x-kom hosting

log z combofix

dzodzo
utworzono
utworzono (edytowane)
Log do sprawdzenia
ComboFix 09-09-07.03 - boss 2009-09-08 10:30.3.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.2046.1577 [GMT 2:00]
Uruchomiony z: c:\documents and settings\boss\Pulpit\ComboFix.exe
.
ADS - WINDOWS: deleted 24 bytes in 1 streams.

((((((((((((((((((((((((( Pliki utworzone od 2009-08-08 do 2009-09-08 )))))))))))))))))))))))))))))))
.

2009-09-29 15:33 . 2009-09-29 15:33 -------- d-----w- c:\program files\Cute MP3 Converter
2009-09-08 08:14 . 2009-09-08 08:21 -------- d-----w- c:\windows\LastGood
2009-09-08 08:14 . 2009-09-08 08:14 -------- d-----w- c:\program files\ESET
2009-09-07 17:06 . 2001-10-26 14:57 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2009-09-07 17:06 . 2001-10-26 14:57 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2009-09-05 06:57 . 2009-09-05 07:00 -------- d-----w- c:\documents and settings\boss\Dane aplikacji\BearShareTb
2009-09-05 06:57 . 2009-09-05 06:57 -------- d-----w- c:\program files\BearShareTb
2009-09-05 06:57 . 2009-09-05 07:17 -------- d-----w- c:\documents and settings\boss\Ustawienia lokalne\Dane aplikacji\BearShare
2009-09-05 06:57 . 2009-09-05 06:57 -------- d-----w- c:\program files\BearShare Applications
2009-09-04 17:58 . 2009-09-04 20:39 -------- d-----w- c:\documents and settings\boss\Dane aplikacji\ChomikBox
2009-09-04 08:18 . 2004-04-30 07:37 160640 ----a-w- c:\windows\system32\drivers\a347bus.sys
2009-09-04 08:18 . 2004-04-30 07:33 5248 ----a-w- c:\windows\system32\drivers\a347scsi.sys
2009-09-04 08:18 . 2009-09-04 08:18 -------- d-----w- c:\program files\Alcohol Soft
2009-08-12 21:26 . 2008-10-16 12:06 268648 ----a-w- c:\windows\system32\mucltui.dll
2009-08-12 16:09 . 2009-07-10 13:31 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-08 08:29 . 2009-05-30 14:47 -------- d-----w- c:\documents and settings\boss\Dane aplikacji\foobar2000
2009-09-08 08:21 . 2009-03-23 20:10 -------- d-----w- c:\program files\PROGRAMY
2009-09-08 08:18 . 2009-03-23 20:46 -------- d-----w- c:\documents and settings\boss\Dane aplikacji\uTorrent
2009-09-08 07:48 . 2009-03-25 12:24 -------- d-----w- c:\documents and settings\boss\Dane aplikacji\Nowe Gadu-Gadu
2009-09-07 17:31 . 2004-08-04 10:00 361600 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-09-07 16:38 . 2009-03-23 23:41 361600 ----a-w- c:\windows\system32\drivers\tcpip.sys.backup
2009-09-06 18:25 . 2009-03-24 15:56 189392 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-09-06 18:24 . 2009-03-24 15:56 138016 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-09-06 17:56 . 2009-03-23 19:44 -------- d-----w- c:\documents and settings\boss\Dane aplikacji\Skype
2009-09-06 17:39 . 2009-03-23 19:45 -------- d-----w- c:\documents and settings\boss\Dane aplikacji\skypePM
2009-08-11 21:08 . 2009-03-24 15:43 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\NVIDIA
2009-08-11 15:31 . 2009-04-12 12:55 -------- d-----w- c:\program files\America's Army Server Manager
2009-08-11 15:30 . 2009-03-23 20:32 -------- d-----w- c:\program files\GRY
2009-08-10 19:27 . 2009-03-23 23:44 -------- d-----w- c:\documents and settings\boss\Dane aplikacji\Kamerzysta
2009-08-10 19:09 . 2009-04-24 19:57 -------- d-----w- c:\program files\Strip Poker Exclusive 4
2009-08-10 19:09 . 2009-04-19 15:03 -------- d-----w- c:\program files\Sony Ericsson
2009-08-08 17:25 . 2009-03-24 15:55 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-08-05 09:01 . 2004-08-04 10:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-29 14:15 . 2009-03-23 18:22 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-29 14:04 . 2009-07-12 20:01 -------- d-----w- c:\program files\SlySoft
2009-07-27 16:37 . 2009-07-27 11:54 -------- d-----w- c:\program files\GameSpy Arcade
2009-07-27 16:36 . 2009-07-27 16:36 -------- d-----w- c:\program files\AWS
2009-07-27 16:33 . 2009-07-27 16:33 -------- d-----w- c:\program files\Buka
2009-07-22 13:54 . 2009-07-22 13:54 -------- d-----w- c:\program files\Google
2009-07-22 13:54 . 2009-04-07 12:37 -------- d---a-w- c:\documents and settings\All Users\Dane aplikacji\TEMP
2009-07-20 18:40 . 2009-07-20 17:54 -------- d-----w- c:\program files\Common Files\Teleca Shared
2009-07-20 17:59 . 2009-07-20 17:59 -------- d-----w- c:\documents and settings\boss\Dane aplikacji\Teleca
2009-07-20 17:58 . 2009-07-20 17:58 -------- d-----w- c:\documents and settings\boss\Dane aplikacji\Sony Ericsson
2009-07-20 08:02 . 2009-07-20 08:02 -------- d-----w- c:\documents and settings\boss\Dane aplikacji\Apple Computer
2009-07-20 07:59 . 2009-07-20 07:59 -------- d-----w- c:\program files\QuickTime
2009-07-20 07:59 . 2009-07-20 07:59 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Apple Computer
2009-07-17 19:04 . 2004-08-04 10:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-15 13:25 . 2009-07-15 13:25 -------- d-----w- c:\documents and settings\boss\Dane aplikacji\cmw
2009-07-13 21:43 . 2004-08-04 10:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-13 08:50 . 2009-07-13 08:50 -------- d-----w- c:\program files\AGEIA Technologies
2009-07-13 08:49 . 2009-07-13 08:49 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-07-13 08:49 . 2009-07-13 08:49 -------- d-----w- c:\program files\Xvid
2009-06-29 23:10 . 2009-06-29 23:10 3 ----a-w- c:\documents and settings\boss\Dane aplikacji\new.exe
2009-06-29 15:59 . 2006-03-04 03:35 827392 ----a-w- c:\windows\system32\wininet.dll
2009-06-29 15:59 . 2004-08-04 10:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-06-29 15:59 . 2004-08-04 10:00 17408 ------w- c:\windows\system32\corpol.dll
2009-06-25 08:27 . 2004-08-04 10:00 732160 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:27 . 2004-08-04 10:00 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:27 . 2004-08-04 10:00 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:27 . 2004-08-04 10:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-25 08:27 . 2004-08-04 10:00 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:27 . 2004-08-04 10:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-24 11:18 . 2004-08-04 10:00 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-24 00:20 . 2009-06-08 00:02 289248 ----a-w- c:\documents and settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
2009-06-21 22:56 . 2009-06-21 22:56 3 ----a-w- c:\documents and settings\boss\Dane aplikacji\svs.exe
2009-06-19 22:32 . 2009-03-23 23:45 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-06-19 22:32 . 2009-03-23 23:45 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-06-16 14:40 . 2004-08-04 10:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:40 . 2004-08-04 10:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-15 10:45 . 2004-08-04 10:00 78336 ----a-w- c:\windows\system32\telnet.exe
2009-06-15 10:45 . 2004-08-04 10:00 82944 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-10 14:15 . 2004-08-04 10:00 84992 ----a-w- c:\windows\system32\avifil32.dll
.

