Wykryto wyłączony javascript

Aktualnie masz wyłączony javascript. Kilka funkcji może nie działać. Włącz ponownie javascript, aby korzystać z pełnej funkcjonalności.

Logi - Nie moge pobrać antywirusa

Rozpoczęty przez Powerjet , 21 03 2012 21:51

Temat jest zamknięty

4 odpowiedzi w tym temacie

#1 Powerjet

Początkujący

66 postów

Napisano 21 03 2012 - 21:51

Witam, ostatnio chciałem pobrać sobie Avasta. Wchodzę na stronę Avasta. Przeglądarka wyświetla komunikat, że nie znaleziono strony. Tak samo z innymi stronami typu instalki oraz innymi antywirusami. Próbowałem też pobrać innymi przeglądarkami - Opera, Mozilla, IE - nadal ten komunikat. Strona Microsoftu również nie odpala.

Znalazłem informacje, że mogę mieć komputer zarażony rootkitem, wirusem czy innym świństwem. Zainstalowałem Malwarebytes (w końcu udało się pobrać antywirusa). Znalazł mi kilka robaków, jakiegoś trojana. Usunąłem je i zrobiłem restart wedle polecenia. I nadal nic - Avasta pobrać nie można...

Oto logi z programu OTL:

OTL logfile created on: 2012-03-21 20:26:34 - Run 1
OTL by OldTimer - Version 3.2.39.1	 Folder = E:Documents and SettingsLukaszMoje dokumentyPobieranie
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1022,80 Mb Total Physical Memory | 538,89 Mb Available Physical Memory | 52,69% Memory free
3,83 Gb Paging File | 3,34 Gb Available in Paging File | 87,26% Paging File free
Paging file location(s): E:pagefile.sys 3000 3000 [binary data]

%SystemDrive% = E: | %SystemRoot% = E:WINDOWS | %ProgramFiles% = E:Program Files
Drive C: | 9,77 Gb Total Space | 3,03 Gb Free Space | 31,06% Space Free | Partition Type: NTFS
Drive D: | 32,23 Gb Total Space | 23,61 Gb Free Space | 73,27% Space Free | Partition Type: NTFS
Drive E: | 9,77 Gb Total Space | 1,58 Gb Free Space | 16,18% Space Free | Partition Type: NTFS
Drive G: | 22,76 Gb Total Space | 22,69 Gb Free Space | 99,72% Space Free | Partition Type: NTFS

Computer Name: FUCK-FF7D37493B | User Name: Lukasz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-03-21 20:26:23 | 000,594,432 | ---- | M] (OldTimer Tools) -- E:Documents and SettingsLukaszMoje dokumentyPobieranieOTL.exe
PRC - [2012-03-07 20:38:15 | 000,949,104 | ---- | M] (Opera Software) -- E:Documents and SettingsLukaszPulpitOperaopera.exe
PRC - [2012-02-24 09:18:02 | 010,441,728 | ---- | M] (Creative Team S.A.) -- E:Program FilesWapSterWapSter AQQAQQ.exe
PRC - [2012-01-13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- D:Malwarebytes' Anti-Malwarembamservice.exe
PRC - [2012-01-13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- D:Malwarebytes' Anti-Malwarembamgui.exe
PRC - [2006-03-02 13:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- E:WINDOWSexplorer.exe
PRC - [2006-01-02 16:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- E:Program FilesATI TechnologiesATI.ACECLI.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-02-24 21:54:58 | 001,186,304 | ---- | M] () -- E:Program FilesWapSterWapSter AQQSystemSharedPluginsGGNet.dll
MOD - [2012-02-16 21:14:14 | 000,972,288 | ---- | M] () -- E:Program FilesWapSterWapSter AQQSystemSharedPluginsSMS.dll
MOD - [2012-01-03 14:10:54 | 000,300,544 | ---- | M] () -- E:Program FilesCommon FilesAdobeAcrobatActiveXPDFShell.POL
MOD - [2011-11-07 18:58:31 | 008,522,400 | ---- | M] () -- E:WINDOWSsystem32MacromedFlashNPSWF32.dll
MOD - [2011-04-12 16:37:56 | 011,808,768 | ---- | M] () -- E:WINDOWSassemblyNativeImages_v2.0.50727_32System.Web4236c36d63e91b43b9b89ae22094fa58System.Web.ni.dll
MOD - [2011-04-12 16:37:00 | 000,962,560 | ---- | M] () -- E:WINDOWSassemblyNativeImages_v2.0.50727_32System.Configurationcf68ff7117f0e04f8c6a780cce4aa1cfSystem.Configuration.ni.dll
MOD - [2011-04-10 19:47:43 | 005,640,192 | ---- | M] () -- E:WINDOWSassemblyNativeImages_v2.0.50727_32System.Xml80e756c54fe9a44ca6689f52b4d69567System.Xml.ni.dll
MOD - [2011-04-10 19:47:22 | 013,107,200 | ---- | M] () -- E:WINDOWSassemblyNativeImages_v2.0.50727_32System.Windows.Forms8510cb68ca10da41aa8d842806edfb81System.Windows.Forms.ni.dll
MOD - [2011-04-10 19:46:38 | 001,626,112 | ---- | M] () -- E:WINDOWSassemblyNativeImages_v2.0.50727_32System.Drawingfef472a13f1f4d49b29fb6c4dde3fbd5System.Drawing.ni.dll
MOD - [2011-04-10 19:46:29 | 008,093,696 | ---- | M] () -- E:WINDOWSassemblyNativeImages_v2.0.50727_32System1c2ec8e6cc990d468fdbf26a8711e218System.ni.dll
MOD - [2011-04-10 19:46:00 | 011,415,552 | ---- | M] () -- E:WINDOWSassemblyNativeImages_v2.0.50727_32mscorlib718cda071fbddc4184548d0ed0d2e5a3mscorlib.ni.dll
MOD - [2011-04-10 19:45:12 | 000,368,640 | ---- | M] () -- E:WINDOWSassemblyGAC_MSILSystem.Management2.0.0.0__b03f5f7f11d50a3aSystem.Management.dll
MOD - [2011-04-10 19:45:12 | 000,299,008 | ---- | M] () -- E:WINDOWSassemblyGAC_MSILSystem.Runtime.Remoting2.0.0.0__b77a5c561934e089System.Runtime.Remoting.dll
MOD - [2010-08-25 10:41:20 | 000,304,640 | ---- | M] () -- E:Program FilesWapSterWapSter AQQSystemSharedPluginsContact.dll
MOD - [2010-03-15 10:28:22 | 000,141,824 | ---- | M] () -- E:Program FilesWinRARRarExt.dll
MOD - [2009-06-19 22:47:52 | 000,293,888 | ---- | M] () -- E:Documents and SettingsLukaszWapSterAQQ FolderProfilesPowerjetFOTOPluginsSpellChecker.dll
MOD - [2007-05-25 18:42:10 | 000,113,664 | ---- | M] () -- E:WINDOWSsystem32spoolprtprocsw32x86lxdedrpp.dll
MOD - [2005-10-19 09:17:58 | 000,073,728 | ---- | M] () -- E:Program FilesATI TechnologiesATI.ACEatiacmxx.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:WINDOWSsystem32wuauserv.dll -- (wuauserv)
SRV - File not found [Auto | Stopped] -- e:program filesmcafee.comagentmcdetect.exe -- (McDetect.exe)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%System32appmgmts.dll -- (AppMgmt)
SRV - [2012-03-16 21:32:14 | 002,016,560 | ---- | M] (Ariolic Software, Ltd. (http://www.ariolic.com)) [Auto | Stopped] -- D:Program FilesActiveSMART 2.92ASmartService.exe -- (ActiveSMART Service)
SRV - [2012-01-13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:Malwarebytes' Anti-Malwarembamservice.exe -- (MBAMService)
SRV - [2007-05-29 14:07:58 | 000,598,960 | ---- | M] ( ) [Disabled | Stopped] -- E:WINDOWSsystem32lxdecoms.exe -- (lxde_device)
SRV - [2007-05-29 14:06:43 | 000,099,248 | ---- | M] () [Disabled | Stopped] -- E:WINDOWSSystem32spoolDRIVERSW32X863lxdeserv.exe -- (lxdeCATSCustConnectService)
SRV - [2006-03-02 13:00:00 | 000,168,509 | RHS- | M] () [Auto | Stopped] -- E:WINDOWSsystem32xtfkl.dll -- (ascidkyvi)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32driversnaiavf5x.sys -- (NaiAvFilter1)
DRV - File not found [Kernel | On_Demand | Unknown] -- E:ComboFixmbr.sys -- (mbr)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Running] -- E:DOCUME~1LukaszUSTAWI~1Tempcatchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32driversALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2011-12-12 21:09:29 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- E:WINDOWSsystem32driverssptd.sys -- (sptd)
DRV - [2011-12-10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- E:WINDOWSsystem32driversmbam.sys -- (MBAMProtector)
DRV - [2010-01-05 03:31:32 | 001,714,176 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- E:WINDOWSsystem32driversathuw.sys -- (AR9271)
DRV - [2006-05-03 17:50:42 | 001,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- E:WINDOWSsystem32driversati2mtag.sys -- (ati2mtag)
DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- E:WINDOWSsystem32driversRTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2004-05-02 09:47:08 | 000,023,040 | R--- | M] () [Kernel | On_Demand | Stopped] -- E:WINDOWSSystem32driversGVCplDrv.sys -- (GVCplDrv)
DRV - [2001-09-26 23:32:38 | 000,285,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- E:WINDOWSsystem32driversati2mtaa.sys -- (ati2mtaa)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = %SystemRoot%system32blank.htm
IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://home.sweetim.com
IE - HKLM..SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM..SearchScopes{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}

IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.ask.com/?l=dis&o=15768
IE - HKCU..SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKCU..SearchScopes{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
IE - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0
IE - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - user.js - File not found

FF - HKLMSoftwareMozillaPlugins@adobe.com/FlashPlayer: E:WINDOWSsystem32MacromedFlashNPSWF32.dll ()
FF - HKLMSoftwareMozillaPlugins@adobe.com/ShockwavePlayer: E:WINDOWSsystem32AdobeDirectornp32dsw.dll (Adobe Systems, Inc.)
FF - HKLMSoftwareMozillaPlugins@ganymede/GanymedeNetPlugin,version=1.0: E:Program FilesGanymedePluginsnpganymedenet.dll File not found
FF - HKLMSoftwareMozillaPlugins@java.com/JavaPlugin: E:Program FilesJavajre6binnew_pluginnpjp2.dll (Sun Microsystems, Inc.)
FF - HKLMSoftwareMozillaPluginsAdobe Reader: E:Program FilesAdobeReader 10.0ReaderAIRnppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 11.0extensionsComponents: E:Program FilesMozilla Firefoxcomponents [2012-03-19 10:17:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 11.0extensionsPlugins: E:Program FilesMozilla Firefoxplugins

[2012-03-19 10:18:07 | 000,000,000 | ---D | M] (No name found) -- E:Documents and SettingsLukaszDane aplikacjiMozillaExtensions
[2012-03-19 10:17:03 | 000,000,000 | ---D | M] (No name found) -- E:Program FilesMozilla Firefoxextensions
[2012-03-13 05:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- E:Program Filesmozilla firefoxcomponentsbrowsercomps.dll
[2012-03-13 06:36:36 | 000,002,767 | ---- | M] () -- E:Program Filesmozilla firefoxsearchpluginsallegro-pl.xml
[2012-03-13 06:36:36 | 000,001,406 | ---- | M] () -- E:Program Filesmozilla firefoxsearchpluginsfbc-pl.xml
[2012-03-13 06:36:36 | 000,000,917 | ---- | M] () -- E:Program Filesmozilla firefoxsearchpluginsmerlin-pl.xml
[2012-03-13 06:36:36 | 000,000,858 | ---- | M] () -- E:Program Filesmozilla firefoxsearchpluginspwn-pl.xml
[2012-03-13 06:36:36 | 000,001,183 | ---- | M] () -- E:Program Filesmozilla firefoxsearchpluginswikipedia-pl.xml
[2012-03-13 06:36:36 | 000,001,683 | ---- | M] () -- E:Program Filesmozilla firefoxsearchpluginswp-pl.xml

