.

Error - 2012-09-30 15:08:04 | Computer Name = XXX-70D9B06889F | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk2\D wystąpił zły blok.

Error - 2012-09-30 15:08:04 | Computer Name = XXX-70D9B06889F | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk2\D wystąpił zły blok.

Error - 2012-09-30 15:08:04 | Computer Name = XXX-70D9B06889F | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk2\D wystąpił zły blok.

Error - 2012-09-30 15:08:04 | Computer Name = XXX-70D9B06889F | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk2\D wystąpił zły blok.

Error - 2012-09-30 15:08:04 | Computer Name = XXX-70D9B06889F | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk2\D wystąpił zły blok.

Error - 2012-09-30 15:08:04 | Computer Name = XXX-70D9B06889F | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk2\D wystąpił zły blok.

Error - 2012-09-30 15:08:04 | Computer Name = XXX-70D9B06889F | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk2\D wystąpił zły blok.


< End of report >

przepraszam za dluga odpowiedz ale niemoge juz zalacznikow dodawac brak limitu :|

Coś cały czas ściąga do Ciebie infekcję, a ja jakoś nie mogę dostrzec, co to ściąga je.
1) Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to:

:OTL
MOD - [2012-09-30 13:18:08 | 000,112,128 | ---- | M] () -- C:\WINDOWS\smtss.exe
SRV - File not found [Auto | Stopped] -- C:\Documents and Settings\Pawel\Dane aplikacji\yn1qvv.bat -- (uncof)
[2012-10-01 19:03:56 | 000,069,120 | ---- | C] (RzD4XnT3i5cVz) -- C:\WINDOWS\System32\drivers\93.exe
[2012-10-02 19:19:16 | 000,059,392 | ---- | M] ( ) -- C:\Documents and Settings\Pawel\Dane aplikacji\alitr3j.exe
[2012-10-02 19:19:00 | 000,059,392 | ---- | M] ( ) -- C:\Documents and Settings\Pawel\Dane aplikacji\napzck.exe
[2012-10-02 19:18:32 | 000,000,003 | ---- | M] () -- C:\Documents and Settings\Pawel\Dane aplikacji\ljysba.exe
[2012-10-01 19:03:56 | 000,069,120 | ---- | M] (RzD4XnT3i5cVz) -- C:\WINDOWS\System32\drivers\93.exe
[2012-10-01 19:03:34 | 000,166,910 | ---- | M] () -- C:\WINDOWS\System32\drivers\562.exe
[2012-10-01 19:03:23 | 000,073,728 | RHS- | M] () -- C:\Documents and Settings\Pawel\janed.exe
[2012-10-01 19:01:58 | 000,065,024 | ---- | M] () -- C:\Documents and Settings\Pawel\beanifkeafal.exe
[2012-10-01 19:01:58 | 000,065,024 | ---- | M] () -- C:\Documents and Settings\All Users\beanifkeafal.exe
[2012-09-30 13:18:08 | 000,112,128 | ---- | M] () -- C:\WINDOWS\smtss.exe
[2012-10-02 19:19:19 | 000,000,016 | -H-- | C] () -- C:\Documents and Settings\Pawel\Dane aplikacji\alij

:Files
netsh winsock reset /C
RECYCLER /alldrives

:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\DOCUME~1\Pawel\USTAWI~1\Temp\0002bc9f.exe"=-
"C:\DOCUME~1\Pawel\USTAWI~1\Temp\000077c0.exe"=-
"C:\DOCUME~1\Pawel\USTAWI~1\Temp\0025af85.exe"=-
"C:\WINDOWS\system32\advpack.exe"=-
"C:\WINDOWS\Debug\furw.exe"=-
"C:\WINDOWS\system32\aclui.exe"=-
"C:\Documents and Settings\Pawel\Dane aplikacji\uncof.exe"=-

:Commands
[emptytemp]

Kliknij w Wykonaj Skrypt. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.

2) Użyj >Dr.Webcureit
Link zapasowy (już ze zmienioną nazwą), jeśli oficjalna strona będzie zablokowana przez wirusa >
>http://www.mediafire.com/?d4d4crbvdfv2tat
Napisz, co wykrył.

3) Zrób nowy log z OTL.
Log wklej na http://wklejto.pl/, a w poście daj tylko link.(czyli skopiuj adres z paska adresów)

.