------- Sigcheck -------

[-] 2009-09-07 . 001A8A8DDD048ED8E164BE865140605C . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2009-09-07 . 001A8A8DDD048ED8E164BE865140605C . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2009-03-23 . 324703B2316F82D656311A4607EAFC29 . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
2009-08-10 14:06 91576 ----a-w- c:\program files\BearShareTb\BearShareDx.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
2009-05-04 10:56 398776 ----a-w- c:\program files\BearShare Applications\BearShare\BearShareIEHelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{0974BA1E-64EC-11DE-B2A5-E43756D89593}"= "c:\program files\BearShareTb\BearShareDx.dll" [2009-08-10 91576]

[HKEY_CLASSES_ROOT\clsid\{0974ba1e-64ec-11de-b2a5-e43756d89593}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-07-08 288048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-28 8523776]
"FixCamera"="c:\windows\FixCamera.exe" [2007-02-12 20480]
"tsnp325"="c:\windows\tsnp325.exe" [2006-10-10 270336]
"snp325"="c:\windows\vsnp325.exe" [2006-10-10 827392]
"Onet.pl AutoUpdate"="c:\program files\Common Files\Onet.pl\AutoUpdate.exe" [2006-02-08 260096]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-19 198160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-07-20 155648]

c:\documents and settings\boss\Menu Start\Programy\Autostart\
santa.bat [2009-6-22 181]

c:\documents and settings\All Users\Menu Start\Programy\Autostart\
Microsoft Office.lnk - c:\program files\PROGRAMY\Office\OSA9.EXE [1999-2-17 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\PROGRAMY\\ChomikBox.exe"=
"c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"=
"c:\\Program Files\\GRY\\amerikan\\System\\ArmyOps.exe"=
"c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R2 Uniblue DiskRescue;Uniblue DiskRescue;c:\program files\Uniblue\DiskRescue\UBDiskRescueSrv.exe [2008-09-10 229648]
S3 ABIT-IO;ABIT-IO;\??\c:\program files\U-ABIT\abitEQ\ABIT-IO.sys --> c:\program files\U-ABIT\abitEQ\ABIT-IO.sys [?]
S3 s816bus;Sony Ericsson Device 816 driver (WDM);c:\windows\system32\drivers\s816bus.sys [2009-05-06 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;c:\windows\system32\drivers\s816mdfl.sys [2009-05-06 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;c:\windows\system32\drivers\s816mdm.sys [2009-05-06 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s816mgmt.sys [2009-05-06 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS);c:\windows\system32\drivers\s816nd5.sys [2009-05-07 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface;c:\windows\system32\drivers\s816obex.sys [2009-05-06 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM);c:\windows\system32\drivers\s816unic.sys [2009-05-07 97704]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys [2009-04-05 10253056]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Zawartość folderu 'Zaplanowane zadania'

2009-04-07 c:\windows\Tasks\Uniblue DiskRescue 2009.job
- c:\program files\Uniblue\DiskRescue\UBDiskRescue.exe [2008-09-10 15:22]
.
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://search.bearshare.com/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
FF - ProfilePath - c:\documents and settings\boss\Dane aplikacji\Mozilla\Firefox\Profiles\k0cmttlc.default\
FF - prefs.js: browser.search.selectedEngine - BearShare Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.onet.pl/
FF - prefs.js: keyword.URL - hxxp://search.bearshare.com/webResults.html?src=ffb&q=
FF - plugin: c:\documents and settings\boss\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-08 10:32
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

[HKEY_USERS\S-1-5-21-2025429265-448539723-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

- - - - - - - > 'explorer.exe'(2456)
c:\windows\system32\WININET.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Czas ukończenia: 2009-09-08 10:32
ComboFix-quarantined-files.txt 2009-09-08 08:32

Przed: 31 462 092 800 bajtów wolnych
Po: 31 565 230 080 bajtów wolnych

214 --- E O F --- 2009-08-25 18:56

Psycholandia
komentarz
komentarz
Czy przeglądałeś dział FAQ -> Obsługa forum? Jeżeli tak to zapewne wiesz, że logi wstawiamy w tagi LOG . Tu masz instrukcję Tworzenie loga

Popraw swój post. W przypadku odmowy, będę zmuszony przenieść Twój temat do Kosza.

  • Dobra wypowiedź 1
Gość
komentarz
komentarz

Log jest czysty.

.

MarekM25
komentarz
komentarz

usuń C:\Recyler po prostu:P

dzodzo
komentarz
komentarz

jednak coś siedzi u mnie w kompie

Trojan.Win32.BHO.ypd

c:\system volume information\_restore{3f8ddc2d-d789-457f-8a60-dcdba652fd49}\rp143\a0033999.dll

MarekM25
komentarz
komentarz

Wyłącz i włącz przywracanie systemu (Mój komputer->PPM->właściwości->Przywracanie systemu-> Zaznaczasz Wyłącz przywracanie systemu na wszystkich dyskach a później znowu zaznaczasz).

dzodzo
komentarz
komentarz

jest lepiej ale jeszcze coś się muli komputer :/

MarekM25
komentarz
komentarz

OTListIt2. Przeskanuj komputer dr webem

dzodzo
komentarz
komentarz (edytowane)

OTl log

Log do sprawdzenia
OTL logfile created on: 2009-09-12 15:20:29 - Run 1

OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\boss\Pulpit

Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,33 Gb Available Physical Memory | 66,37% Memory free

3,85 Gb Paging File | 3,19 Gb Available in Paging File | 83,03% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 60,00 Gb Total Space | 29,51 Gb Free Space | 49,18% Space Free | Partition Type: NTFS

Drive D: | 70,00 Gb Total Space | 3,11 Gb Free Space | 4,44% Space Free | Partition Type: NTFS

Drive E: | 102,87 Gb Total Space | 3,33 Gb Free Space | 3,24% Space Free | Partition Type: NTFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: BONZER

Current User Name: boss

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========

PRC - [2008-04-14 19:21:16 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE

PRC - [2007-02-12 14:50:40 | 00,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe

PRC - [2006-10-10 15:49:42 | 00,270,336 | ---- | M] () -- C:\WINDOWS\tsnp325.exe

PRC - [2006-10-10 14:11:08 | 00,827,392 | ---- | M] () -- C:\WINDOWS\vsnp325.exe

PRC - [2006-02-08 16:40:50 | 00,260,096 | ---- | M] (Onet.pl) -- C:\Program Files\Common Files\Onet.pl\AutoUpdate.exe

PRC - [2009-06-20 00:32:52 | 00,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe

PRC - [2007-06-28 12:51:38 | 00,218,376 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe

PRC - [2007-06-28 12:51:38 | 00,218,376 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe

PRC - [2009-03-24 01:49:24 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe

PRC - [2007-11-28 10:45:31 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe

PRC - [2009-08-08 19:25:24 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe

PRC - [2009-09-06 20:25:32 | 00,189,392 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe

PRC - [2008-09-10 17:22:22 | 00,229,648 | ---- | M] (Uniblue) -- C:\Program Files\Uniblue\DiskRescue\UBDiskRescueSrv.exe

PRC - [2009-08-11 10:04:48 | 01,517,568 | ---- | M] () -- C:\Program Files\PROGRAMY\ChomikBox.exe

PRC - [2009-05-29 10:53:17 | 09,818,728 | ---- | M] (GG Network S.A.) -- C:\Program Files\Nowe Gadu-Gadu\gg.exe

PRC - [2009-04-20 16:08:38 | 00,077,824 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe

PRC - [2009-06-29 10:35:10 | 00,634,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\internet explorer\iexplore.exe

PRC - [2009-09-30 16:16:27 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2009-09-12 15:19:54 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\boss\Pulpit\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2008-07-25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])

SRV - [2007-06-28 12:51:38 | 00,218,376 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe -- (AVP [Auto | Running])

SRV - [2008-07-25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])

SRV - [2008-07-29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])

SRV - [2008-08-01 00:16:28 | 00,136,120 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])

SRV - [2008-04-14 19:20:44 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])

SRV - [2007-03-11 21:24:50 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08 [On_Demand | Running])

SRV - [2007-03-11 22:02:52 | 00,131,072 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc [Auto | Running])

SRV - [2005-11-14 01:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])

SRV - [2008-07-29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Stopped])

SRV - [2009-03-24 01:49:24 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])

SRV - [2006-11-08 16:35:36 | 00,043,520 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\System32\HPZinw12.dll -- (Net Driver HPZ12 [Auto | Running])

SRV - [2008-07-29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])

SRV - [2007-11-28 10:45:31 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])

SRV - [2006-11-08 16:35:38 | 00,053,248 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\System32\HPZipm12.dll -- (Pml Driver HPZ12 [Auto | Running])

SRV - [2009-08-08 19:25:24 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])

SRV - [2009-09-06 20:25:32 | 00,189,392 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe -- (PnkBstrB [Auto | Running])

SRV - [2008-09-10 17:22:22 | 00,229,648 | ---- | M] (Uniblue) -- C:\Program Files\Uniblue\DiskRescue\UBDiskRescueSrv.exe -- (Uniblue DiskRescue [Auto | Running])

SRV - [2006-12-01 11:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2004-04-30 09:37:02 | 00,160,640 | ---- | M] ( ) -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus [boot | Running])

DRV - [2004-04-30 09:33:00 | 00,005,248 | ---- | M] ( ) -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi [boot | Running])

DRV - [2008-04-13 20:40:30 | 00,096,512 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi [boot | Running])

DRV - [2007-08-08 18:54:10 | 00,028,968 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\ATITool.sys -- (ATITool [system | Stopped])

DRV - [2007-03-16 11:11:38 | 00,012,256 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\drivers\TBPANEL.SYS -- (Cardex [On_Demand | Stopped])

DRV - [2004-12-13 23:14:00 | 00,039,904 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\System32\drivers\cercsr6.sys -- (cercsr6 [boot | Stopped])

DRV - [2004-10-25 21:02:00 | 00,021,664 | ---- | M] (EnTech Taiwan) -- C:\WINDOWS\System32\DRIVERS\ENTECH.sys -- (ENTECH [On_Demand | Stopped])