[color=#E56717]========== Chrome  ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}

O1 HOSTS File: ([2012-03-21 20:15:18 | 000,000,027 | ---- | M]) - E:WINDOWSsystem32driversetchosts
O1 - Hosts: 127.0.0.1	   localhost
O3 - HKLM..Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
O4 - HKLM..Run: [ATICCC] E:Program FilesATI TechnologiesATI.ACEcli.exe (ATI Technologies Inc.)
O4 - HKLM..Run: [Malwarebytes' Anti-Malware] D:Malwarebytes' Anti-Malwarembamgui.exe (Malwarebytes Corporation)
O4 - Startup: E:Documents and SettingsLukaszMenu StartProgramyAutostartHDDlife.lnk =  File not found
O6 - HKLMSoftwarePoliciesMicrosoftInternet ExplorerLow Rights present
O6 - HKLMSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveAutoRun = 67108863
O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 323
O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0
O7 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 323
O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveAutoRun = 67108863
O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{FEF668CD-7ECD-4124-99F3-DE7AC3D9480B}: DhcpNameServer = 192.168.1.1 0.0.0.0
O20 - HKLM Winlogon: Shell - (Explorer.exe) - E:WINDOWSexplorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (E:WINDOWSsystem32userinit.exe) - E:WINDOWSsystem32userinit.exe (Microsoft Corporation)
O20 - WinlogonNotifyAtiExtEvent: DllName - (Ati2evxx.dll) - E:WINDOWSSystem32ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: E:Documents and SettingsLukaszUstawienia lokalneDane aplikacjiMicrosoftWallpaper1.bmp
O24 - Desktop BackupWallPaper: E:Documents and SettingsLukaszUstawienia lokalneDane aplikacjiMicrosoftWallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-03-28 13:01:25 | 000,000,000 | ---- | M] () - C:AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM..comfile [open] -- "%1" %*
O35 - HKLM..exefile [open] -- "%1" %*
O37 - HKLM...com [@ = ComFile] -- "%1" %*
O37 - HKLM...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-03-21 20:23:12 | 000,000,000 | -HSD | C] -- E:RECYCLER
[2012-03-21 20:17:04 | 000,000,000 | ---D | C] -- E:WINDOWStemp
[2012-03-21 20:04:20 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszMoje dokumentyPobieranie
[2012-03-21 11:20:14 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszDane aplikacjiMalwarebytes
[2012-03-21 11:20:10 | 000,000,000 | ---D | C] -- E:Documents and SettingsAll UsersMenu StartProgramyMalwarebytes' Anti-Malware
[2012-03-21 11:20:10 | 000,000,000 | ---D | C] -- E:Documents and SettingsAll UsersDane aplikacjiMalwarebytes
[2012-03-21 11:20:09 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- E:WINDOWSSystem32driversmbam.sys
[2012-03-21 11:18:33 | 009,502,424 | ---- | C] (Malwarebytes Corporation									) -- E:Documents and SettingsLukaszMoje dokumentymbam-setup-1.60.1.1000.exe
[2012-03-21 11:08:49 | 000,000,000 | ---D | C] -- E:Program FilesMcAfee.com
[2012-03-20 23:10:31 | 000,000,000 | RH-D | C] -- E:Documents and SettingsLukaszRecent
[2012-03-20 22:51:50 | 000,288,320 | R--- | C] (McAfee, Inc) -- E:WINDOWSSystem32mcgdmgr.dll
[2012-03-20 22:51:49 | 000,349,760 | R--- | C] (McAfee, Inc) -- E:WINDOWSSystem32mcinsctl.dll
[2012-03-20 22:45:49 | 000,000,000 | ---D | C] -- E:Documents and SettingsAll UsersDane aplikacjiMcAfee.com
[2012-03-20 22:06:30 | 000,000,000 | ---D | C] -- E:WINDOWSERUNT
[2012-03-20 12:44:15 | 000,000,000 | ---D | C] -- E:Documents and SettingsLocalServiceUstawienia lokalneDane aplikacjiOpera
[2012-03-20 12:44:15 | 000,000,000 | ---D | C] -- E:Documents and SettingsLocalServiceDane aplikacjiOpera
[2012-03-20 12:44:10 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszMenu StartProgramyActiveSMART 2.92
[2012-03-20 12:43:58 | 000,000,000 | -H-D | C] -- E:Documents and SettingsAll UsersDane aplikacjiActiveSMART
[2012-03-20 12:29:10 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszDane aplikacjiBinarySense
[2012-03-19 20:37:08 | 000,000,000 | ---D | C] -- E:Program FilesCCleaner
[2012-03-19 10:17:46 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszUstawienia lokalneDane aplikacjiMozilla
[2012-03-19 10:17:46 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszDane aplikacjiMozilla
[2012-03-19 10:16:53 | 000,000,000 | ---D | C] -- E:Program FilesMozilla Firefox
[2012-03-16 21:46:47 | 000,000,000 | ---D | C] -- E:Documents and SettingsAll UsersDane aplikacjiFirefly Studios
[2012-03-16 21:46:12 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszMoje dokumentyCivCity Rome
[2012-03-16 21:46:11 | 000,000,000 | ---D | C] -- E:Documents and SettingsAll UsersDane aplikacjiTrymedia
[2012-03-16 21:31:47 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- E:WINDOWSSystem32CmdLineExt.dll
[2012-03-16 21:23:41 | 000,000,000 | ---D | C] -- E:Documents and SettingsAll UsersMenu StartProgramyFirefly Studios
[2012-03-16 20:24:39 | 001,429,256 | ---- | C] (CPUID) -- E:Documents and SettingsLukaszPulpitHWMonitor.exe
[2012-03-16 16:01:49 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszUstawienia lokalneDane aplikacjiStardock
[2012-03-16 16:01:40 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszMenu StartProgramyThoosje Sidebar V2.3
[2012-03-12 16:00:40 | 000,000,000 | ---D | C] -- E:Documents and SettingsAll UsersMenu StartProgramyKolekcja Klasyki
[2012-03-09 14:39:25 | 000,000,000 | ---D | C] -- E:Documents and SettingsAll UsersMenu StartProgramyCodemasters
[2012-03-09 14:38:30 | 000,000,000 | ---D | C] -- E:Program FilesCodemasters
[2012-03-06 17:20:29 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszMoje dokumentyMy Games
[2012-03-06 17:18:44 | 000,000,000 | ---D | C] -- E:Documents and SettingsAll UsersMenu StartProgramyTechland
[2012-03-06 17:10:15 | 000,000,000 | ---D | C] -- E:Program FilesSymulator Farmy 2011
[2012-03-05 15:53:45 | 001,897,408 | ---- | C] (NVIDIA Corporation) -- E:WINDOWSSystem32dllcachenv4_mini.sys
[2012-03-05 15:53:42 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- E:WINDOWSSystem32nv4_disp.dll
[2012-03-05 15:53:42 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- E:WINDOWSSystem32dllcachenv4_disp.dll
[2012-03-04 19:38:35 | 000,000,000 | ---D | C] -- E:Documents and SettingsAll UsersMenu StartProgramyStellarium
[2012-03-04 12:07:42 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszPulpitAllegro aukcje
[2012-03-04 11:57:07 | 000,275,200 | ---- | C] (Microsoft Corporation) -- E:WINDOWSSystem32dllcachebthport.sys
[2012-03-04 11:57:02 | 000,018,944 | ---- | C] (Microsoft Corporation) -- E:WINDOWSSystem32dllcachebthusb.sys
[2012-03-03 21:14:32 | 000,000,000 | ---D | C] -- E:Documents and SettingsAll UsersMenu StartProgramyCatalyst Control Center
[2012-03-03 20:45:17 | 000,000,000 | ---D | C] -- E:Program FilesATI Technologies
[2012-03-03 18:56:59 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszMoje dokumentygegl-0.0
[2012-03-03 18:26:03 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszMoje dokumentyGTA San Andreas User Files
[2012-03-03 13:28:20 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszUstawienia lokalneDane aplikacjiHelp
[2012-03-03 13:28:20 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszDane aplikacjiHelp
[2012-03-03 13:24:02 | 000,036,864 | R--- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atrpuixx.cht
[2012-03-03 13:24:02 | 000,036,864 | R--- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atrpuixx.chs
[2012-03-03 13:24:02 | 000,016,384 | R--- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atriprxx.cht
[2012-03-03 13:24:02 | 000,016,384 | R--- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atriprxx.chs
[2012-03-03 13:24:02 | 000,016,384 | R--- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atridtxx.cht
[2012-03-03 13:24:02 | 000,016,384 | R--- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atridtxx.chs
[2012-03-03 13:22:43 | 000,053,248 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atrpuixx.ptb
[2012-03-03 13:22:43 | 000,053,248 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atrpuixx.nld
[2012-03-03 13:22:43 | 000,053,248 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atrpuixx.ita
[2012-03-03 13:22:43 | 000,053,248 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atrpuixx.fra
[2012-03-03 13:22:43 | 000,053,248 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atrpuixx.esp
[2012-03-03 13:22:43 | 000,053,248 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atrpuixx.deu
[2012-03-03 13:22:43 | 000,049,152 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atrpuixx.sve
[2012-03-03 13:22:43 | 000,049,152 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atrpuixx.enu
[2012-03-03 13:22:43 | 000,040,960 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atrpuixx.kor
[2012-03-03 13:22:43 | 000,040,960 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atrpuixx.jpn
[2012-03-03 13:22:43 | 000,020,480 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atriprxx.sve
[2012-03-03 13:22:43 | 000,020,480 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atriprxx.ptb
[2012-03-03 13:22:43 | 000,020,480 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atriprxx.nld
[2012-03-03 13:22:43 | 000,020,480 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atriprxx.ita
[2012-03-03 13:22:43 | 000,020,480 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atriprxx.fra
[2012-03-03 13:22:43 | 000,020,480 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atriprxx.esp
[2012-03-03 13:22:43 | 000,020,480 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atriprxx.enu
[2012-03-03 13:22:43 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atriprxx.kor
[2012-03-03 13:22:43 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atriprxx.jpn
[2012-03-03 13:22:42 | 000,061,440 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atricdxx.enu
[2012-03-03 13:22:42 | 000,020,480 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atriprxx.deu
[2012-03-03 13:22:42 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atridtxx.sve
[2012-03-03 13:22:42 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atridtxx.ptb
[2012-03-03 13:22:42 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atridtxx.nld
[2012-03-03 13:22:42 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atridtxx.kor
[2012-03-03 13:22:42 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atridtxx.jpn
[2012-03-03 13:22:42 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atridtxx.ita
[2012-03-03 13:22:42 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atridtxx.fra
[2012-03-03 13:22:42 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atridtxx.esp
[2012-03-03 13:22:42 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32Atridtxx.enu
[2012-03-03 13:22:42 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atridtxx.deu
[2012-03-03 13:22:40 | 001,527,904 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atioglaa.dll
[2012-03-03 13:22:40 | 000,921,600 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atipuixx.dll
[2012-03-03 13:22:40 | 000,307,200 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atiiiexx.dll
[2012-03-03 13:22:40 | 000,245,760 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atiptaxx.exe
[2012-03-03 13:22:40 | 000,163,840 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atipdsxx.dll
[2012-03-03 13:22:40 | 000,098,304 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atiiprxx.exe
[2012-03-03 13:22:40 | 000,081,920 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atippaxx.dll
[2012-03-03 13:22:40 | 000,049,152 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atiphexx.exe
[2012-03-03 13:22:39 | 000,327,748 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atiicdxx.dll
[2012-03-03 13:22:39 | 000,297,120 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32dllcacheati2dvaa.dll
[2012-03-03 13:22:39 | 000,297,120 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32ati2dvaa.dll
[2012-03-03 13:22:39 | 000,285,088 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32driversati2mtaa.sys
[2012-03-03 13:22:39 | 000,285,088 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32dllcacheati2mtaa.sys
