x-kom hosting

Komp muli

naekana
utworzono
utworzono

Przyszła kryska na matyska kurna... :pff:

Mks_vir znalazł trzy wiry, przy czym jeden wygląda na standardową bibliotekę Nero, a reszta znajduje się w folderze, który nie istnieje (również po odznaczeniu "ukryj chronione pliki systemu operacyjnego"). Poniżej log z OTL i raport mks-vir (swoją drogą, żeby nie można było przekopiować treści, to jest jakieś straszne niedopatrzenie autorów...)

[log]OTL logfile created on: 2010-04-07 13:40:13 - Run 1
OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\naekana\Pulpit
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

447,00 Mb Total Physical Memory | 103,00 Mb Available Physical Memory | 23,00% Memory free
959,00 Mb Paging File | 616,00 Mb Available in Paging File | 64,00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32,45 Gb Total Space | 12,62 Gb Free Space | 38,91% Space Free | Partition Type: FAT32
Drive D: | 21,56 Gb Total Space | 9,76 Gb Free Space | 45,26% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANNA
Current User Name: naekana
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-04-07 13:16:38 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\naekana\Pulpit\OTL.exe
PRC - [2010-04-04 10:11:00 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-03-17 23:33:20 | 008,319,560 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2010-03-09 04:28:30 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
PRC - [2009-05-21 18:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
PRC - [2009-02-09 13:25:58 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 19:21:50 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 19:21:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPDEVMGMT]
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 19:21:42 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 19:21:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 19:21:10 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 19:21:10 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 19:21:02 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2008-03-25 20:49:02 | 000,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
PRC - [2008-03-25 20:49:00 | 000,569,344 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
PRC - [2008-03-25 20:40:42 | 000,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2007-10-14 21:17:32 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2006-06-01 14:02:54 | 000,491,520 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
PRC - [2006-05-31 22:57:02 | 000,573,440 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2006-05-30 10:28:20 | 000,811,008 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2006-04-27 03:39:50 | 000,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ATI2EVXX.EXE
PRC - [2006-04-17 02:24:30 | 000,110,592 | ---- | M] () -- C:\WINDOWS\ATK0100\HControl.exe
PRC - [2006-04-17 00:34:42 | 016,143,872 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2006-04-01 01:37:00 | 002,170,880 | ---- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe
PRC - [2006-03-14 17:46:00 | 000,090,112 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
PRC - [2006-02-21 15:20:54 | 000,180,224 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2006-01-26 20:51:16 | 000,761,946 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2005-11-08 22:02:46 | 000,038,912 | ---- | M] (Felix 'SniperBeamer' Geyer) -- C:\Program Files\Thunderbird-Tray\TBTray.exe
PRC - [2005-07-06 15:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\WINDOWS\system32\ACEngSvr.exe
PRC - [2005-06-20 23:10:30 | 000,053,248 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2005-02-17 07:15:20 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2004-11-02 20:24:46 | 000,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
PRC - [2004-01-26 11:38:38 | 000,866,816 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe
PRC - [2003-10-16 18:07:12 | 000,053,248 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\TaskBarIcon.exe
PRC - [2003-10-16 18:07:10 | 000,024,576 | ---- | M] () -- C:\Program Files\Neostrada TP\CnxMon.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-04-07 13:33:00 | 000,079,360 | RHS- | M] () -- C:\Documents and Settings\naekana\Ustawienia lokalne\Temp\cvasds0.dll
MOD - [2010-04-07 13:16:38 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\naekana\Pulpit\OTL.exe
MOD - [2010-02-25 08:19:14 | 001,209,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2010-02-25 08:19:14 | 000,916,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2010-02-25 08:19:10 | 001,985,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll
MOD - [2009-12-08 10:25:46 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 16:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-03-21 16:09:00 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 12:53:44 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-01-07 18:20:36 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\normaliz.dll
MOD - [2008-10-23 13:42:42 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-06-17 20:03:16 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 19:21:56 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 19:20:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 19:20:58 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2008-04-14 19:20:58 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2008-04-14 19:20:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 19:20:56 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 19:20:56 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 19:20:56 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 19:20:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 19:20:44 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 19:20:44 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 19:20:44 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 19:20:44 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 19:20:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 19:20:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 19:20:36 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 19:20:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 19:20:32 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 19:20:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 19:12:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime
MOD - [2008-04-14 18:59:08 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2006-05-17 16:39:26 | 000,028,672 | ---- | M] () -- C:\Program Files\ASUS\Asus MultiFrame\HookTitle.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2008-04-13 18:36:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2006-06-14 18:16:00 | 000,425,472 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZD1211BU.sys -- (ZD1211BU(ASUS)) ASUS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ASUS)
DRV - [2006-05-31 23:03:00 | 000,894,336 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2006-04-27 03:46:50 | 001,540,096 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006-04-17 01:31:26 | 004,262,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-01-26 20:25:54 | 000,191,936 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006-01-18 12:41:58 | 000,080,512 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005-07-13 21:14:34 | 000,027,904 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\risdptsk.sys -- (risdptsk)
DRV - [2005-07-12 04:00:30 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005-02-17 08:07:48 | 000,005,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2004-08-03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2003-12-08 11:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2003-12-08 11:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
DRV - [2002-09-09 19:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5)
DRV - [2001-08-17 21:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com