DRV - [2008-04-13 18:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])

DRV - [2007-03-08 06:20:48 | 00,049,920 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])

DRV - [2007-03-08 06:20:49 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])

DRV - [2007-03-08 06:20:50 | 00,021,568 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])

DRV - [2007-01-30 12:57:50 | 04,474,368 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])

DRV - [2009-09-10 21:23:56 | 00,112,144 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1 [boot | Running])

DRV - [2009-09-10 21:23:56 | 00,194,320 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys -- (klif [system | Running])

DRV - [2007-04-04 14:58:26 | 00,024,344 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\DRIVERS\klim5.sys -- (klim5 [On_Demand | Running])

DRV - [2006-04-18 14:53:44 | 00,004,047 | ---- | M] () -- C:\Program Files\U-ABIT\FlashMenu\Memctl.sys -- (Memctl [On_Demand | Stopped])

DRV - [2007-11-28 10:45:31 | 07,429,088 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])

DRV - [2009-09-06 20:24:27 | 00,138,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys -- (PnkBstrK [On_Demand | Stopped])

DRV - [2004-08-04 12:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])

DRV - [2008-11-20 21:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [boot | Running])

DRV - [2007-06-19 09:51:16 | 00,081,832 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s816bus.sys -- (s816bus [On_Demand | Stopped])

DRV - [2007-06-19 09:51:18 | 00,013,864 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s816mdfl.sys -- (s816mdfl [On_Demand | Stopped])

DRV - [2007-06-19 09:51:20 | 00,107,304 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s816mdm.sys -- (s816mdm [On_Demand | Stopped])

DRV - [2007-06-19 09:51:18 | 00,099,112 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s816mgmt.sys -- (s816mgmt [On_Demand | Stopped])

DRV - [2007-06-19 09:51:18 | 00,021,928 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s816nd5.sys -- (s816nd5 [On_Demand | Stopped])

DRV - [2007-06-19 09:51:18 | 00,097,320 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s816obex.sys -- (s816obex [On_Demand | Stopped])

DRV - [2007-06-19 09:51:18 | 00,097,704 | ---- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\s816unic.sys -- (s816unic [On_Demand | Stopped])

DRV - [2006-09-18 14:58:48 | 00,061,600 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE27bus.sys -- (SE27bus [On_Demand | Stopped])

DRV - [2006-09-18 14:58:52 | 00,009,360 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE27mdfl.sys -- (SE27mdfl [On_Demand | Stopped])

DRV - [2006-09-18 14:58:54 | 00,097,184 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE27mdm.sys -- (SE27mdm [On_Demand | Stopped])

DRV - [2006-09-18 14:58:58 | 00,088,688 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE27mgmt.sys -- (SE27mgmt [On_Demand | Stopped])

DRV - [2006-09-18 14:59:00 | 00,018,704 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se27nd5.sys -- (se27nd5 [On_Demand | Stopped])

DRV - [2006-09-18 14:59:02 | 00,086,560 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE27obex.sys -- (SE27obex [On_Demand | Stopped])

DRV - [2006-09-18 14:59:08 | 00,090,800 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se27unic.sys -- (se27unic [On_Demand | Stopped])

DRV - [2008-04-13 18:39:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])

DRV - [2007-04-20 18:51:56 | 10,253,056 | ---- | M] (Sonix Co. Ltd.) -- C:\WINDOWS\System32\DRIVERS\snp325.sys -- (SNP325 [On_Demand | Stopped])

DRV - [2009-03-25 00:35:28 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [boot | Running])

DRV - [2007-03-16 11:11:38 | 00,012,256 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel [Auto | Running])

DRV - [2008-04-13 20:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Running])

DRV - [2007-01-12 10:54:00 | 00,010,848 | ---- | M] () -- C:\Program Files\U-ABIT\FlashMenu\WinFlash.sys -- (WINFLASH [On_Demand | Stopped])

DRV - [2006-11-22 09:01:00 | 00,250,496 | ---- | M] (Marvell) -- C:\WINDOWS\System32\DRIVERS\yk51x86.sys -- (yukonwxp [On_Demand | Running])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2025429265-448539723-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

IE - HKU\S-1-5-21-2025429265-448539723-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKU\S-1-5-21-2025429265-448539723-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKU\S-1-5-21-2025429265-448539723-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/

IE - HKU\S-1-5-21-2025429265-448539723-839522115-1003\S-1-5-21-2025429265-448539723-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "BearShare Web Search"

FF - prefs.js..browser.search.order.1: "BearShare Web Search"

FF - prefs.js..browser.search.selectedEngine: "BearShare Web Search"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/"

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.0

FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2

FF - prefs.js..keyword.URL: "http://search.bearshare.com/webResults.html?src=ffb&q="

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-03-24 01:49:25 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-06-30 22:05:22 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-12 14:36:03 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-30 16:16:36 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2009-03-23 22:06:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\mozilla\Extensions

[2009-03-23 22:06:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2009-09-05 13:07:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\mozilla\Firefox\Profiles\k0cmttlc.default\extensions

[2009-06-30 22:10:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\mozilla\Firefox\Profiles\k0cmttlc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2009-08-13 21:37:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\mozilla\Firefox\Profiles\k0cmttlc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2009-09-05 13:07:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\mozilla\Firefox\Profiles\k0cmttlc.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}

[2009-07-18 01:02:48 | 00,002,476 | ---- | M] () -- C:\Documents and Settings\boss\Dane aplikacji\Mozilla\FireFox\Profiles\k0cmttlc.default\searchplugins\BearShareWebSearch.xml

[2009-06-18 10:20:51 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions

[2009-09-30 16:16:26 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2009-09-30 16:16:24 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll

[2009-09-30 16:16:24 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll

[2007-04-10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll

[2009-09-30 16:16:30 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll

[2007-05-10 22:52:34 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll

[2009-06-20 00:33:00 | 00,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll

[2009-07-20 09:59:55 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll

[2009-07-20 09:59:55 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll

[2009-07-20 09:59:55 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll

[2009-07-20 09:59:55 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll

[2009-07-20 09:59:55 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll

[2009-07-20 09:59:55 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll

[2009-07-20 09:59:55 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll

[2009-06-20 00:33:07 | 00,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll

[2009-06-20 00:32:57 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll

[2009-09-30 16:16:31 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml

[2009-07-18 01:02:48 | 00,002,476 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml

[2009-09-30 16:16:31 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml

[2009-09-30 16:16:31 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml

[2009-09-30 16:16:31 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml

[2009-09-30 16:16:31 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml

[2009-09-30 16:16:31 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml

[2009-09-30 16:16:31 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)

O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll ()

O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare\BearShareIEHelper.dll ()

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll ()

O3 - HKU\S-1-5-21-2025429265-448539723-839522115-1003\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe (Kaspersky Lab)

O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [Onet.pl AutoUpdate] C:\Program Files\Common Files\Onet.pl\AutoUpdate.exe (Onet.pl)

O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)

O4 - HKLM..\Run: [snp325] C:\WINDOWS\vsnp325.exe ()

O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe ()

O4 - HKU\S-1-5-21-2025429265-448539723-839522115-1003..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\PROGRAMY\Office\OSA9.EXE (Microsoft Corporation)

O4 - Startup: C:\Documents and Settings\boss\Menu Start\Programy\Autostart\santa.bat ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-2025429265-448539723-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-2025429265-448539723-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-21-2025429265-448539723-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-21-2025429265-448539723-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\S-1-5-21-2025429265-448539723-839522115-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm ()

O9 - Extra Button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll (Kaspersky Lab)

O9 - Extra Button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)

O9 - Extra Button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)

O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (Reg Error: Key error.)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1250091209609 (MUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)

O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.175.180.30 83.175.180.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll (Kaspersky Lab)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\System32\klogon.dll (Kaspersky Lab)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-03-23 20:11:54 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2009-04-05 07:41:09 | 00,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2009-04-05 07:41:09 | 00,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2009-04-05 07:41:09 | 00,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck) - File not found

O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)

O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[6 C:\WINDOWS\*.tmp files]

[2009-10-03 20:13:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\boss\Moje dokumenty\Pobieranie

[2009-10-02 19:58:02 | 00,485,668 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\akon ft. david guetta - sexy bitch dzwonek 1.mp3

[2009-10-02 19:53:43 | 03,909,621 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\akon ft. david guetta - sexy bitch.mp3

[2009-09-30 14:32:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\boss\Pulpit\techno amfitratr

[2009-09-30 14:29:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\boss\Pulpit\Nowy folder

[2009-09-29 18:19:54 | 00,290,095 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\dj numerraz - mama dzwoni.mp3

[2009-09-29 18:00:58 | 00,000,706 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\mp3DirectCut.lnk

[2009-09-29 18:00:12 | 00,212,713 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\mp3DC211.exe