[2012-03-03 13:22:39 | 000,102,400 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32Atiidtxx.dll
[2012-03-03 13:22:39 | 000,045,056 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atiicpxx.dll
[2012-03-03 13:22:39 | 000,004,608 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atiicdxx.sys
[1 E:WINDOWSSystem32*.tmp files -> E:WINDOWSSystem32*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-03-21 20:15:18 | 000,000,027 | ---- | M] () -- E:WINDOWSSystem32driversetchosts
[2012-03-21 19:41:15 | 000,002,048 | --S- | M] () -- E:WINDOWSbootstat.dat
[2012-03-21 19:41:11 | 1072,549,888 | -HS- | M] () -- E:hiberfil.sys
[2012-03-21 11:20:10 | 000,000,534 | ---- | M] () -- E:Documents and SettingsAll UsersPulpitMalwarebytes Anti-Malware.lnk
[2012-03-21 11:19:46 | 009,502,424 | ---- | M] (Malwarebytes Corporation									) -- E:Documents and SettingsLukaszMoje dokumentymbam-setup-1.60.1.1000.exe
[2012-03-21 09:25:15 | 000,001,374 | ---- | M] () -- E:WINDOWSSystem32wpa.dbl
[2012-03-20 23:10:55 | 000,048,468 | ---- | M] () -- E:Documents and SettingsLukaszMoje dokumentycc_20120320_231051.reg
[2012-03-20 22:52:11 | 000,000,000 | ---- | M] () -- E:WINDOWScleanup.ini
[2012-03-20 22:44:41 | 000,061,272 | ---- | M] () -- E:Documents and SettingsLukasz.recently-used.xbel
[2012-03-20 22:22:15 | 000,003,782 | ---- | M] () -- E:Documents and SettingsLukaszMoje dokumentycc_20120320_222207.reg
[2012-03-20 14:18:59 | 001,427,880 | ---- | M] () -- E:WINDOWSSystem32FNTCACHE.DAT
[2012-03-20 12:44:10 | 000,000,627 | ---- | M] () -- E:Documents and SettingsLukaszPulpitActiveSMART.lnk
[2012-03-20 12:30:08 | 000,000,377 | ---- | M] () -- E:Documents and SettingsLukaszMenu StartProgramyAutostartHDDlife.lnk
[2012-03-19 21:50:51 | 000,000,541 | ---- | M] () -- E:Documents and SettingsLukaszPulpitWorms 4.lnk
[2012-03-19 20:37:10 | 000,000,682 | ---- | M] () -- E:Documents and SettingsAll UsersPulpitCCleaner.lnk
[2012-03-19 10:17:06 | 000,000,724 | ---- | M] () -- E:Documents and SettingsAll UsersPulpitMozilla Firefox.lnk
[2012-03-16 21:31:47 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- E:WINDOWSSystem32CmdLineExt.dll
[2012-03-16 21:23:50 | 000,000,860 | ---- | M] () -- E:Documents and SettingsAll UsersPulpitCivCity Rome.lnk
[2012-03-12 16:00:42 | 000,000,563 | ---- | M] () -- E:Documents and SettingsLukaszPulpitFar Cry.lnk
[2012-03-09 14:51:53 | 000,316,640 | ---- | M] () -- E:WINDOWSWMSysPr9.prx
[2012-03-06 17:18:45 | 000,000,868 | ---- | M] () -- E:Documents and SettingsLukaszPulpitSymulator Farmy 2011 .lnk
[2012-03-06 16:39:46 | 000,009,216 | ---- | M] () -- E:Documents and SettingsLukaszUstawienia lokalneDane aplikacjiDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-03-05 20:42:08 | 000,010,842 | -H-- | M] () -- E:WINDOWSSystem32ATMenuxx.GID
[2012-03-05 18:28:56 | 000,000,010 | ---- | M] () -- E:WINDOWSwininit.ini
[2012-03-04 19:38:35 | 000,000,544 | ---- | M] () -- E:Documents and SettingsAll UsersPulpitStellarium.lnk
[2012-03-03 21:21:08 | 000,000,566 | ---- | M] () -- E:Documents and SettingsLukaszPulpitGTA San Andreas.lnk
[2012-03-03 21:17:31 | 000,000,022 | ---- | M] () -- E:WINDOWSSystem32ati64hl2.stb
[2012-03-03 21:14:33 | 000,001,893 | ---- | M] () -- E:Documents and SettingsAll UsersPulpitCatalyst Control Center.lnk
[2012-03-03 13:28:39 | 000,000,022 | ---- | M] () -- E:WINDOWSSystem32ati64hlp.stb
[2012-03-03 13:22:59 | 000,004,998 | ---- | M] () -- E:Documents and SettingsAll UsersDane aplikacjimtbjfghn.xbe
[2012-03-03 13:13:26 | 000,448,004 | ---- | M] () -- E:WINDOWSSystem32perfh015.dat
[2012-03-03 13:13:26 | 000,392,296 | ---- | M] () -- E:WINDOWSSystem32perfh009.dat
[2012-03-03 13:13:26 | 000,074,230 | ---- | M] () -- E:WINDOWSSystem32perfc015.dat
[2012-03-03 13:13:26 | 000,058,596 | ---- | M] () -- E:WINDOWSSystem32perfc009.dat
[1 E:WINDOWSSystem32*.tmp files -> E:WINDOWSSystem32*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-03-21 11:20:10 | 000,000,534 | ---- | C] () -- E:Documents and SettingsAll UsersPulpitMalwarebytes Anti-Malware.lnk
[2012-03-20 23:10:53 | 000,048,468 | ---- | C] () -- E:Documents and SettingsLukaszMoje dokumentycc_20120320_231051.reg
[2012-03-20 22:52:11 | 000,000,000 | ---- | C] () -- E:WINDOWScleanup.ini
[2012-03-20 22:44:41 | 000,061,272 | ---- | C] () -- E:Documents and SettingsLukasz.recently-used.xbel
[2012-03-20 22:22:09 | 000,003,782 | ---- | C] () -- E:Documents and SettingsLukaszMoje dokumentycc_20120320_222207.reg
[2012-03-20 22:12:52 | 1072,549,888 | -HS- | C] () -- E:hiberfil.sys
[2012-03-20 12:44:10 | 000,000,627 | ---- | C] () -- E:Documents and SettingsLukaszPulpitActiveSMART.lnk
[2012-03-20 12:29:12 | 000,000,377 | ---- | C] () -- E:Documents and SettingsLukaszMenu StartProgramyAutostartHDDlife.lnk
[2012-03-19 20:37:10 | 000,000,682 | ---- | C] () -- E:Documents and SettingsAll UsersPulpitCCleaner.lnk
[2012-03-19 10:17:06 | 000,000,730 | ---- | C] () -- E:Documents and SettingsAll UsersMenu StartProgramyMozilla Firefox.lnk
[2012-03-19 10:17:06 | 000,000,724 | ---- | C] () -- E:Documents and SettingsAll UsersPulpitMozilla Firefox.lnk
[2012-03-16 21:23:50 | 000,000,860 | ---- | C] () -- E:Documents and SettingsAll UsersPulpitCivCity Rome.lnk
[2012-03-12 16:00:42 | 000,000,563 | ---- | C] () -- E:Documents and SettingsLukaszPulpitFar Cry.lnk
[2012-03-09 15:16:23 | 000,000,541 | ---- | C] () -- E:Documents and SettingsLukaszPulpitWorms 4.lnk
[2012-03-06 17:18:45 | 000,000,868 | ---- | C] () -- E:Documents and SettingsLukaszPulpitSymulator Farmy 2011 .lnk
[2012-03-04 19:38:35 | 000,000,544 | ---- | C] () -- E:Documents and SettingsAll UsersPulpitStellarium.lnk
[2012-03-03 22:05:32 | 000,000,545 | ---- | C] () -- E:WINDOWSUC.PIF
[2012-03-03 22:05:32 | 000,000,545 | ---- | C] () -- E:WINDOWSRAR.PIF
[2012-03-03 22:05:32 | 000,000,545 | ---- | C] () -- E:WINDOWSPKZIP.PIF
[2012-03-03 22:05:32 | 000,000,545 | ---- | C] () -- E:WINDOWSPKUNZIP.PIF
[2012-03-03 22:05:32 | 000,000,545 | ---- | C] () -- E:WINDOWSNOCLOSE.PIF
[2012-03-03 22:05:32 | 000,000,545 | ---- | C] () -- E:WINDOWSLHA.PIF
[2012-03-03 22:05:32 | 000,000,545 | ---- | C] () -- E:WINDOWSARJ.PIF
[2012-03-03 21:21:08 | 000,000,566 | ---- | C] () -- E:Documents and SettingsLukaszPulpitGTA San Andreas.lnk
[2012-03-03 21:17:31 | 000,000,022 | ---- | C] () -- E:WINDOWSSystem32ati64hl2.stb
[2012-03-03 21:14:33 | 000,001,893 | ---- | C] () -- E:Documents and SettingsAll UsersPulpitCatalyst Control Center.lnk
[2012-03-03 13:28:39 | 000,000,022 | ---- | C] () -- E:WINDOWSSystem32ati64hlp.stb
[2012-03-03 13:28:20 | 000,010,842 | -H-- | C] () -- E:WINDOWSSystem32ATMenuxx.GID
[2012-03-03 13:22:59 | 000,004,998 | ---- | C] () -- E:Documents and SettingsAll UsersDane aplikacjimtbjfghn.xbe
[2012-03-03 13:22:44 | 000,136,384 | ---- | C] () -- E:WINDOWSSystem32attkorxx.hlx
[2012-03-03 13:22:44 | 000,117,601 | ---- | C] () -- E:WINDOWSSystem32attjpnxx.hlx
[2012-03-03 13:22:44 | 000,045,319 | ---- | C] () -- E:WINDOWSSystem32attsvexx.hlx
[2012-03-03 13:22:44 | 000,044,715 | ---- | C] () -- E:WINDOWSSystem32attdeuxx.hlx
[2012-03-03 13:22:44 | 000,044,691 | ---- | C] () -- E:WINDOWSSystem32attfraxx.hlx
[2012-03-03 13:22:44 | 000,044,569 | ---- | C] () -- E:WINDOWSSystem32attnldxx.hlx
[2012-03-03 13:22:44 | 000,043,780 | ---- | C] () -- E:WINDOWSSystem32attitaxx.hlx
[2012-03-03 13:22:44 | 000,043,318 | ---- | C] () -- E:WINDOWSSystem32attchtxx.hlx
[2012-03-03 13:22:44 | 000,043,006 | ---- | C] () -- E:WINDOWSSystem32attespxx.hlx
[2012-03-03 13:22:44 | 000,042,954 | ---- | C] () -- E:WINDOWSSystem32attchsxx.hlx
[2012-03-03 13:22:44 | 000,042,757 | ---- | C] () -- E:WINDOWSSystem32attptbxx.hlx
[2012-03-03 13:22:44 | 000,040,946 | ---- | C] () -- E:WINDOWSSystem32Attenuxx.hlx
[2012-03-03 13:22:42 | 000,094,405 | ---- | C] () -- E:WINDOWSSystem32atmptbxx.hlx
[2012-03-03 13:22:42 | 000,083,958 | ---- | C] () -- E:WINDOWSSystem32atmsvexx.hlx
[2012-03-03 13:22:41 | 000,334,614 | ---- | C] () -- E:WINDOWSSystem32atmkorxx.hlx
[2012-03-03 13:22:41 | 000,297,813 | ---- | C] () -- E:WINDOWSSystem32atmjpnxx.hlx
[2012-03-03 13:22:41 | 000,099,534 | ---- | C] () -- E:WINDOWSSystem32atmdeuxx.hlx
[2012-03-03 13:22:41 | 000,099,306 | ---- | C] () -- E:WINDOWSSystem32atmfraxx.hlx
[2012-03-03 13:22:41 | 000,099,054 | ---- | C] () -- E:WINDOWSSystem32atmchtxx.hlx
[2012-03-03 13:22:41 | 000,098,721 | ---- | C] () -- E:WINDOWSSystem32atmitaxx.hlx
[2012-03-03 13:22:41 | 000,095,612 | ---- | C] () -- E:WINDOWSSystem32atmchsxx.hlx
[2012-03-03 13:22:41 | 000,094,578 | ---- | C] () -- E:WINDOWSSystem32atmespxx.hlx
[2012-03-03 13:22:41 | 000,093,722 | ---- | C] () -- E:WINDOWSSystem32Atmenuxx.hlx
[2012-03-03 13:22:41 | 000,082,715 | ---- | C] () -- E:WINDOWSSystem32atmnldxx.hlx
[2012-03-03 13:22:39 | 000,036,506 | ---- | C] () -- E:WINDOWSSystem32atfkorxx.hlx
[2012-03-03 13:22:39 | 000,032,994 | ---- | C] () -- E:WINDOWSSystem32atfjpnxx.hlx
[2012-03-03 13:22:39 | 000,018,602 | ---- | C] () -- E:WINDOWSSystem32atfchtxx.hlx
[2012-03-03 13:22:39 | 000,018,594 | ---- | C] () -- E:WINDOWSSystem32atfdeuxx.hlx
[2012-03-03 13:22:39 | 000,018,322 | ---- | C] () -- E:WINDOWSSystem32atffraxx.hlx
[2012-03-03 13:22:39 | 000,018,087 | ---- | C] () -- E:WINDOWSSystem32atfchsxx.hlx
[2012-03-03 13:22:39 | 000,018,039 | ---- | C] () -- E:WINDOWSSystem32atfitaxx.hlx
[2012-03-03 13:22:39 | 000,017,764 | ---- | C] () -- E:WINDOWSSystem32atfptbxx.hlx
[2012-03-03 13:22:39 | 000,017,691 | ---- | C] () -- E:WINDOWSSystem32atfespxx.hlx
[2012-03-03 13:22:39 | 000,017,363 | ---- | C] () -- E:WINDOWSSystem32Atfenuxx.hlx
[2012-03-03 13:22:39 | 000,014,834 | ---- | C] () -- E:WINDOWSSystem32atfnldxx.hlx
[2012-03-03 13:22:39 | 000,014,604 | ---- | C] () -- E:WINDOWSSystem32atfsvexx.hlx
[2012-03-03 13:22:39 | 000,007,849 | ---- | C] () -- E:WINDOWSSystem32atiicdxx.vxd
[2011-11-07 21:14:07 | 000,000,092 | ---- | C] () -- E:WINDOWSCMISETUP.INI
[2011-11-07 21:14:05 | 000,000,026 | ---- | C] () -- E:WINDOWSCMCDPLAY.INI
[2011-11-07 21:13:55 | 000,266,240 | ---- | C] () -- E:WINDOWSCMIUninstall.exe
[2011-11-07 21:13:55 | 000,225,280 | ---- | C] () -- E:WINDOWSCmiRmRedundDir.exe
[2011-11-07 21:13:55 | 000,028,672 | ---- | C] () -- E:WINDOWSCMIRmDriver.dll
[2011-11-07 20:51:00 | 000,256,000 | ---- | C] () -- E:WINDOWSPEV.exe
[2011-11-07 20:51:00 | 000,208,896 | ---- | C] () -- E:WINDOWSMBR.exe
[2011-11-07 20:51:00 | 000,098,816 | ---- | C] () -- E:WINDOWSsed.exe
[2011-11-07 20:51:00 | 000,080,412 | ---- | C] () -- E:WINDOWSgrep.exe
[2011-11-07 20:51:00 | 000,068,096 | ---- | C] () -- E:WINDOWSzip.exe
[2011-10-31 19:58:09 | 000,000,056 | -H-- | C] () -- E:WINDOWSSystem32ezsidmv.dat
[2011-07-06 19:28:58 | 000,009,216 | ---- | C] () -- E:Documents and SettingsLukaszUstawienia lokalneDane aplikacjiDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-05-22 16:08:52 | 000,000,050 | ---- | C] () -- E:WINDOWSLascaux.ini
[2011-04-25 17:37:45 | 000,023,040 | R--- | C] () -- E:WINDOWSSystem32driversGVCplDrv.sys
[2011-04-10 19:53:01 | 000,012,288 | ---- | C] () -- E:WINDOWSSystem32LXF3PMRC.DLL
[2011-04-10 19:42:22 | 000,000,060 | -H-- | C] () -- E:WINDOWSSystem32lxderwrd.ini
[2011-04-10 19:42:17 | 000,348,160 | ---- | C] () -- E:WINDOWSSystem32lxdeinst.dll
[2011-04-10 19:42:16 | 000,434,176 | ---- | C] ( ) -- E:WINDOWSSystem32lxdehcp.dll
[2011-04-10 19:40:57 | 000,348,160 | R--- | C] () -- E:WINDOWSSystem32lxdecoin.dll
[2011-04-10 12:43:47 | 000,233,472 | ---- | C] () -- E:WINDOWSSystem32cmirmdrv.exe
[2011-04-10 12:43:47 | 000,028,672 | ---- | C] () -- E:WINDOWSSystem32cmirmdrv.dll
[2011-04-10 09:47:13 | 000,002,608 | ---- | C] () -- E:WINDOWSAscd_tmp.ini
[2011-04-10 09:47:12 | 000,005,824 | ---- | C] () -- E:WINDOWSSystem32driversASUSHWIO.SYS
[2011-04-10 09:20:24 | 000,000,028 | ---- | C] () -- E:WINDOWSODBC.INI
[2011-04-09 19:12:46 | 000,004,293 | ---- | C] () -- E:WINDOWSODBCINST.INI
[2011-04-09 19:11:14 | 001,427,880 | ---- | C] () -- E:WINDOWSSystem32FNTCACHE.DAT
[2011-04-09 19:01:55 | 000,000,010 | ---- | C] () -- E:WINDOWSwininit.ini
[2011-04-09 18:55:48 | 000,002,048 | --S- | C] () -- E:WINDOWSbootstat.dat
[2011-04-09 18:49:32 | 000,021,856 | ---- | C] () -- E:WINDOWSSystem32emptyregdb.dat
< End of report >

OTL Extras logfile created on: 2012-03-21 20:26:34 - Run 1
OTL by OldTimer - Version 3.2.39.1	 Folder = E:Documents and SettingsLukaszMoje dokumentyPobieranie
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1022,80 Mb Total Physical Memory | 538,89 Mb Available Physical Memory | 52,69% Memory free
3,83 Gb Paging File | 3,34 Gb Available in Paging File | 87,26% Paging File free
Paging file location(s): E:pagefile.sys 3000 3000 [binary data]

%SystemDrive% = E: | %SystemRoot% = E:WINDOWS | %ProgramFiles% = E:Program Files
Drive C: | 9,77 Gb Total Space | 3,03 Gb Free Space | 31,06% Space Free | Partition Type: NTFS
Drive D: | 32,23 Gb Total Space | 23,61 Gb Free Space | 73,27% Space Free | Partition Type: NTFS
Drive E: | 9,77 Gb Total Space | 1,58 Gb Free Space | 16,18% Space Free | Partition Type: NTFS
Drive G: | 22,76 Gb Total Space | 22,69 Gb Free Space | 99,72% Space Free | Partition Type: NTFS

Computer Name: FUCK-FF7D37493B | User Name: Lukasz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINESOFTWAREClasses<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- E:Documents and SettingsLukaszPulpitOperaOpera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_CURRENT_USERSOFTWAREClasses<extension>]
.html [@ = Opera.HTML] -- E:Documents and SettingsLukaszPulpitOperaOpera.exe (Opera Software)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINESOFTWAREClasses<key>shell[command]command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "E:Documents and SettingsLukaszPulpitOperaOpera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%system32rundll32.exe %SystemRoot%system32shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation)
Directory [Przeglądaj w XnView] -- "C:Program FilesXnViewxnview.exe" "%1" (XnView, http://www.xnview.com)
Folder [open] -- %SystemRoot%Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringAhnlabAntiVirus]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringKasperskyAntiVirus]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringMcAfeeAntiVirus]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringMcAfeeFirewall]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringPandaAntiVirus]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringPandaFirewall]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSophosAntiVirus]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSymantecAntiVirus]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSymantecFirewall]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTinyFirewall]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTrendAntiVirus]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTrendFirewall]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionSystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSr]
"Start" = 0

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsFirewall]

[HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsFirewallDomainProfile]

[HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsFirewallStandardProfile]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfile]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileGloballyOpenPortsList]
"7933:TCP" = 7933:TCP:*:Enabled:azvgye
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplicationsList]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList]
"E:Documents and SettingsLukaszPulpitOperaopera.exe" = E:Documents and SettingsLukaszPulpitOperaopera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"E:WINDOWSsystem32lxdecoms.exe" = E:WINDOWSsystem32lxdecoms.exe:*:Enabled:Lexmark Communications System -- ( )
"E:Program FilesLexmark 4800 Serieslxdeamon.exe" = E:Program FilesLexmark 4800 Serieslxdeamon.exe:*:Enabled:Lexmark Device Monitor -- ()
"E:Program FilesLexmark 4800 Seriesfrun.exe" = E:Program FilesLexmark 4800 Seriesfrun.exe:*:Enabled:Lexmark Productivity Studio -- ()
"E:Program FilesLexmark 4800 Serieslxdemon.exe" = E:Program FilesLexmark 4800 Serieslxdemon.exe:*:Enabled:Printer Device Monitor -- ()
"E:WINDOWSsystem32spooldriversw32x863lxdepswx.exe" = E:WINDOWSsystem32spooldriversw32x863lxdepswx.exe:*:Enabled:Printer Status Window Interface -- ()
"E:WINDOWSsystem32spooldriversw32x863lxdetime.exe" = E:WINDOWSsystem32spooldriversw32x863lxdetime.exe:*:Enabled:Lexmark Connect Time Executable -- (Lexmark International, Inc.)
"E:WINDOWSsystem32spooldriversw32x863lxdejswx.exe" = E:WINDOWSsystem32spooldriversw32x863lxdejswx.exe:*:Enabled:Job Status Window Interface -- ()
"E:Program FilesGadu-Gadugg.exe" = E:Program FilesGadu-Gadugg.exe:*:Enabled:Gadu-Gadu - program glowny -- (Gadu-Gadu S.A.)
"E:WINDOWSsystem32dpnsvr.exe" = E:WINDOWSsystem32dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"E:Program FilesWapSterWapSter AQQAQQ.exe" = E:Program FilesWapSterWapSter AQQAQQ.exe:*:Enabled:AQQ Instant Messenger -- (Creative Team S.A.)
"E:Program FilesSymulator Farmy 2011FarmingSimulator2011.exe" = E:Program FilesSymulator Farmy 2011FarmingSimulator2011.exe:*:Enabled:Symulator Farmy 2011 -- (GIANTS Software GmbH)
"E:Program FilesSymulator Farmy 2011game.exe" = E:Program FilesSymulator Farmy 2011game.exe:*:Enabled:Symulator Farmy 2011 -- (GIANTS Software GmbH)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45E7C481-3EF4-4FCB-AF0B-19F70D618F0C}" = Worms 4 Totalna Rozwałka
"{481EA8F8-CAC0-4137-9CF8-DD0297593E61}" = TP-LINK Wireless Client Utility
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Polish
"{EB87675F-5281-4767-A54B-31931794C23D}" = OpenOffice.org 3.3
"ActiveSMART" = ActiveSMART
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"All ATI Software" = ATI - Software Uninstall Utility
"AQQ" = WapSter AQQ
"ATI Display Driver" = ATI Display Driver
"CCleaner" = CCleaner
"CivCityRome" = CivCity Rome
"C-Media Audio" = C-Media 3D Audio
"FarCry_is1" = Far Cry
"FarmingSimulator2011PL_is1" = Symulator Farmy 2011
"Lexmark 4800 Series" = Lexmark 4800 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.60.1.1000
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox 11.0 (x86 pl)" = Mozilla Firefox 11.0 (x86 pl)
"Opera 11.61.1250" = Opera 11.61
"Stellarium_is1" = Stellarium 0.10.6.1
"VirusScan Online" = McAfee VirusScan
"WinGimp-2.0_is1" = <a href="http://www.download.net.pl/354/GIMP/">GIMP</a> 2.6.11
"WinRAR archiver" = WinRAR archiver

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-03-20 07:27:12 | Computer Name = FUCK-FF7D37493B | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Nie można określić nazwy serwera lub adresu

Error - 2012-03-20 07:27:12 | Computer Name = FUCK-FF7D37493B | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: To połączenie sieciowe nie istnieje.