[2009-09-29 17:45:54 | 00,000,721 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\Audacity.lnk

[2009-09-29 17:33:24 | 01,323,008 | ---- | C] (Streamware Development) -- C:\WINDOWS\System32\swdvorbi.ocx

[2009-09-29 17:33:24 | 00,282,624 | ---- | C] (Streamware Development) -- C:\WINDOWS\System32\swdcdrip.ocx

[2009-09-29 17:33:24 | 00,270,336 | ---- | C] (Streamware Development) -- C:\WINDOWS\System32\swdmp3.ocx

[2009-09-29 17:33:24 | 00,208,896 | ---- | C] (Streamware Development) -- C:\WINDOWS\System32\swdwma9.ocx

[2009-09-29 17:33:24 | 00,176,128 | ---- | C] (Streamware Development) -- C:\WINDOWS\System32\swdwave.ocx

[2009-09-29 17:33:24 | 00,131,072 | ---- | C] (Streamware Development) -- C:\WINDOWS\System32\swdplay.ocx

[2009-09-29 17:33:24 | 00,118,784 | ---- | C] (Streamware Development) -- C:\WINDOWS\System32\swdconv.ocx

[2009-09-29 17:33:24 | 00,000,750 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\Cute MP3 Converter.lnk

[2009-09-29 17:33:22 | 00,000,000 | ---D | C] -- C:\Program Files\Cute MP3 Converter

[2009-09-29 17:31:35 | 03,565,491 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\cmc.exe

[2009-09-12 15:21:22 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\launch(5).exe

[2009-09-12 15:21:20 | 17,255,602 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\launch(5).exe.part

[2009-09-12 15:19:54 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\boss\Pulpit\OTL.exe

[2009-09-11 17:21:01 | 00,001,498 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\Kalkulator.lnk

[2009-09-11 17:02:06 | 00,731,282 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\dysk_gut(2).zip

[2009-09-11 17:01:59 | 00,775,652 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\winimage60pl.rar

[2009-09-11 17:01:30 | 00,731,282 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\dysk_gut.zip

[2009-09-10 21:09:12 | 00,107,547 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat

[2009-09-10 21:09:11 | 00,095,259 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat

[2009-09-10 21:08:49 | 00,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab

[2009-09-10 21:08:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab

[2009-09-10 21:08:47 | 00,021,536 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat

[2009-09-10 21:08:47 | 00,015,648 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.dat

[2009-09-10 21:08:47 | 00,002,348 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.idx

[2009-09-10 21:08:47 | 00,000,032 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.idx

[2009-09-09 19:45:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\E280

[2009-09-09 09:18:55 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\triedit.dll

[2009-09-08 20:03:33 | 00,000,000 | -HSD | C] -- C:\RECYCLER

[2009-09-08 10:32:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp

[2009-09-08 10:29:56 | 00,230,912 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2009-09-08 10:14:17 | 00,000,000 | ---D | C] -- C:\Program Files\ESET

[2009-09-08 10:08:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\boss\Pulpit\Nowy folder (2)

[2009-09-07 19:06:15 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mouhid.sys

[2009-09-07 19:06:15 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys

[2009-09-06 10:43:46 | 00,016,477 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\Final_Destination_The_(NAPiSY-110908).NS.zip

[2009-09-05 09:34:46 | 01,823,266 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\Vixen_-_Pokaz_feat._Peja dzwonek.mp3

[2009-09-05 09:05:56 | 06,837,729 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\Vixen_-_Pokaz_feat._Peja.mp3

[2009-09-05 08:57:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\boss\Moje dokumenty\My Received Files

[2009-09-05 08:57:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\boss\Moje dokumenty\BearShare

[2009-09-05 08:57:38 | 00,076,407 | ---- | C] () -- C:\Documents and Settings\boss\Dane aplikacji\Smiley.ico

[2009-09-05 08:57:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\boss\Dane aplikacji\BearShareTb

[2009-09-05 08:57:35 | 00,000,000 | ---D | C] -- C:\Program Files\BearShareTb

[2009-09-05 08:57:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\boss\Ustawienia lokalne\Dane aplikacji\BearShare

[2009-09-05 08:57:19 | 00,483,328 | ---- | C] (SoftShape Development) -- C:\WINDOWS\System32\actskn45.ocx

[2009-09-05 08:57:16 | 00,000,000 | ---D | C] -- C:\Program Files\BearShare Applications

[2009-09-04 19:58:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\boss\Dane aplikacji\ChomikBox

[2009-09-04 15:29:20 | 00,154,725 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\Faktura - era.pdf

[2009-09-04 10:18:35 | 00,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys

[2009-09-04 10:18:35 | 00,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys

[2009-09-04 10:18:34 | 00,001,785 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Alcohol 120%.lnk

[2009-09-04 10:18:31 | 00,000,000 | ---D | C] -- C:\Program Files\Alcohol Soft

[2009-08-25 16:13:57 | 00,603,158 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\Obrazek.jpg

[2009-08-22 18:53:42 | 00,000,799 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\Playlist H-H.lnk

[2009-08-19 19:17:33 | 00,018,336 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\mam wyjebane.jpeg

[2009-08-15 22:14:18 | 00,064,816 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\Obraz(3).jpeg

[2009-08-15 22:14:01 | 00,067,943 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\Obraz(2).jpeg

[2009-08-15 22:13:36 | 00,056,432 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\Obraz.jpeg

[2009-08-14 19:54:55 | 00,082,700 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\P1020240.jpg

[2009-08-14 18:27:22 | 00,160,266 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\single2.JPG

[2009-07-15 17:59:52 | 00,000,024 | ---- | C] () -- C:\WINDOWS\cdplayer.ini

[2009-05-15 00:07:58 | 00,210,032 | ---- | C] () -- C:\WINDOWS\System32\DBCLIENT.DLL

[2009-04-23 19:36:58 | 00,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpx32.dll

[2009-04-09 20:00:18 | 00,010,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\WinFlash.sys

[2009-04-07 16:26:37 | 00,000,000 | ---- | C] () -- C:\WINDOWS\graphedit.INI

[2009-04-05 21:55:08 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2009-04-05 21:55:07 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini

[2009-04-05 21:55:02 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2009-04-05 21:55:02 | 00,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2009-04-05 21:55:02 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2009-04-05 15:03:37 | 00,015,498 | ---- | C] () -- C:\WINDOWS\snp325.ini

[2009-04-05 15:03:33 | 00,147,456 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp325.dll

[2009-04-05 15:03:33 | 00,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnp325.dll

[2009-04-05 15:03:33 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp325.dll

[2009-04-02 20:01:22 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI

[2009-03-25 15:54:27 | 00,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2009-03-25 00:35:28 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys

[2009-03-24 22:10:53 | 00,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys

[2009-03-24 21:12:22 | 00,000,059 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2009-03-24 17:56:14 | 00,138,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys

[2009-03-24 02:13:10 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2009-03-24 02:13:09 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2009-03-23 20:32:18 | 00,000,558 | ---- | C] () -- C:\WINDOWS\DFC.INI

[2009-03-16 22:16:48 | 00,000,030 | -HS- | C] () -- C:\WINDOWS\System32\SECENEKLER8.INI

[2008-10-07 09:13:30 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll

[2008-10-07 09:13:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll

[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll

[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll

[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll

[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll

[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll

[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll

[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll

[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll

[2007-11-28 10:45:31 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll

[2007-11-28 10:45:31 | 01,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll

[2007-11-28 10:45:31 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll

[2007-11-28 10:45:31 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll

[2007-11-28 10:45:31 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll

[2007-09-12 23:54:48 | 00,141,180 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat

[2007-08-08 18:54:10 | 00,028,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATITool.sys

[2004-08-04 12:00:00 | 00,096,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys

[2004-08-04 12:00:00 | 00,000,869 | ---- | C] () -- C:\WINDOWS\win.ini

[2004-08-04 12:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini

[1999-01-22 20:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]

[6 C:\WINDOWS\*.tmp files]

[2009-10-03 20:12:38 | 00,019,456 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\Nowy Dokument programu Microsoft Word .doc

[2009-10-02 19:58:02 | 00,485,668 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\akon ft. david guetta - sexy bitch dzwonek 1.mp3

[2009-09-29 18:19:54 | 00,290,095 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\dj numerraz - mama dzwoni.mp3

[2009-09-29 18:00:58 | 00,000,706 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\mp3DirectCut.lnk

[2009-09-29 18:00:21 | 00,212,713 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\mp3DC211.exe

[2009-09-29 17:45:54 | 00,000,721 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\Audacity.lnk

[2009-09-29 17:33:24 | 00,000,750 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\Cute MP3 Converter.lnk

[2009-09-29 17:31:45 | 03,565,491 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\cmc.exe

[2009-09-12 15:22:28 | 17,273,952 | ---- | M] (Doctor Web, Ltd.) -- C:\Documents and Settings\boss\Pulpit\launch(5).exe