Error - 2012-03-20 07:27:14 | Computer Name = FUCK-FF7D37493B | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Nie można określić nazwy serwera lub adresu

Error - 2012-03-20 07:27:14 | Computer Name = FUCK-FF7D37493B | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: To połączenie sieciowe nie istnieje.

Error - 2012-03-20 07:27:41 | Computer Name = FUCK-FF7D37493B | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Nie można określić nazwy serwera lub adresu

Error - 2012-03-20 07:27:42 | Computer Name = FUCK-FF7D37493B | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: To połączenie sieciowe nie istnieje.

Error - 2012-03-20 07:28:18 | Computer Name = FUCK-FF7D37493B | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Nie można określić nazwy serwera lub adresu

Error - 2012-03-20 07:28:18 | Computer Name = FUCK-FF7D37493B | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: To połączenie sieciowe nie istnieje.

Error - 2012-03-20 07:49:28 | Computer Name = FUCK-FF7D37493B | Source = crypt32 | ID = 131080
Description = Nie można automatycznie pobrać aktualizacji numeru sekwencji głównej
listy innych firm z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>,
wystąpił błąd: Nie można określić nazwy serwera lub adresu

Error - 2012-03-20 14:02:32 | Computer Name = FUCK-FF7D37493B | Source = EventSystem | ID = 4618
Description = System zdarzeń modelu COM+ spowodował nieoczekiwane naruszenie praw
dostępu 0x7C910F29, próbując uzyskać dostęp do adresu 0x00690057. Skontaktuj się
z Pomocą techniczną firmy Microsoft i zgłoś ten błąd.  ntdll!wcsncpy+0x49a  ntdll!wcsncpy+0x2cd
ole32!+0x12024
ole32!CoTaskMemFree+0x13
es!+0x129fa
es!+0x12a85
es!+0x12ad4
es!+0x12b0e
ole32!FreePropVariantArray+0xf8
ole32!FreePropVariantArray+0xa0
sens!+0x2599
sens!+0x26ab
ntdll!RtlUpcaseUnicodeString+0x159
ntdll!RtlUpcaseUnicodeString+0x197
ntdll!RtlUpcaseUnicodeString+0x259
ntdll!RtlUpcaseUnicodeString+0x230
kernel32!GetModuleFileNameA+0x1b4

[ System Events ]
Error - 2012-03-21 08:26:55 | Computer Name = FUCK-FF7D37493B | Source = Service Control Manager | ID = 7023
Description = Usługa Windows Security zakończyła działanie; wystąpił następujący
błąd:   %%1114

Error - 2012-03-21 08:26:55 | Computer Name = FUCK-FF7D37493B | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi McAfee WSC Integration z powodu następującego
błędu:   %%2

Error - 2012-03-21 08:50:16 | Computer Name = FUCK-FF7D37493B | Source = Service Control Manager | ID = 7023
Description = Usługa Windows Security zakończyła działanie; wystąpił następujący
błąd:   %%1114

Error - 2012-03-21 08:50:16 | Computer Name = FUCK-FF7D37493B | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi McAfee WSC Integration z powodu następującego
błędu:   %%2

Error - 2012-03-21 08:51:16 | Computer Name = FUCK-FF7D37493B | Source = Service Control Manager | ID = 7023
Description = Usługa Automatic Updates zakończyła działanie; wystąpił następujący
błąd:   %%126

Error - 2012-03-21 11:48:36 | Computer Name = FUCK-FF7D37493B | Source = Service Control Manager | ID = 7023
Description = Usługa Windows Security zakończyła działanie; wystąpił następujący
błąd:   %%1114

Error - 2012-03-21 11:48:36 | Computer Name = FUCK-FF7D37493B | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi McAfee WSC Integration z powodu następującego
błędu:   %%2

Error - 2012-03-21 11:48:36 | Computer Name = FUCK-FF7D37493B | Source = Service Control Manager | ID = 7023
Description = Usługa Automatic Updates zakończyła działanie; wystąpił następujący
błąd:   %%126

Error - 2012-03-21 14:41:26 | Computer Name = FUCK-FF7D37493B | Source = Service Control Manager | ID = 7023
Description = Usługa Windows Security zakończyła działanie; wystąpił następujący
błąd:   %%1114

Error - 2012-03-21 14:41:26 | Computer Name = FUCK-FF7D37493B | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi McAfee WSC Integration z powodu następującego
błędu:   %%2


< End of report >

Użytkownik Powerjet edytował ten post 21 03 2012 - 21:55

Do góry

#2 ordynat

Zaawansowany użytkownik

804 postów

Napisano 21 03 2012 - 22:08

W logach widać CONFICKER'a.

Kosmetyka:
Uruchom OTL i w oknie Własne opcje skanowania/Script wklej to:

:OTL
SRV - [2006-03-02 13:00:00 | 000,168,509 | RHS- | M] () [Auto | Stopped] -- E:WINDOWSsystem32xtfkl.dll -- (ascidkyvi)
O3 - HKLM..Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
O4 - Startup: E:Documents and SettingsLukaszMenu StartProgramyAutostartHDDlife.lnk = File not found
FF - HKLMSoftwareMozillaPlugins@ganymede/GanymedeNetPlugin,version=1.0: E:Program FilesGanymedePluginsnpganymedenet.dll File not found
IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://home.sweetim.com
IE - HKLM..SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM..SearchScopes{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweeti...q={searchTerms}
IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = Ask.com Search Engine - Better Web Search
IE - HKCU..SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKCU..SearchScopes{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweeti...q={searchTerms}

:Reg
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileGloballyOpenPortsList]
"7933:TCP"=-

:Commands
[emptytemp]

Kliknij w Wykonaj Script.
Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.
Następnie uruchom OTL ponownie, tym razem kliknij Skanuj.
Pokaż nowy log OTL.txt oraz raport z usuwania.
.

Użytkownik ordynat edytował ten post 21 03 2012 - 22:10

Do góry

#3 Powerjet

Początkujący

66 postów

Napisano 22 03 2012 - 12:35

Raport z usuwania:

All processes killed
========== OTL ==========
Service ascidkyvi stopped successfully!
Service ascidkyvi deleted successfully!
File move failed. E:WINDOWSsystem32xtfkl.dll scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar{BA52B914-B692-46c4-B683-905236F6F655} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{BA52B914-B692-46c4-B683-905236F6F655} not found.
E:Documents and SettingsLukaszMenu StartProgramyAutostartHDDlife.lnk moved successfully.
Registry key HKEY_LOCAL_MACHINESoftwareMozillaPlugins@ganymede/GanymedeNetPlugin,version=1.0 deleted successfully.
HKLMSOFTWAREMicrosoftInternet ExplorerMainStart Page| /E : value set successfully!
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopesDefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopes{EEE6C360-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{EEE6C360-6118-11DC-9C72-001320C79847} not found.
HKCUSOFTWAREMicrosoftInternet ExplorerMainStart Page| /E : value set successfully!
HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerSearchScopesDefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerSearchScopes{EEE6C360-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{EEE6C360-6118-11DC-9C72-001320C79847} not found.
File EY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileGloballyOpenPortsList] not found.
File ptytemp] not found.

OTL by OldTimer - Version 3.2.39.1 log created on 03222012_103310
FilesFolders moved on Reboot...
E:WINDOWSsystem32xtfkl.dll moved successfully.
Registry entries deleted on Reboot...

Log z ponownego skanowania:

OTL logfile created on: 2012-03-22 10:40:09 - Run 2
OTL by OldTimer - Version 3.2.39.1	 Folder = E:Documents and SettingsLukaszMoje dokumentyPobieranie
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1022,80 Mb Total Physical Memory | 787,05 Mb Available Physical Memory | 76,95% Memory free
3,83 Gb Paging File | 3,64 Gb Available in Paging File | 94,90% Paging File free
Paging file location(s): E:pagefile.sys 3000 3000 [binary data]

%SystemDrive% = E: | %SystemRoot% = E:WINDOWS | %ProgramFiles% = E:Program Files
Drive C: | 9,77 Gb Total Space | 3,03 Gb Free Space | 31,06% Space Free | Partition Type: NTFS
Drive D: | 32,23 Gb Total Space | 23,63 Gb Free Space | 73,31% Space Free | Partition Type: NTFS
Drive E: | 9,77 Gb Total Space | 1,59 Gb Free Space | 16,27% Space Free | Partition Type: NTFS
Drive G: | 22,76 Gb Total Space | 22,69 Gb Free Space | 99,72% Space Free | Partition Type: NTFS

Computer Name: FUCK-FF7D37493B | User Name: Lukasz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-03-22 10:24:21 | 000,594,432 | ---- | M] (OldTimer Tools) -- E:Documents and SettingsLukaszMoje dokumentyPobieranieOTL(1).exe
PRC - [2012-03-16 21:32:14 | 002,016,560 | ---- | M] (Ariolic Software, Ltd. (http://www.ariolic.com)) -- D:Program FilesActiveSMART 2.92ASmartService.exe
PRC - [2012-03-16 21:31:26 | 001,690,416 | ---- | M] (Ariolic Software, Ltd. (http://www.ariolic.com)) -- D:Program FilesActiveSMART 2.92ActiveSMART.exe
PRC - [2006-03-02 13:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- E:WINDOWSexplorer.exe
PRC - [2006-01-02 16:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- E:Program FilesATI TechnologiesATI.ACECLI.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-01-03 14:10:54 | 000,300,544 | ---- | M] () -- E:Program FilesCommon FilesAdobeAcrobatActiveXPDFShell.POL
MOD - [2011-04-12 16:37:56 | 011,808,768 | ---- | M] () -- E:WINDOWSassemblyNativeImages_v2.0.50727_32System.Web4236c36d63e91b43b9b89ae22094fa58System.Web.ni.dll
MOD - [2011-04-12 16:37:00 | 000,962,560 | ---- | M] () -- E:WINDOWSassemblyNativeImages_v2.0.50727_32System.Configurationcf68ff7117f0e04f8c6a780cce4aa1cfSystem.Configuration.ni.dll
MOD - [2011-04-10 19:47:43 | 005,640,192 | ---- | M] () -- E:WINDOWSassemblyNativeImages_v2.0.50727_32System.Xml80e756c54fe9a44ca6689f52b4d69567System.Xml.ni.dll
MOD - [2011-04-10 19:47:22 | 013,107,200 | ---- | M] () -- E:WINDOWSassemblyNativeImages_v2.0.50727_32System.Windows.Forms8510cb68ca10da41aa8d842806edfb81System.Windows.Forms.ni.dll
MOD - [2011-04-10 19:46:38 | 001,626,112 | ---- | M] () -- E:WINDOWSassemblyNativeImages_v2.0.50727_32System.Drawingfef472a13f1f4d49b29fb6c4dde3fbd5System.Drawing.ni.dll
MOD - [2011-04-10 19:46:29 | 008,093,696 | ---- | M] () -- E:WINDOWSassemblyNativeImages_v2.0.50727_32System1c2ec8e6cc990d468fdbf26a8711e218System.ni.dll
MOD - [2011-04-10 19:46:00 | 011,415,552 | ---- | M] () -- E:WINDOWSassemblyNativeImages_v2.0.50727_32mscorlib718cda071fbddc4184548d0ed0d2e5a3mscorlib.ni.dll
MOD - [2011-04-10 19:45:12 | 000,368,640 | ---- | M] () -- E:WINDOWSassemblyGAC_MSILSystem.Management2.0.0.0__b03f5f7f11d50a3aSystem.Management.dll
MOD - [2011-04-10 19:45:12 | 000,299,008 | ---- | M] () -- E:WINDOWSassemblyGAC_MSILSystem.Runtime.Remoting2.0.0.0__b77a5c561934e089System.Runtime.Remoting.dll
MOD - [2010-03-15 10:28:22 | 000,141,824 | ---- | M] () -- E:Program FilesWinRARRarExt.dll
MOD - [2007-05-25 18:42:10 | 000,113,664 | ---- | M] () -- E:WINDOWSsystem32spoolprtprocsw32x86lxdedrpp.dll
MOD - [2005-10-19 09:17:58 | 000,073,728 | ---- | M] () -- E:Program FilesATI TechnologiesATI.ACEatiacmxx.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- C:WINDOWSsystem32wuauserv.dll -- (wuauserv)
SRV - File not found [Auto | Stopped] -- e:program filesmcafee.comagentmcdetect.exe -- (McDetect.exe)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%System32appmgmts.dll -- (AppMgmt)
SRV - [2012-03-16 21:32:14 | 002,016,560 | ---- | M] (Ariolic Software, Ltd. (http://www.ariolic.com)) [Auto | Running] -- D:Program FilesActiveSMART 2.92ASmartService.exe -- (ActiveSMART Service)
SRV - [2007-05-29 14:07:58 | 000,598,960 | ---- | M] ( ) [Disabled | Stopped] -- E:WINDOWSsystem32lxdecoms.exe -- (lxde_device)
SRV - [2007-05-29 14:06:43 | 000,099,248 | ---- | M] () [Disabled | Stopped] -- E:WINDOWSSystem32spoolDRIVERSW32X863lxdeserv.exe -- (lxdeCATSCustConnectService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32driversnaiavf5x.sys -- (NaiAvFilter1)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:DOCUME~1LukaszUSTAWI~1Tempcatchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32driversALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2011-12-12 21:09:29 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- E:WINDOWSsystem32driverssptd.sys -- (sptd)
DRV - [2010-01-05 03:31:32 | 001,714,176 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- E:WINDOWSsystem32driversathuw.sys -- (AR9271)
DRV - [2006-05-03 17:50:42 | 001,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- E:WINDOWSsystem32driversati2mtag.sys -- (ati2mtag)
DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- E:WINDOWSsystem32driversRTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2004-05-02 09:47:08 | 000,023,040 | R--- | M] () [Kernel | On_Demand | Stopped] -- E:WINDOWSSystem32driversGVCplDrv.sys -- (GVCplDrv)
DRV - [2001-09-26 23:32:38 | 000,285,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- E:WINDOWSsystem32driversati2mtaa.sys -- (ati2mtaa)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = %SystemRoot%system32blank.htm
IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page =
IE - HKLM..SearchScopes,DefaultScope =

IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page =
IE - HKCU..SearchScopes,DefaultScope =
IE - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0
IE - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - user.js - File not found

FF - HKLMSoftwareMozillaPlugins@adobe.com/FlashPlayer: E:WINDOWSsystem32MacromedFlashNPSWF32.dll ()
FF - HKLMSoftwareMozillaPlugins@adobe.com/ShockwavePlayer: E:WINDOWSsystem32AdobeDirectornp32dsw.dll (Adobe Systems, Inc.)
FF - HKLMSoftwareMozillaPlugins@java.com/JavaPlugin: E:Program FilesJavajre6binnew_pluginnpjp2.dll (Sun Microsystems, Inc.)
FF - HKLMSoftwareMozillaPluginsAdobe Reader: E:Program FilesAdobeReader 10.0ReaderAIRnppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 11.0extensionsComponents: E:Program FilesMozilla Firefoxcomponents [2012-03-19 10:17:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 11.0extensionsPlugins: E:Program FilesMozilla Firefoxplugins

[2012-03-19 10:18:07 | 000,000,000 | ---D | M] (No name found) -- E:Documents and SettingsLukaszDane aplikacjiMozillaExtensions
[2012-03-19 10:17:03 | 000,000,000 | ---D | M] (No name found) -- E:Program FilesMozilla Firefoxextensions
[2012-03-13 05:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- E:Program Filesmozilla firefoxcomponentsbrowsercomps.dll
[2012-03-13 06:36:36 | 000,002,767 | ---- | M] () -- E:Program Filesmozilla firefoxsearchpluginsallegro-pl.xml
[2012-03-13 06:36:36 | 000,001,406 | ---- | M] () -- E:Program Filesmozilla firefoxsearchpluginsfbc-pl.xml
[2012-03-13 06:36:36 | 000,000,917 | ---- | M] () -- E:Program Filesmozilla firefoxsearchpluginsmerlin-pl.xml
[2012-03-13 06:36:36 | 000,000,858 | ---- | M] () -- E:Program Filesmozilla firefoxsearchpluginspwn-pl.xml
[2012-03-13 06:36:36 | 000,001,183 | ---- | M] () -- E:Program Filesmozilla firefoxsearchpluginswikipedia-pl.xml
[2012-03-13 06:36:36 | 000,001,683 | ---- | M] () -- E:Program Filesmozilla firefoxsearchpluginswp-pl.xml

[color=#E56717]========== Chrome  ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}