[2009-09-12 15:21:18 | 00,197,152 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat

[2009-09-12 15:21:18 | 00,000,032 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx

[2009-09-12 15:21:15 | 00,015,648 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat

[2009-09-12 15:19:54 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\boss\Pulpit\OTL.exe

[2009-09-12 14:29:27 | 00,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2009-09-12 14:29:08 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2009-09-12 14:29:07 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2009-09-12 12:31:40 | 00,002,348 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx

[2009-09-11 17:02:07 | 00,731,282 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\dysk_gut(2).zip

[2009-09-11 17:02:00 | 00,775,652 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\winimage60pl.rar

[2009-09-11 17:01:30 | 00,731,282 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\dysk_gut.zip

[2009-09-11 02:53:34 | 00,000,169 | -H-- | M] () -- C:\Documents and Settings\boss\Menu Start\Programy\Autostart\santa.bat

[2009-09-11 02:51:13 | 00,107,547 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat

[2009-09-11 02:51:13 | 00,095,259 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat

[2009-09-10 21:23:56 | 00,194,320 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys

[2009-09-10 21:23:56 | 00,112,144 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\kl1.sys

[2009-09-10 20:39:36 | 00,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk

[2009-09-10 19:41:37 | 00,114,688 | ---- | M] () -- C:\Documents and Settings\boss\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-09-10 12:09:33 | 00,000,869 | ---- | M] () -- C:\WINDOWS\win.ini

[2009-09-09 00:31:44 | 00,361,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip.sys

[2009-09-09 00:31:44 | 00,361,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip.sys

[2009-09-08 21:58:25 | 00,002,483 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\Microsoft Word.lnk

[2009-09-08 10:32:25 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini

[2009-09-07 19:31:27 | 00,361,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip.sys.backup

[2009-09-06 21:20:44 | 00,000,206 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\hwmonitorw.ini

[2009-09-06 20:25:32 | 00,189,392 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr

[2009-09-06 20:25:32 | 00,189,392 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe

[2009-09-06 20:24:27 | 00,138,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys

[2009-09-06 10:43:46 | 00,016,477 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\Final_Destination_The_(NAPiSY-110908).NS.zip

[2009-09-05 09:34:46 | 01,823,266 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\Vixen_-_Pokaz_feat._Peja dzwonek.mp3

[2009-09-05 09:28:04 | 06,837,729 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\Vixen_-_Pokaz_feat._Peja.mp3

[2009-09-04 20:16:40 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn

[2009-09-04 15:29:20 | 00,154,725 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\Faktura - era.pdf

[2009-09-04 10:18:34 | 00,001,785 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Alcohol 120%.lnk

[2009-09-03 22:25:22 | 00,230,912 | ---- | M] () -- C:\WINDOWS\PEV.exe

[2009-08-30 22:06:12 | 03,909,621 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\akon ft. david guetta - sexy bitch.mp3

[2009-08-28 23:38:20 | 24,689,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe

[2009-08-19 19:17:33 | 00,018,336 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\mam wyjebane.jpeg

[2009-08-15 22:11:45 | 00,056,432 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\Obraz.jpeg

[2009-08-15 22:11:32 | 00,067,943 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\Obraz(2).jpeg

[2009-08-15 22:11:28 | 00,064,816 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\Obraz(3).jpeg

[2009-08-14 18:27:22 | 00,160,266 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\single2.JPG

[2009-08-14 17:37:58 | 00,082,700 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\P1020240.jpg

[2009-08-13 17:24:10 | 00,512,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jscript.dll

[2009-08-13 17:24:10 | 00,512,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jscript.dll

========== LOP Check ==========

[2009-09-10 21:08:49 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji

[2009-04-07 14:37:13 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{DFF7A91C-600F-4C83-8796-2CC83A70FF04}

[2009-06-07 14:27:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AA2DeployClient

[2009-06-22 22:36:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AA3DeployClient

[2009-03-25 00:39:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite

[2009-09-09 19:45:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\E280

[2009-03-23 20:34:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET

[2009-03-23 21:49:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\muvee Technologies

[2009-06-11 15:24:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM

[2009-03-25 15:56:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SBT

[2009-07-22 15:54:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP

[2009-09-05 08:57:38 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\boss\Dane aplikacji

[2009-03-24 01:44:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\AutoUpdate

[2009-09-05 09:00:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\BearShareTb

[2009-09-04 22:39:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\ChomikBox

[2009-07-15 15:25:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\cmw

[2009-03-25 00:40:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\DAEMON Tools

[2009-03-25 00:35:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\DAEMON Tools Lite

[2009-03-25 00:40:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\DAEMON Tools Pro

[2009-06-30 12:37:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\DeepBurner

[2009-04-01 12:43:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\ESET

[2009-09-12 11:28:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\foobar2000

[2009-03-23 22:48:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\Gadu-Gadu

[2009-06-22 09:07:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\Intermedia Software

[2009-08-10 21:27:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\Kamerzysta

[2009-05-02 15:19:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\Listonosz

[2009-09-08 09:48:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\Nowe Gadu-Gadu

[2009-05-02 15:19:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\Onet

[2009-05-23 20:17:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\OpenFM

[2009-04-06 11:45:37 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\boss\Dane aplikacji\SecuROM

[2009-07-20 19:59:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\Teleca

[2009-04-07 14:38:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\Uniblue

[2009-09-12 14:44:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\uTorrent

[2009-03-23 21:02:08 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji

[2009-03-23 20:15:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji

[2009-03-23 20:15:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji

[2004-08-04 12:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini

[2009-09-12 14:29:08 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

[2009-04-07 14:37:20 | 00,000,376 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue DiskRescue 2009.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 176 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:EEFF768F

@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:9482CFB4

@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2

< End of report >

dr web czysto

ponownie kaspersky wykrył

wykryto: riskware Hidden object

Uruchomiony proces: C:\Documents and Settings\boss\Ustawienia lokalne\temp\RarSFX0\4zpn4xp.exe

Psycholandia
komentarz
komentarz

W okienko OTL wklej poniższy skrypt i klik na Run Fix:

:Processesexplorer.exe:OTLO32 - AutoRun File - [2009-04-05 07:41:09 | 00,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]O32 - AutoRun File - [2009-04-05 07:41:09 | 00,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]O32 - AutoRun File - [2009-04-05 07:41:09 | 00,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ]:FilesC:\WINDOWS\PEV.exeC:\RECYCLER:Reg[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]"SuperHidden"=dword:00000001[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]"Hidden"=dword:00000001[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]"ShowSuperHidden"=dword:00000001[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]"CheckedValue"=dword:00000001[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]@="":Commands[emptytemp][start explorer][Reboot]

Daj loga , który utworzy się po usuwaniu.

dzodzo
komentarz
komentarz (edytowane)

nie jestem pewien czy chodziło o te loga

Files\Folders moved on Reboot...

Folder move failed. D:\autorun.inf scheduled to be moved on reboot.

Folder move failed. E:\autorun.inf scheduled to be moved on reboot.

Registry entries deleted on Reboot...

na wszelki wypadek dam nowy log

Log do sprawdzenia
OTL logfile created on: 2009-09-13 07:54:24 - Run 2

OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\boss\Pulpit

Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 65,33% Memory free

3,85 Gb Paging File | 3,37 Gb Available in Paging File | 87,62% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 60,00 Gb Total Space | 29,40 Gb Free Space | 49,00% Space Free | Partition Type: NTFS

Drive D: | 70,00 Gb Total Space | 3,11 Gb Free Space | 4,44% Space Free | Partition Type: NTFS

Drive E: | 102,87 Gb Total Space | 1,58 Gb Free Space | 1,54% Space Free | Partition Type: NTFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: BONZER

Current User Name: boss

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========

PRC - [2008-04-14 19:21:16 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE

PRC - [2007-02-12 14:50:40 | 00,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe

PRC - [2006-10-10 15:49:42 | 00,270,336 | ---- | M] () -- C:\WINDOWS\tsnp325.exe

PRC - [2006-10-10 14:11:08 | 00,827,392 | ---- | M] () -- C:\WINDOWS\vsnp325.exe

PRC - [2006-02-08 16:40:50 | 00,260,096 | ---- | M] (Onet.pl) -- C:\Program Files\Common Files\Onet.pl\AutoUpdate.exe

PRC - [2009-06-20 00:32:52 | 00,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe

PRC - [2007-06-28 12:51:38 | 00,218,376 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe

PRC - [2009-07-08 23:48:22 | 00,288,048 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe

PRC - [2007-06-28 12:51:38 | 00,218,376 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe

PRC - [2009-03-24 01:49:24 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe

PRC - [2007-11-28 10:45:31 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe

PRC - [2009-08-08 19:25:24 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe

PRC - [2009-09-06 20:25:32 | 00,189,392 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe

PRC - [2008-09-10 17:22:22 | 00,229,648 | ---- | M] (Uniblue) -- C:\Program Files\Uniblue\DiskRescue\UBDiskRescueSrv.exe

PRC - [2009-02-06 12:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\wmiprvse.exe

PRC - [2009-09-30 16:16:27 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2009-09-12 15:19:54 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\boss\Pulpit\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2008-07-25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])

SRV - [2007-06-28 12:51:38 | 00,218,376 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe -- (AVP [Auto | Running])

SRV - [2008-07-25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])

SRV - [2008-07-29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])

SRV - [2008-08-01 00:16:28 | 00,136,120 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])

SRV - [2008-04-14 19:20:44 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])

SRV - [2007-03-11 21:24:50 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08 [On_Demand | Running])

SRV - [2007-03-11 22:02:52 | 00,131,072 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc [Auto | Running])

SRV - [2005-11-14 01:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])

SRV - [2008-07-29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Stopped])

SRV - [2009-03-24 01:49:24 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])

SRV - [2006-11-08 16:35:36 | 00,043,520 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\System32\HPZinw12.dll -- (Net Driver HPZ12 [Auto | Running])

SRV - [2008-07-29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])

SRV - [2007-11-28 10:45:31 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])

SRV - [2006-11-08 16:35:38 | 00,053,248 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\System32\HPZipm12.dll -- (Pml Driver HPZ12 [Auto | Running])

SRV - [2009-08-08 19:25:24 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])

SRV - [2009-09-06 20:25:32 | 00,189,392 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe -- (PnkBstrB [Auto | Running])

SRV - [2008-09-10 17:22:22 | 00,229,648 | ---- | M] (Uniblue) -- C:\Program Files\Uniblue\DiskRescue\UBDiskRescueSrv.exe -- (Uniblue DiskRescue [Auto | Running])

SRV - [2006-12-01 11:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2004-04-30 09:37:02 | 00,160,640 | ---- | M] ( ) -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus [boot | Running])

DRV - [2004-04-30 09:33:00 | 00,005,248 | ---- | M] ( ) -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi [boot | Running])

DRV - [2008-04-13 20:40:30 | 00,096,512 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi [boot | Running])

DRV - [2007-08-08 18:54:10 | 00,028,968 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\ATITool.sys -- (ATITool [system | Stopped])

DRV - [2007-03-16 11:11:38 | 00,012,256 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\drivers\TBPANEL.SYS -- (Cardex [On_Demand | Stopped])

DRV - [2004-12-13 23:14:00 | 00,039,904 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\System32\drivers\cercsr6.sys -- (cercsr6 [boot | Stopped])

DRV - [2004-10-25 21:02:00 | 00,021,664 | ---- | M] (EnTech Taiwan) -- C:\WINDOWS\System32\DRIVERS\ENTECH.sys -- (ENTECH [On_Demand | Stopped])

DRV - [2008-04-13 18:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])

DRV - [2007-03-08 06:20:48 | 00,049,920 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])

DRV - [2007-03-08 06:20:49 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])

DRV - [2007-03-08 06:20:50 | 00,021,568 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])

DRV - [2007-01-30 12:57:50 | 04,474,368 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])

DRV - [2009-09-10 21:23:56 | 00,112,144 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1 [boot | Running])

DRV - [2009-09-10 21:23:56 | 00,194,320 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys -- (klif [system | Running])

DRV - [2007-04-04 14:58:26 | 00,024,344 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\DRIVERS\klim5.sys -- (klim5 [On_Demand | Running])

DRV - [2006-04-18 14:53:44 | 00,004,047 | ---- | M] () -- C:\Program Files\U-ABIT\FlashMenu\Memctl.sys -- (Memctl [On_Demand | Stopped])

DRV - [2007-11-28 10:45:31 | 07,429,088 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])

DRV - [2009-09-06 20:24:27 | 00,138,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys -- (PnkBstrK [On_Demand | Stopped])

DRV - [2004-08-04 12:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])

DRV - [2008-11-20 21:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [boot | Running])

DRV - [2007-06-19 09:51:16 | 00,081,832 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s816bus.sys -- (s816bus [On_Demand | Stopped])

DRV - [2007-06-19 09:51:18 | 00,013,864 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s816mdfl.sys -- (s816mdfl [On_Demand | Stopped])

DRV - [2007-06-19 09:51:20 | 00,107,304 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s816mdm.sys -- (s816mdm [On_Demand | Stopped])

DRV - [2007-06-19 09:51:18 | 00,099,112 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s816mgmt.sys -- (s816mgmt [On_Demand | Stopped])

DRV - [2007-06-19 09:51:18 | 00,021,928 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s816nd5.sys -- (s816nd5 [On_Demand | Stopped])

DRV - [2007-06-19 09:51:18 | 00,097,320 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s816obex.sys -- (s816obex [On_Demand | Stopped])

DRV - [2007-06-19 09:51:18 | 00,097,704 | ---- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\s816unic.sys -- (s816unic [On_Demand | Stopped])

DRV - [2006-09-18 14:58:48 | 00,061,600 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE27bus.sys -- (SE27bus [On_Demand | Stopped])

DRV - [2006-09-18 14:58:52 | 00,009,360 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE27mdfl.sys -- (SE27mdfl [On_Demand | Stopped])

DRV - [2006-09-18 14:58:54 | 00,097,184 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE27mdm.sys -- (SE27mdm [On_Demand | Stopped])

DRV - [2006-09-18 14:58:58 | 00,088,688 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE27mgmt.sys -- (SE27mgmt [On_Demand | Stopped])

DRV - [2006-09-18 14:59:00 | 00,018,704 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se27nd5.sys -- (se27nd5 [On_Demand | Stopped])

DRV - [2006-09-18 14:59:02 | 00,086,560 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\SE27obex.sys -- (SE27obex [On_Demand | Stopped])

DRV - [2006-09-18 14:59:08 | 00,090,800 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\se27unic.sys -- (se27unic [On_Demand | Stopped])

DRV - [2008-04-13 18:39:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])

DRV - [2007-04-20 18:51:56 | 10,253,056 | ---- | M] (Sonix Co. Ltd.) -- C:\WINDOWS\System32\DRIVERS\snp325.sys -- (SNP325 [On_Demand | Stopped])

DRV - [2009-03-25 00:35:28 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [boot | Running])

DRV - [2007-03-16 11:11:38 | 00,012,256 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel [Auto | Running])

DRV - [2008-04-13 20:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Running])

DRV - [2007-01-12 10:54:00 | 00,010,848 | ---- | M] () -- C:\Program Files\U-ABIT\FlashMenu\WinFlash.sys -- (WINFLASH [On_Demand | Stopped])

DRV - [2006-11-22 09:01:00 | 00,250,496 | ---- | M] (Marvell) -- C:\WINDOWS\System32\DRIVERS\yk51x86.sys -- (yukonwxp [On_Demand | Running])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2025429265-448539723-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

IE - HKU\S-1-5-21-2025429265-448539723-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKU\S-1-5-21-2025429265-448539723-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKU\S-1-5-21-2025429265-448539723-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/

IE - HKU\S-1-5-21-2025429265-448539723-839522115-1003\S-1-5-21-2025429265-448539723-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "BearShare Web Search"

FF - prefs.js..browser.search.order.1: "BearShare Web Search"

FF - prefs.js..browser.search.selectedEngine: "BearShare Web Search"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/"

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.0

FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2

FF - prefs.js..keyword.URL: "http://search.bearshare.com/webResults.html?src=ffb&q="

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-03-24 01:49:25 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-06-30 22:05:22 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-12 14:36:03 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-30 16:16:36 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2009-03-23 22:06:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\mozilla\Extensions

[2009-03-23 22:06:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2009-09-05 13:07:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\mozilla\Firefox\Profiles\k0cmttlc.default\extensions

[2009-06-30 22:10:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\mozilla\Firefox\Profiles\k0cmttlc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2009-08-13 21:37:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\mozilla\Firefox\Profiles\k0cmttlc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2009-09-05 13:07:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\mozilla\Firefox\Profiles\k0cmttlc.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}

[2009-07-18 01:02:48 | 00,002,476 | ---- | M] () -- C:\Documents and Settings\boss\Dane aplikacji\Mozilla\FireFox\Profiles\k0cmttlc.default\searchplugins\BearShareWebSearch.xml

[2009-06-18 10:20:51 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions

[2009-09-30 16:16:26 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2009-09-30 16:16:24 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll

[2009-09-30 16:16:24 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll

[2007-04-10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll

[2009-09-30 16:16:30 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll

[2007-05-10 22:52:34 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll

[2009-06-20 00:33:00 | 00,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll

[2009-07-20 09:59:55 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll

[2009-07-20 09:59:55 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll

[2009-07-20 09:59:55 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll

[2009-07-20 09:59:55 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll

[2009-07-20 09:59:55 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll

[2009-07-20 09:59:55 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll

[2009-07-20 09:59:55 | 00,126,976 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll

[2009-06-20 00:33:07 | 00,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll

[2009-06-20 00:32:57 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll

[2009-09-30 16:16:31 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml

[2009-07-18 01:02:48 | 00,002,476 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml

[2009-09-30 16:16:31 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml

[2009-09-30 16:16:31 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml

[2009-09-30 16:16:31 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml

[2009-09-30 16:16:31 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml

[2009-09-30 16:16:31 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml

[2009-09-30 16:16:31 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)

O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll ()

O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare\BearShareIEHelper.dll ()

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll ()

O3 - HKU\S-1-5-21-2025429265-448539723-839522115-1003\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe (Kaspersky Lab)

O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [Onet.pl AutoUpdate] C:\Program Files\Common Files\Onet.pl\AutoUpdate.exe (Onet.pl)

O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)

O4 - HKLM..\Run: [snp325] C:\WINDOWS\vsnp325.exe ()

O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe ()

O4 - HKU\S-1-5-21-2025429265-448539723-839522115-1003..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\PROGRAMY\Office\OSA9.EXE (Microsoft Corporation)

O4 - Startup: C:\Documents and Settings\boss\Menu Start\Programy\Autostart\santa.bat ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-2025429265-448539723-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-2025429265-448539723-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-21-2025429265-448539723-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-21-2025429265-448539723-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\S-1-5-21-2025429265-448539723-839522115-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm ()

O9 - Extra Button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll (Kaspersky Lab)

O9 - Extra Button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)

O9 - Extra Button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)

O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (Reg Error: Key error.)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1250091209609 (MUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)

O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.175.180.30 83.175.180.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll (Kaspersky Lab)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\System32\klogon.dll (Kaspersky Lab)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-03-23 20:11:54 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2009-04-05 07:41:09 | 00,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2009-04-05 07:41:09 | 00,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck) - File not found

O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)

O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[6 C:\WINDOWS\*.tmp files]

[2009-10-03 20:13:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\boss\Moje dokumenty\Pobieranie

[2009-10-02 19:58:02 | 00,485,668 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\akon ft. david guetta - sexy bitch dzwonek 1.mp3

[2009-10-02 19:53:43 | 03,909,621 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\akon ft. david guetta - sexy bitch.mp3

[2009-09-30 14:32:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\boss\Pulpit\techno amfitratr

[2009-09-30 14:29:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\boss\Pulpit\Nowy folder

[2009-09-29 18:19:54 | 00,290,095 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\dj numerraz - mama dzwoni.mp3

[2009-09-29 18:00:58 | 00,000,706 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\mp3DirectCut.lnk

[2009-09-29 18:00:12 | 00,212,713 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\mp3DC211.exe

[2009-09-29 17:45:54 | 00,000,721 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\Audacity.lnk

[2009-09-29 17:33:24 | 01,323,008 | ---- | C] (Streamware Development) -- C:\WINDOWS\System32\swdvorbi.ocx

[2009-09-29 17:33:24 | 00,282,624 | ---- | C] (Streamware Development) -- C:\WINDOWS\System32\swdcdrip.ocx

[2009-09-29 17:33:24 | 00,270,336 | ---- | C] (Streamware Development) -- C:\WINDOWS\System32\swdmp3.ocx

[2009-09-29 17:33:24 | 00,208,896 | ---- | C] (Streamware Development) -- C:\WINDOWS\System32\swdwma9.ocx

[2009-09-29 17:33:24 | 00,176,128 | ---- | C] (Streamware Development) -- C:\WINDOWS\System32\swdwave.ocx

[2009-09-29 17:33:24 | 00,131,072 | ---- | C] (Streamware Development) -- C:\WINDOWS\System32\swdplay.ocx

[2009-09-29 17:33:24 | 00,118,784 | ---- | C] (Streamware Development) -- C:\WINDOWS\System32\swdconv.ocx

[2009-09-29 17:33:24 | 00,000,750 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\Cute MP3 Converter.lnk

[2009-09-29 17:33:22 | 00,000,000 | ---D | C] -- C:\Program Files\Cute MP3 Converter

[2009-09-29 17:31:35 | 03,565,491 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\cmc.exe

[2009-09-13 01:15:33 | 00,000,000 | ---D | C] -- C:\_OTL

[2009-09-12 15:21:22 | 17,273,952 | ---- | C] (Doctor Web, Ltd.) -- C:\Documents and Settings\boss\Pulpit\launch(5).exe

[2009-09-12 15:19:54 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\boss\Pulpit\OTL.exe

[2009-09-11 17:21:01 | 00,001,498 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\Kalkulator.lnk

[2009-09-11 17:02:06 | 00,731,282 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\dysk_gut(2).zip

[2009-09-11 17:01:59 | 00,775,652 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\winimage60pl.rar

[2009-09-11 17:01:30 | 00,731,282 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\dysk_gut.zip

[2009-09-10 21:09:12 | 00,107,547 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat

[2009-09-10 21:09:11 | 00,095,259 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat

[2009-09-10 21:08:49 | 00,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab

[2009-09-10 21:08:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab

[2009-09-10 21:08:47 | 00,026,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat

[2009-09-10 21:08:47 | 00,016,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.dat

[2009-09-10 21:08:47 | 00,003,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.idx

[2009-09-10 21:08:47 | 00,000,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\fidbox.idx

[2009-09-09 19:45:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\E280

[2009-09-09 09:18:55 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\triedit.dll

[2009-09-08 10:32:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp

[2009-09-08 10:14:17 | 00,000,000 | ---D | C] -- C:\Program Files\ESET

[2009-09-07 19:06:15 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mouhid.sys

[2009-09-07 19:06:15 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys

[2009-09-06 10:43:46 | 00,016,477 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\Final_Destination_The_(NAPiSY-110908).NS.zip

[2009-09-05 09:34:46 | 01,823,266 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\Vixen_-_Pokaz_feat._Peja dzwonek.mp3

[2009-09-05 09:05:56 | 06,837,729 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\Vixen_-_Pokaz_feat._Peja.mp3

[2009-09-05 08:57:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\boss\Moje dokumenty\My Received Files

[2009-09-05 08:57:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\boss\Moje dokumenty\BearShare

[2009-09-05 08:57:38 | 00,076,407 | ---- | C] () -- C:\Documents and Settings\boss\Dane aplikacji\Smiley.ico

[2009-09-05 08:57:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\boss\Dane aplikacji\BearShareTb

[2009-09-05 08:57:35 | 00,000,000 | ---D | C] -- C:\Program Files\BearShareTb

[2009-09-05 08:57:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\boss\Ustawienia lokalne\Dane aplikacji\BearShare

[2009-09-05 08:57:19 | 00,483,328 | ---- | C] (SoftShape Development) -- C:\WINDOWS\System32\actskn45.ocx

[2009-09-05 08:57:16 | 00,000,000 | ---D | C] -- C:\Program Files\BearShare Applications

[2009-09-04 19:58:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\boss\Dane aplikacji\ChomikBox

[2009-09-04 15:29:20 | 00,154,725 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\Faktura - era.pdf

[2009-09-04 10:18:35 | 00,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys

[2009-09-04 10:18:35 | 00,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys

[2009-09-04 10:18:34 | 00,001,785 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Alcohol 120%.lnk

[2009-09-04 10:18:31 | 00,000,000 | ---D | C] -- C:\Program Files\Alcohol Soft

[2009-08-25 16:13:57 | 00,603,158 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\Obrazek.jpg

[2009-08-22 18:53:42 | 00,000,799 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\Playlist H-H.lnk

[2009-08-19 19:17:33 | 00,018,336 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\mam wyjebane.jpeg

[2009-08-15 22:14:18 | 00,064,816 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\Obraz(3).jpeg

[2009-08-15 22:14:01 | 00,067,943 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\Obraz(2).jpeg

[2009-08-15 22:13:36 | 00,056,432 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\Obraz.jpeg

[2009-08-14 19:54:55 | 00,082,700 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\P1020240.jpg

[2009-08-14 18:27:22 | 00,160,266 | ---- | C] () -- C:\Documents and Settings\boss\Pulpit\single2.JPG

[2009-07-15 17:59:52 | 00,000,024 | ---- | C] () -- C:\WINDOWS\cdplayer.ini

[2009-05-15 00:07:58 | 00,210,032 | ---- | C] () -- C:\WINDOWS\System32\DBCLIENT.DLL

[2009-04-23 19:36:58 | 00,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpx32.dll

[2009-04-09 20:00:18 | 00,010,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\WinFlash.sys

[2009-04-07 16:26:37 | 00,000,000 | ---- | C] () -- C:\WINDOWS\graphedit.INI

[2009-04-05 21:55:08 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2009-04-05 21:55:07 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini

[2009-04-05 21:55:02 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2009-04-05 21:55:02 | 00,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2009-04-05 21:55:02 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2009-04-05 15:03:37 | 00,015,498 | ---- | C] () -- C:\WINDOWS\snp325.ini