O1 HOSTS File: ([2012-03-21 20:15:18 | 000,000,027 | ---- | M]) - E:WINDOWSsystem32driversetchosts
O1 - Hosts: 127.0.0.1	   localhost
O4 - HKLM..Run: [ATICCC] E:Program FilesATI TechnologiesATI.ACEcli.exe (ATI Technologies Inc.)
O6 - HKLMSoftwarePoliciesMicrosoftInternet ExplorerLow Rights present
O6 - HKLMSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveAutoRun = 67108863
O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 323
O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0
O7 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 323
O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveAutoRun = 67108863
O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{FEF668CD-7ECD-4124-99F3-DE7AC3D9480B}: DhcpNameServer = 192.168.1.1 0.0.0.0
O20 - HKLM Winlogon: Shell - (Explorer.exe) - E:WINDOWSexplorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (E:WINDOWSsystem32userinit.exe) - E:WINDOWSsystem32userinit.exe (Microsoft Corporation)
O20 - WinlogonNotifyAtiExtEvent: DllName - (Ati2evxx.dll) - E:WINDOWSSystem32ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: E:Documents and SettingsLukaszUstawienia lokalneDane aplikacjiMicrosoftWallpaper1.bmp
O24 - Desktop BackupWallPaper: E:Documents and SettingsLukaszUstawienia lokalneDane aplikacjiMicrosoftWallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-03-28 13:01:25 | 000,000,000 | ---- | M] () - C:AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM..comfile [open] -- "%1" %*
O35 - HKLM..exefile [open] -- "%1" %*
O37 - HKLM...com [@ = ComFile] -- "%1" %*
O37 - HKLM...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-03-22 10:17:40 | 000,000,000 | ---D | C] -- E:_OTL
[2012-03-21 20:23:12 | 000,000,000 | -HSD | C] -- E:RECYCLER
[2012-03-21 20:17:04 | 000,000,000 | ---D | C] -- E:WINDOWStemp
[2012-03-21 20:04:20 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszMoje dokumentyPobieranie
[2012-03-21 11:20:14 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszDane aplikacjiMalwarebytes
[2012-03-21 11:20:10 | 000,000,000 | ---D | C] -- E:Documents and SettingsAll UsersDane aplikacjiMalwarebytes
[2012-03-21 11:18:33 | 009,502,424 | ---- | C] (Malwarebytes Corporation									) -- E:Documents and SettingsLukaszMoje dokumentymbam-setup-1.60.1.1000.exe
[2012-03-21 11:08:49 | 000,000,000 | ---D | C] -- E:Program FilesMcAfee.com
[2012-03-20 23:10:31 | 000,000,000 | RH-D | C] -- E:Documents and SettingsLukaszRecent
[2012-03-20 22:51:50 | 000,288,320 | R--- | C] (McAfee, Inc) -- E:WINDOWSSystem32mcgdmgr.dll
[2012-03-20 22:51:49 | 000,349,760 | R--- | C] (McAfee, Inc) -- E:WINDOWSSystem32mcinsctl.dll
[2012-03-20 22:45:49 | 000,000,000 | ---D | C] -- E:Documents and SettingsAll UsersDane aplikacjiMcAfee.com
[2012-03-20 22:06:30 | 000,000,000 | ---D | C] -- E:WINDOWSERUNT
[2012-03-20 12:44:15 | 000,000,000 | ---D | C] -- E:Documents and SettingsLocalServiceUstawienia lokalneDane aplikacjiOpera
[2012-03-20 12:44:15 | 000,000,000 | ---D | C] -- E:Documents and SettingsLocalServiceDane aplikacjiOpera
[2012-03-20 12:44:10 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszMenu StartProgramyActiveSMART 2.92
[2012-03-20 12:43:58 | 000,000,000 | -H-D | C] -- E:Documents and SettingsAll UsersDane aplikacjiActiveSMART
[2012-03-20 12:29:10 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszDane aplikacjiBinarySense
[2012-03-19 20:37:08 | 000,000,000 | ---D | C] -- E:Program FilesCCleaner
[2012-03-19 10:17:46 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszUstawienia lokalneDane aplikacjiMozilla
[2012-03-19 10:17:46 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszDane aplikacjiMozilla
[2012-03-19 10:16:53 | 000,000,000 | ---D | C] -- E:Program FilesMozilla Firefox
[2012-03-16 21:46:47 | 000,000,000 | ---D | C] -- E:Documents and SettingsAll UsersDane aplikacjiFirefly Studios
[2012-03-16 21:46:12 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszMoje dokumentyCivCity Rome
[2012-03-16 21:46:11 | 000,000,000 | ---D | C] -- E:Documents and SettingsAll UsersDane aplikacjiTrymedia
[2012-03-16 21:31:47 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- E:WINDOWSSystem32CmdLineExt.dll
[2012-03-16 21:23:41 | 000,000,000 | ---D | C] -- E:Documents and SettingsAll UsersMenu StartProgramyFirefly Studios
[2012-03-16 20:24:39 | 001,429,256 | ---- | C] (CPUID) -- E:Documents and SettingsLukaszPulpitHWMonitor.exe
[2012-03-16 16:01:49 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszUstawienia lokalneDane aplikacjiStardock
[2012-03-16 16:01:40 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszMenu StartProgramyThoosje Sidebar V2.3
[2012-03-12 16:00:40 | 000,000,000 | ---D | C] -- E:Documents and SettingsAll UsersMenu StartProgramyKolekcja Klasyki
[2012-03-09 14:39:25 | 000,000,000 | ---D | C] -- E:Documents and SettingsAll UsersMenu StartProgramyCodemasters
[2012-03-09 14:38:30 | 000,000,000 | ---D | C] -- E:Program FilesCodemasters
[2012-03-06 17:20:29 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszMoje dokumentyMy Games
[2012-03-06 17:18:44 | 000,000,000 | ---D | C] -- E:Documents and SettingsAll UsersMenu StartProgramyTechland
[2012-03-06 17:10:15 | 000,000,000 | ---D | C] -- E:Program FilesSymulator Farmy 2011
[2012-03-05 15:53:45 | 001,897,408 | ---- | C] (NVIDIA Corporation) -- E:WINDOWSSystem32dllcachenv4_mini.sys
[2012-03-05 15:53:42 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- E:WINDOWSSystem32nv4_disp.dll
[2012-03-05 15:53:42 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- E:WINDOWSSystem32dllcachenv4_disp.dll
[2012-03-04 19:38:35 | 000,000,000 | ---D | C] -- E:Documents and SettingsAll UsersMenu StartProgramyStellarium
[2012-03-04 12:07:42 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszPulpitAllegro aukcje
[2012-03-04 11:57:07 | 000,275,200 | ---- | C] (Microsoft Corporation) -- E:WINDOWSSystem32dllcachebthport.sys
[2012-03-04 11:57:02 | 000,018,944 | ---- | C] (Microsoft Corporation) -- E:WINDOWSSystem32dllcachebthusb.sys
[2012-03-03 21:14:32 | 000,000,000 | ---D | C] -- E:Documents and SettingsAll UsersMenu StartProgramyCatalyst Control Center
[2012-03-03 20:45:17 | 000,000,000 | ---D | C] -- E:Program FilesATI Technologies
[2012-03-03 18:56:59 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszMoje dokumentygegl-0.0
[2012-03-03 18:26:03 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszMoje dokumentyGTA San Andreas User Files
[2012-03-03 13:28:20 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszUstawienia lokalneDane aplikacjiHelp
[2012-03-03 13:28:20 | 000,000,000 | ---D | C] -- E:Documents and SettingsLukaszDane aplikacjiHelp
[2012-03-03 13:24:02 | 000,036,864 | R--- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atrpuixx.cht
[2012-03-03 13:24:02 | 000,036,864 | R--- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atrpuixx.chs
[2012-03-03 13:24:02 | 000,016,384 | R--- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atriprxx.cht
[2012-03-03 13:24:02 | 000,016,384 | R--- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atriprxx.chs
[2012-03-03 13:24:02 | 000,016,384 | R--- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atridtxx.cht
[2012-03-03 13:24:02 | 000,016,384 | R--- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atridtxx.chs
[2012-03-03 13:22:43 | 000,053,248 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atrpuixx.ptb
[2012-03-03 13:22:43 | 000,053,248 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atrpuixx.nld
[2012-03-03 13:22:43 | 000,053,248 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atrpuixx.ita
[2012-03-03 13:22:43 | 000,053,248 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atrpuixx.fra
[2012-03-03 13:22:43 | 000,053,248 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atrpuixx.esp
[2012-03-03 13:22:43 | 000,053,248 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atrpuixx.deu
[2012-03-03 13:22:43 | 000,049,152 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atrpuixx.sve
[2012-03-03 13:22:43 | 000,049,152 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atrpuixx.enu
[2012-03-03 13:22:43 | 000,040,960 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atrpuixx.kor
[2012-03-03 13:22:43 | 000,040,960 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atrpuixx.jpn
[2012-03-03 13:22:43 | 000,020,480 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atriprxx.sve
[2012-03-03 13:22:43 | 000,020,480 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atriprxx.ptb
[2012-03-03 13:22:43 | 000,020,480 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atriprxx.nld
[2012-03-03 13:22:43 | 000,020,480 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atriprxx.ita
[2012-03-03 13:22:43 | 000,020,480 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atriprxx.fra
[2012-03-03 13:22:43 | 000,020,480 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atriprxx.esp
[2012-03-03 13:22:43 | 000,020,480 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atriprxx.enu
[2012-03-03 13:22:43 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atriprxx.kor
[2012-03-03 13:22:43 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atriprxx.jpn
[2012-03-03 13:22:42 | 000,061,440 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atricdxx.enu
[2012-03-03 13:22:42 | 000,020,480 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atriprxx.deu
[2012-03-03 13:22:42 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atridtxx.sve
[2012-03-03 13:22:42 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atridtxx.ptb
[2012-03-03 13:22:42 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atridtxx.nld
[2012-03-03 13:22:42 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atridtxx.kor
[2012-03-03 13:22:42 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atridtxx.jpn
[2012-03-03 13:22:42 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atridtxx.ita
[2012-03-03 13:22:42 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atridtxx.fra
[2012-03-03 13:22:42 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atridtxx.esp
[2012-03-03 13:22:42 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32Atridtxx.enu
[2012-03-03 13:22:42 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atridtxx.deu
[2012-03-03 13:22:40 | 001,527,904 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atioglaa.dll
[2012-03-03 13:22:40 | 000,921,600 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atipuixx.dll
[2012-03-03 13:22:40 | 000,307,200 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atiiiexx.dll
[2012-03-03 13:22:40 | 000,245,760 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atiptaxx.exe
[2012-03-03 13:22:40 | 000,163,840 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atipdsxx.dll
[2012-03-03 13:22:40 | 000,098,304 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atiiprxx.exe
[2012-03-03 13:22:40 | 000,081,920 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atippaxx.dll
[2012-03-03 13:22:40 | 000,049,152 | ---- | C] (ATI Technologies, Inc.) -- E:WINDOWSSystem32atiphexx.exe
[2012-03-03 13:22:39 | 000,327,748 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atiicdxx.dll
[2012-03-03 13:22:39 | 000,297,120 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32dllcacheati2dvaa.dll
[2012-03-03 13:22:39 | 000,297,120 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32ati2dvaa.dll
[2012-03-03 13:22:39 | 000,285,088 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32driversati2mtaa.sys
[2012-03-03 13:22:39 | 000,285,088 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32dllcacheati2mtaa.sys
[2012-03-03 13:22:39 | 000,102,400 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32Atiidtxx.dll
[2012-03-03 13:22:39 | 000,045,056 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atiicpxx.dll
[2012-03-03 13:22:39 | 000,004,608 | ---- | C] (ATI Technologies Inc.) -- E:WINDOWSSystem32atiicdxx.sys
[1 E:WINDOWSSystem32*.tmp files -> E:WINDOWSSystem32*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-03-22 10:33:56 | 000,002,048 | --S- | M] () -- E:WINDOWSbootstat.dat
[2012-03-22 10:33:53 | 1072,549,888 | -HS- | M] () -- E:hiberfil.sys
[2012-03-21 20:15:18 | 000,000,027 | ---- | M] () -- E:WINDOWSSystem32driversetchosts
[2012-03-21 11:19:46 | 009,502,424 | ---- | M] (Malwarebytes Corporation									) -- E:Documents and SettingsLukaszMoje dokumentymbam-setup-1.60.1.1000.exe
[2012-03-21 09:25:15 | 000,001,374 | ---- | M] () -- E:WINDOWSSystem32wpa.dbl
[2012-03-20 23:10:55 | 000,048,468 | ---- | M] () -- E:Documents and SettingsLukaszMoje dokumentycc_20120320_231051.reg
[2012-03-20 22:52:11 | 000,000,000 | ---- | M] () -- E:WINDOWScleanup.ini
[2012-03-20 22:44:41 | 000,061,272 | ---- | M] () -- E:Documents and SettingsLukasz.recently-used.xbel
[2012-03-20 22:22:15 | 000,003,782 | ---- | M] () -- E:Documents and SettingsLukaszMoje dokumentycc_20120320_222207.reg
[2012-03-20 14:18:59 | 001,427,880 | ---- | M] () -- E:WINDOWSSystem32FNTCACHE.DAT
[2012-03-20 12:44:10 | 000,000,627 | ---- | M] () -- E:Documents and SettingsLukaszPulpitActiveSMART.lnk
[2012-03-19 21:50:51 | 000,000,541 | ---- | M] () -- E:Documents and SettingsLukaszPulpitWorms 4.lnk
[2012-03-19 20:37:10 | 000,000,682 | ---- | M] () -- E:Documents and SettingsAll UsersPulpitCCleaner.lnk
[2012-03-19 10:17:06 | 000,000,724 | ---- | M] () -- E:Documents and SettingsAll UsersPulpitMozilla Firefox.lnk
[2012-03-16 21:31:47 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- E:WINDOWSSystem32CmdLineExt.dll
[2012-03-16 21:23:50 | 000,000,860 | ---- | M] () -- E:Documents and SettingsAll UsersPulpitCivCity Rome.lnk
[2012-03-12 16:00:42 | 000,000,563 | ---- | M] () -- E:Documents and SettingsLukaszPulpitFar Cry.lnk
[2012-03-09 14:51:53 | 000,316,640 | ---- | M] () -- E:WINDOWSWMSysPr9.prx
[2012-03-06 17:18:45 | 000,000,868 | ---- | M] () -- E:Documents and SettingsLukaszPulpitSymulator Farmy 2011 .lnk
[2012-03-06 16:39:46 | 000,009,216 | ---- | M] () -- E:Documents and SettingsLukaszUstawienia lokalneDane aplikacjiDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-03-05 20:42:08 | 000,010,842 | -H-- | M] () -- E:WINDOWSSystem32ATMenuxx.GID
[2012-03-05 18:28:56 | 000,000,010 | ---- | M] () -- E:WINDOWSwininit.ini
[2012-03-04 19:38:35 | 000,000,544 | ---- | M] () -- E:Documents and SettingsAll UsersPulpitStellarium.lnk
[2012-03-03 21:21:08 | 000,000,566 | ---- | M] () -- E:Documents and SettingsLukaszPulpitGTA San Andreas.lnk
[2012-03-03 21:17:31 | 000,000,022 | ---- | M] () -- E:WINDOWSSystem32ati64hl2.stb
[2012-03-03 21:14:33 | 000,001,893 | ---- | M] () -- E:Documents and SettingsAll UsersPulpitCatalyst Control Center.lnk
[2012-03-03 13:28:39 | 000,000,022 | ---- | M] () -- E:WINDOWSSystem32ati64hlp.stb
[2012-03-03 13:22:59 | 000,004,998 | ---- | M] () -- E:Documents and SettingsAll UsersDane aplikacjimtbjfghn.xbe
[2012-03-03 13:13:26 | 000,448,004 | ---- | M] () -- E:WINDOWSSystem32perfh015.dat
[2012-03-03 13:13:26 | 000,392,296 | ---- | M] () -- E:WINDOWSSystem32perfh009.dat
[2012-03-03 13:13:26 | 000,074,230 | ---- | M] () -- E:WINDOWSSystem32perfc015.dat
[2012-03-03 13:13:26 | 000,058,596 | ---- | M] () -- E:WINDOWSSystem32perfc009.dat
[1 E:WINDOWSSystem32*.tmp files -> E:WINDOWSSystem32*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-03-20 23:10:53 | 000,048,468 | ---- | C] () -- E:Documents and SettingsLukaszMoje dokumentycc_20120320_231051.reg
[2012-03-20 22:52:11 | 000,000,000 | ---- | C] () -- E:WINDOWScleanup.ini
[2012-03-20 22:44:41 | 000,061,272 | ---- | C] () -- E:Documents and SettingsLukasz.recently-used.xbel
[2012-03-20 22:22:09 | 000,003,782 | ---- | C] () -- E:Documents and SettingsLukaszMoje dokumentycc_20120320_222207.reg
[2012-03-20 22:12:52 | 1072,549,888 | -HS- | C] () -- E:hiberfil.sys
[2012-03-20 12:44:10 | 000,000,627 | ---- | C] () -- E:Documents and SettingsLukaszPulpitActiveSMART.lnk
[2012-03-19 20:37:10 | 000,000,682 | ---- | C] () -- E:Documents and SettingsAll UsersPulpitCCleaner.lnk
[2012-03-19 10:17:06 | 000,000,730 | ---- | C] () -- E:Documents and SettingsAll UsersMenu StartProgramyMozilla Firefox.lnk
[2012-03-19 10:17:06 | 000,000,724 | ---- | C] () -- E:Documents and SettingsAll UsersPulpitMozilla Firefox.lnk
[2012-03-16 21:23:50 | 000,000,860 | ---- | C] () -- E:Documents and SettingsAll UsersPulpitCivCity Rome.lnk
[2012-03-12 16:00:42 | 000,000,563 | ---- | C] () -- E:Documents and SettingsLukaszPulpitFar Cry.lnk
[2012-03-09 15:16:23 | 000,000,541 | ---- | C] () -- E:Documents and SettingsLukaszPulpitWorms 4.lnk
[2012-03-06 17:18:45 | 000,000,868 | ---- | C] () -- E:Documents and SettingsLukaszPulpitSymulator Farmy 2011 .lnk
[2012-03-04 19:38:35 | 000,000,544 | ---- | C] () -- E:Documents and SettingsAll UsersPulpitStellarium.lnk
[2012-03-03 22:05:32 | 000,000,545 | ---- | C] () -- E:WINDOWSUC.PIF
[2012-03-03 22:05:32 | 000,000,545 | ---- | C] () -- E:WINDOWSRAR.PIF
[2012-03-03 22:05:32 | 000,000,545 | ---- | C] () -- E:WINDOWSPKZIP.PIF
[2012-03-03 22:05:32 | 000,000,545 | ---- | C] () -- E:WINDOWSPKUNZIP.PIF
[2012-03-03 22:05:32 | 000,000,545 | ---- | C] () -- E:WINDOWSNOCLOSE.PIF
[2012-03-03 22:05:32 | 000,000,545 | ---- | C] () -- E:WINDOWSLHA.PIF
[2012-03-03 22:05:32 | 000,000,545 | ---- | C] () -- E:WINDOWSARJ.PIF
[2012-03-03 21:21:08 | 000,000,566 | ---- | C] () -- E:Documents and SettingsLukaszPulpitGTA San Andreas.lnk
[2012-03-03 21:17:31 | 000,000,022 | ---- | C] () -- E:WINDOWSSystem32ati64hl2.stb
[2012-03-03 21:14:33 | 000,001,893 | ---- | C] () -- E:Documents and SettingsAll UsersPulpitCatalyst Control Center.lnk
[2012-03-03 13:28:39 | 000,000,022 | ---- | C] () -- E:WINDOWSSystem32ati64hlp.stb
[2012-03-03 13:28:20 | 000,010,842 | -H-- | C] () -- E:WINDOWSSystem32ATMenuxx.GID
[2012-03-03 13:22:59 | 000,004,998 | ---- | C] () -- E:Documents and SettingsAll UsersDane aplikacjimtbjfghn.xbe
[2012-03-03 13:22:44 | 000,136,384 | ---- | C] () -- E:WINDOWSSystem32attkorxx.hlx
[2012-03-03 13:22:44 | 000,117,601 | ---- | C] () -- E:WINDOWSSystem32attjpnxx.hlx
[2012-03-03 13:22:44 | 000,045,319 | ---- | C] () -- E:WINDOWSSystem32attsvexx.hlx
[2012-03-03 13:22:44 | 000,044,715 | ---- | C] () -- E:WINDOWSSystem32attdeuxx.hlx
[2012-03-03 13:22:44 | 000,044,691 | ---- | C] () -- E:WINDOWSSystem32attfraxx.hlx
[2012-03-03 13:22:44 | 000,044,569 | ---- | C] () -- E:WINDOWSSystem32attnldxx.hlx
[2012-03-03 13:22:44 | 000,043,780 | ---- | C] () -- E:WINDOWSSystem32attitaxx.hlx
[2012-03-03 13:22:44 | 000,043,318 | ---- | C] () -- E:WINDOWSSystem32attchtxx.hlx
[2012-03-03 13:22:44 | 000,043,006 | ---- | C] () -- E:WINDOWSSystem32attespxx.hlx
[2012-03-03 13:22:44 | 000,042,954 | ---- | C] () -- E:WINDOWSSystem32attchsxx.hlx
[2012-03-03 13:22:44 | 000,042,757 | ---- | C] () -- E:WINDOWSSystem32attptbxx.hlx
[2012-03-03 13:22:44 | 000,040,946 | ---- | C] () -- E:WINDOWSSystem32Attenuxx.hlx
[2012-03-03 13:22:42 | 000,094,405 | ---- | C] () -- E:WINDOWSSystem32atmptbxx.hlx
[2012-03-03 13:22:42 | 000,083,958 | ---- | C] () -- E:WINDOWSSystem32atmsvexx.hlx
[2012-03-03 13:22:41 | 000,334,614 | ---- | C] () -- E:WINDOWSSystem32atmkorxx.hlx
[2012-03-03 13:22:41 | 000,297,813 | ---- | C] () -- E:WINDOWSSystem32atmjpnxx.hlx
[2012-03-03 13:22:41 | 000,099,534 | ---- | C] () -- E:WINDOWSSystem32atmdeuxx.hlx
[2012-03-03 13:22:41 | 000,099,306 | ---- | C] () -- E:WINDOWSSystem32atmfraxx.hlx
[2012-03-03 13:22:41 | 000,099,054 | ---- | C] () -- E:WINDOWSSystem32atmchtxx.hlx
[2012-03-03 13:22:41 | 000,098,721 | ---- | C] () -- E:WINDOWSSystem32atmitaxx.hlx
[2012-03-03 13:22:41 | 000,095,612 | ---- | C] () -- E:WINDOWSSystem32atmchsxx.hlx
[2012-03-03 13:22:41 | 000,094,578 | ---- | C] () -- E:WINDOWSSystem32atmespxx.hlx
[2012-03-03 13:22:41 | 000,093,722 | ---- | C] () -- E:WINDOWSSystem32Atmenuxx.hlx
[2012-03-03 13:22:41 | 000,082,715 | ---- | C] () -- E:WINDOWSSystem32atmnldxx.hlx
[2012-03-03 13:22:39 | 000,036,506 | ---- | C] () -- E:WINDOWSSystem32atfkorxx.hlx
[2012-03-03 13:22:39 | 000,032,994 | ---- | C] () -- E:WINDOWSSystem32atfjpnxx.hlx
[2012-03-03 13:22:39 | 000,018,602 | ---- | C] () -- E:WINDOWSSystem32atfchtxx.hlx
[2012-03-03 13:22:39 | 000,018,594 | ---- | C] () -- E:WINDOWSSystem32atfdeuxx.hlx
[2012-03-03 13:22:39 | 000,018,322 | ---- | C] () -- E:WINDOWSSystem32atffraxx.hlx
[2012-03-03 13:22:39 | 000,018,087 | ---- | C] () -- E:WINDOWSSystem32atfchsxx.hlx
[2012-03-03 13:22:39 | 000,018,039 | ---- | C] () -- E:WINDOWSSystem32atfitaxx.hlx
[2012-03-03 13:22:39 | 000,017,764 | ---- | C] () -- E:WINDOWSSystem32atfptbxx.hlx
[2012-03-03 13:22:39 | 000,017,691 | ---- | C] () -- E:WINDOWSSystem32atfespxx.hlx
[2012-03-03 13:22:39 | 000,017,363 | ---- | C] () -- E:WINDOWSSystem32Atfenuxx.hlx
[2012-03-03 13:22:39 | 000,014,834 | ---- | C] () -- E:WINDOWSSystem32atfnldxx.hlx
[2012-03-03 13:22:39 | 000,014,604 | ---- | C] () -- E:WINDOWSSystem32atfsvexx.hlx
[2012-03-03 13:22:39 | 000,007,849 | ---- | C] () -- E:WINDOWSSystem32atiicdxx.vxd
[2011-11-07 21:14:07 | 000,000,092 | ---- | C] () -- E:WINDOWSCMISETUP.INI
[2011-11-07 21:14:05 | 000,000,026 | ---- | C] () -- E:WINDOWSCMCDPLAY.INI
[2011-11-07 21:13:55 | 000,266,240 | ---- | C] () -- E:WINDOWSCMIUninstall.exe
[2011-11-07 21:13:55 | 000,225,280 | ---- | C] () -- E:WINDOWSCmiRmRedundDir.exe
[2011-11-07 21:13:55 | 000,028,672 | ---- | C] () -- E:WINDOWSCMIRmDriver.dll
[2011-11-07 20:51:00 | 000,256,000 | ---- | C] () -- E:WINDOWSPEV.exe
[2011-11-07 20:51:00 | 000,208,896 | ---- | C] () -- E:WINDOWSMBR.exe
[2011-11-07 20:51:00 | 000,098,816 | ---- | C] () -- E:WINDOWSsed.exe
[2011-11-07 20:51:00 | 000,080,412 | ---- | C] () -- E:WINDOWSgrep.exe
[2011-11-07 20:51:00 | 000,068,096 | ---- | C] () -- E:WINDOWSzip.exe
[2011-10-31 19:58:09 | 000,000,056 | -H-- | C] () -- E:WINDOWSSystem32ezsidmv.dat
[2011-07-06 19:28:58 | 000,009,216 | ---- | C] () -- E:Documents and SettingsLukaszUstawienia lokalneDane aplikacjiDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-05-22 16:08:52 | 000,000,050 | ---- | C] () -- E:WINDOWSLascaux.ini
[2011-04-25 17:37:45 | 000,023,040 | R--- | C] () -- E:WINDOWSSystem32driversGVCplDrv.sys
[2011-04-10 19:53:01 | 000,012,288 | ---- | C] () -- E:WINDOWSSystem32LXF3PMRC.DLL
[2011-04-10 19:42:22 | 000,000,060 | -H-- | C] () -- E:WINDOWSSystem32lxderwrd.ini
[2011-04-10 19:42:17 | 000,348,160 | ---- | C] () -- E:WINDOWSSystem32lxdeinst.dll
[2011-04-10 19:42:16 | 000,434,176 | ---- | C] ( ) -- E:WINDOWSSystem32lxdehcp.dll
[2011-04-10 19:40:57 | 000,348,160 | R--- | C] () -- E:WINDOWSSystem32lxdecoin.dll
[2011-04-10 12:43:47 | 000,233,472 | ---- | C] () -- E:WINDOWSSystem32cmirmdrv.exe
[2011-04-10 12:43:47 | 000,028,672 | ---- | C] () -- E:WINDOWSSystem32cmirmdrv.dll
[2011-04-10 09:47:13 | 000,002,608 | ---- | C] () -- E:WINDOWSAscd_tmp.ini
[2011-04-10 09:47:12 | 000,005,824 | ---- | C] () -- E:WINDOWSSystem32driversASUSHWIO.SYS
[2011-04-10 09:20:24 | 000,000,028 | ---- | C] () -- E:WINDOWSODBC.INI
[2011-04-09 19:12:46 | 000,004,293 | ---- | C] () -- E:WINDOWSODBCINST.INI
[2011-04-09 19:11:14 | 001,427,880 | ---- | C] () -- E:WINDOWSSystem32FNTCACHE.DAT
[2011-04-09 19:01:55 | 000,000,010 | ---- | C] () -- E:WINDOWSwininit.ini
[2011-04-09 18:55:48 | 000,002,048 | --S- | C] () -- E:WINDOWSbootstat.dat
[2011-04-09 18:49:32 | 000,021,856 | ---- | C] () -- E:WINDOWSSystem32emptyregdb.dat
< End of report >