[2009-04-05 15:03:33 | 00,147,456 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp325.dll

[2009-04-05 15:03:33 | 00,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnp325.dll

[2009-04-05 15:03:33 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp325.dll

[2009-04-02 20:01:22 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI

[2009-03-25 15:54:27 | 00,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2009-03-25 00:35:28 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys

[2009-03-24 22:10:53 | 00,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys

[2009-03-24 21:12:22 | 00,000,059 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2009-03-24 17:56:14 | 00,138,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys

[2009-03-24 02:13:10 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2009-03-24 02:13:09 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2009-03-23 20:32:18 | 00,000,558 | ---- | C] () -- C:\WINDOWS\DFC.INI

[2009-03-16 22:16:48 | 00,000,030 | -HS- | C] () -- C:\WINDOWS\System32\SECENEKLER8.INI

[2008-10-07 09:13:30 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll

[2008-10-07 09:13:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll

[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll

[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll

[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll

[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll

[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll

[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll

[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll

[2008-10-07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll

[2007-11-28 10:45:31 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll

[2007-11-28 10:45:31 | 01,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll

[2007-11-28 10:45:31 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll

[2007-11-28 10:45:31 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll

[2007-11-28 10:45:31 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll

[2007-09-12 23:54:48 | 00,141,180 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat

[2007-08-08 18:54:10 | 00,028,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATITool.sys

[2004-08-04 12:00:00 | 00,096,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys

[2004-08-04 12:00:00 | 00,000,869 | ---- | C] () -- C:\WINDOWS\win.ini

[2004-08-04 12:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini

[1999-01-22 20:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]

[6 C:\WINDOWS\*.tmp files]

[2009-10-03 20:12:38 | 00,019,456 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\Nowy Dokument programu Microsoft Word .doc

[2009-10-02 19:58:02 | 00,485,668 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\akon ft. david guetta - sexy bitch dzwonek 1.mp3

[2009-09-29 18:19:54 | 00,290,095 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\dj numerraz - mama dzwoni.mp3

[2009-09-29 18:00:58 | 00,000,706 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\mp3DirectCut.lnk

[2009-09-29 18:00:21 | 00,212,713 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\mp3DC211.exe

[2009-09-29 17:45:54 | 00,000,721 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\Audacity.lnk

[2009-09-29 17:33:24 | 00,000,750 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\Cute MP3 Converter.lnk

[2009-09-29 17:31:45 | 03,565,491 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\cmc.exe

[2009-09-13 07:59:16 | 00,179,232 | ---- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat

[2009-09-13 07:58:22 | 00,000,032 | ---- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx

[2009-09-13 07:49:04 | 00,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2009-09-13 07:48:41 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2009-09-13 07:48:40 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2009-09-13 03:13:54 | 00,016,672 | ---- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat

[2009-09-13 03:13:54 | 00,003,512 | ---- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx

[2009-09-12 20:37:47 | 00,119,296 | ---- | M] () -- C:\Documents and Settings\boss\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-09-12 15:22:28 | 17,273,952 | ---- | M] (Doctor Web, Ltd.) -- C:\Documents and Settings\boss\Pulpit\launch(5).exe

[2009-09-12 15:19:54 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\boss\Pulpit\OTL.exe

[2009-09-11 17:02:07 | 00,731,282 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\dysk_gut(2).zip

[2009-09-11 17:02:00 | 00,775,652 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\winimage60pl.rar

[2009-09-11 17:01:30 | 00,731,282 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\dysk_gut.zip

[2009-09-11 02:53:34 | 00,000,169 | -H-- | M] () -- C:\Documents and Settings\boss\Menu Start\Programy\Autostart\santa.bat

[2009-09-11 02:51:13 | 00,107,547 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat

[2009-09-11 02:51:13 | 00,095,259 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat

[2009-09-10 21:23:56 | 00,194,320 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys

[2009-09-10 21:23:56 | 00,112,144 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\kl1.sys

[2009-09-10 20:39:36 | 00,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk

[2009-09-10 12:09:33 | 00,000,869 | ---- | M] () -- C:\WINDOWS\win.ini

[2009-09-09 00:31:44 | 00,361,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip.sys

[2009-09-09 00:31:44 | 00,361,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip.sys

[2009-09-08 21:58:25 | 00,002,483 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\Microsoft Word.lnk

[2009-09-08 10:32:25 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini

[2009-09-07 19:31:27 | 00,361,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip.sys.backup

[2009-09-06 21:20:44 | 00,000,206 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\hwmonitorw.ini

[2009-09-06 20:25:32 | 00,189,392 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr

[2009-09-06 20:25:32 | 00,189,392 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe

[2009-09-06 20:24:27 | 00,138,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys

[2009-09-06 10:43:46 | 00,016,477 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\Final_Destination_The_(NAPiSY-110908).NS.zip

[2009-09-05 09:34:46 | 01,823,266 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\Vixen_-_Pokaz_feat._Peja dzwonek.mp3

[2009-09-05 09:28:04 | 06,837,729 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\Vixen_-_Pokaz_feat._Peja.mp3

[2009-09-04 20:16:40 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn

[2009-09-04 15:29:20 | 00,154,725 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\Faktura - era.pdf

[2009-09-04 10:18:34 | 00,001,785 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Alcohol 120%.lnk

[2009-08-30 22:06:12 | 03,909,621 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\akon ft. david guetta - sexy bitch.mp3

[2009-08-28 23:38:20 | 24,689,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe

[2009-08-19 19:17:33 | 00,018,336 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\mam wyjebane.jpeg

[2009-08-15 22:11:45 | 00,056,432 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\Obraz.jpeg

[2009-08-15 22:11:32 | 00,067,943 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\Obraz(2).jpeg

[2009-08-15 22:11:28 | 00,064,816 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\Obraz(3).jpeg

[2009-08-14 18:27:22 | 00,160,266 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\single2.JPG

[2009-08-14 17:37:58 | 00,082,700 | ---- | M] () -- C:\Documents and Settings\boss\Pulpit\P1020240.jpg

========== LOP Check ==========

[2009-09-10 21:08:49 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji

[2009-04-07 14:37:13 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{DFF7A91C-600F-4C83-8796-2CC83A70FF04}

[2009-06-07 14:27:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AA2DeployClient

[2009-06-22 22:36:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AA3DeployClient

[2009-03-25 00:39:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite

[2009-09-09 19:45:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\E280

[2009-03-23 20:34:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET

[2009-03-23 21:49:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\muvee Technologies

[2009-06-11 15:24:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM

[2009-03-25 15:56:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SBT

[2009-07-22 15:54:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP

[2009-09-05 08:57:38 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\boss\Dane aplikacji

[2009-03-24 01:44:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\AutoUpdate

[2009-09-05 09:00:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\BearShareTb

[2009-09-04 22:39:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\ChomikBox

[2009-07-15 15:25:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\cmw

[2009-03-25 00:40:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\DAEMON Tools

[2009-03-25 00:35:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\DAEMON Tools Lite

[2009-03-25 00:40:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\DAEMON Tools Pro

[2009-06-30 12:37:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\DeepBurner

[2009-04-01 12:43:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\ESET

[2009-09-12 20:00:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\foobar2000

[2009-03-23 22:48:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\Gadu-Gadu

[2009-06-22 09:07:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\Intermedia Software

[2009-08-10 21:27:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\Kamerzysta

[2009-05-02 15:19:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\Listonosz

[2009-09-08 09:48:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\Nowe Gadu-Gadu

[2009-05-02 15:19:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\Onet

[2009-05-23 20:17:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\OpenFM

[2009-04-06 11:45:37 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\boss\Dane aplikacji\SecuROM

[2009-07-20 19:59:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\Teleca

[2009-04-07 14:38:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\Uniblue

[2009-09-13 07:59:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\boss\Dane aplikacji\uTorrent

[2009-03-23 21:02:08 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji

[2009-03-23 20:15:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji

[2009-03-23 20:15:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji

[2004-08-04 12:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini

[2009-09-13 07:48:41 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

[2009-04-07 14:37:20 | 00,000,376 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue DiskRescue 2009.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 176 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:EEFF768F

@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:9482CFB4

@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2

< End of report >

MarekM25
komentarz
komentarz

Tego pliku: C:\Documents and Settings\boss\Ustawienia lokalne\temp\RarSFX0\4zpn4xp.exe w logu nie widać. Usunąłęś go kasperskym??

Użyj narzędzia Flash DisInfector. Jeżeli posiadasz jakąś pamięć przenośną niech będzie w tym czasie podłączona. Niektóre antywirusy wykrywają te narzędzie jako wirusa, ale oczywiście Flash DisInfector nim nie jest.

dzodzo
komentarz
komentarz

tak z kasperskigo usunąłem wszystko co się dało :)

wygląda na to że jest czysto :))

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.