Zauważyłem dzisiaj dużo dziwnych nowych plików, których wcześniej nie było na dyskach. To robota tego robaka ?
I jeszcze pytanko. Czy taki wirus nie wykrada czasem jakichś haseł do kont bankowych i innych haseł wklepywanych prze mnie w internecie ? Nic o tym nie słyszałem, ale wolę się upewnić.

Teraz po tej wpadce bardziej się przyłożę do ochrony komputera. Nawet zainstaluję jakiegoś Linuxa, będę miał spokój. Mój komputer nie złapał groźnego wirusa od kilku lat, w końcu się trafiło

Dostałem też informacje od użytkowników, że wirus włamał się na moje forum internetowe...

Jeszcze jedno - Avast pobiera się, aż miło. Podziękowania za pomoc

Użytkownik Powerjet edytował ten post 22 03 2012 - 12:04

Do góry

#4 ordynat

Zaawansowany użytkownik

804 postów

Napisano 22 03 2012 - 13:01

Zauważyłem dzisiaj dużo dziwnych nowych plików, których wcześniej nie było na dyskach. To robota tego robaka ?

Nie wiem, o które pliki Ci chodzi?

Czy taki wirus nie wykrada czasem jakichś haseł do kont bankowych i innych haseł wklepywanych prze mnie w internecie ?

CONFICKER wykrada różne dane, ale bardziej jest zainteresowany dużymi Firmami, niż pojedyńczymi Użytkownikami.
Nie słyszałem o żadnym przypadku ukradzenia danych pojedyńczemu Użytkownikowi.

.