IE - HKU\S-1-5-21-1934228333-2307936120-1222219993-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com
IE - HKU\S-1-5-21-1934228333-2307936120-1222219993-1005\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Neostrada TP\SearchPageURL.dll ()
IE - HKU\S-1-5-21-1934228333-2307936120-1222219993-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "chrome://fastdial/content/fastdial.html"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.11
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.7
FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b1
FF - prefs.js..extensions.enabledItems: {446c03e0-2c35-11db-a98b-0800200c9a66}:0.6.1.14
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100211.5
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {FBF6D7FB-F305-4445-BB3D-FEF66579A033}:4.9
FF - prefs.js..extensions.enabledItems: {C0CB8BA3-6C1B-47e8-A6AB-1FAB889562D9}:0.6.0.5
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: secureLogin@blueimp.net:0.9.3
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.2
FF - prefs.js..extensions.enabledItems: {d33c2f7c-b1e6-4d46-ab0e-be1f6d05c904}:2.0.2
FF - prefs.js..extensions.enabledItems: CrystalFox_Qute@BigRedBrent:3.7

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-05-26 12:49:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-05-26 12:49:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2008-08-06 08:22:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010-02-17 05:21:54 | 000,000,000 | ---D | M]

[2009-01-10 16:50:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Extensions
[2008-08-04 10:36:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions
[2010-03-27 16:06:02 | 000,000,000 | ---D | M] (Screengrab) -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2010-01-29 11:59:06 | 000,000,000 | ---D | M] (All-in-One Sidebar) -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
[2009-08-09 08:58:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-03-17 23:37:50 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2010-02-06 13:42:20 | 000,000,000 | ---D | M] (Favicon Picker 2) -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\{446c03e0-2c35-11db-a98b-0800200c9a66}
[2008-08-05 19:49:22 | 000,000,000 | ---D | M] (QuickNote) -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\{C0CB8BA3-6C1B-47e8-A6AB-1FAB889562D9}
[2010-01-07 18:13:52 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-01-07 18:13:54 | 000,000,000 | ---D | M] (Tiny Menu) -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\{d33c2f7c-b1e6-4d46-ab0e-be1f6d05c904}
[2010-01-30 02:17:36 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2009-10-26 00:07:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010-02-16 01:55:16 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010-03-17 23:37:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
[2009-07-07 19:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\CrystalFox_Qute@BigRedBrent
[2008-12-19 14:47:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\dlembed@aeruder.net
[2009-07-30 11:47:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\fastdial@telega.phpnet.us
[2010-02-06 13:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\secureLogin@blueimp.net
[2009-10-31 17:49:22 | 000,002,062 | ---- | M] () -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\searchplugins\getionarypl.xml
[2009-10-31 17:49:22 | 000,002,064 | ---- | M] () -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\searchplugins\getionaryen.xml
[2009-05-26 12:49:22 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-03-16 21:50:20 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-03-16 21:50:20 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-03-16 21:50:20 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-03-16 21:50:20 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-03-16 21:50:20 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-03-16 21:50:20 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2004-08-04 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - No CLSID value found.
O3 - HKU\S-1-5-21-1934228333-2307936120-1222219993-1005\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-1934228333-2307936120-1222219993-1005\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O4 - HKLM..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SpeedTouch USB Diagnostics] C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe (THOMSON Telecom Belgium)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe File not found
O4 - HKLM..\Run: [WooCnxMon] C:\Program Files\Neostrada TP\CnxMon.exe ()
O4 - HKLM..\Run: [WOOTASKBARICON] C:\Program Files\Neostrada TP\TaskBarIcon.exe (France Télécom R&D)
O4 - HKLM..\Run: [WOOWATCH] C:\Program Files\Neostrada TP\Watch.exe (France Télécom R&D)
O4 - HKU\S-1-5-21-1934228333-2307936120-1222219993-1005..\Run: [ccleaner] D:\PROGRAMY\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-1934228333-2307936120-1222219993-1005..\Run: [cdoosoft] C:\Documents and Settings\naekana\Ustawienia lokalne\Temp\herss.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\MultiFrame.lnk = C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe (ASUSTek Computer Inc.)
O4 - Startup: C:\Documents and Settings\naekana\Menu Start\Programy\Autostart\TB-Tray.lnk = C:\Program Files\Thunderbird-Tray\TBTray.exe (Felix 'SniperBeamer' Geyer)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1934228333-2307936120-1222219993-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Zaznaczanie HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ATI2EVXX.DLL (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\naekana\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\naekana\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-04-07 13:40:36 | 000,000,063 | RHS- | M] () - C:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2008-08-03 05:45:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2010-04-07 13:40:36 | 000,000,063 | RHS- | M] () - D:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{faed92f8-455c-11de-91ea-000e50ead57c}\Shell\AutoRun\command - "" = G:\mi9al8rs.exe -- File not found
O33 - MountPoints2\{faed92f8-455c-11de-91ea-000e50ead57c}\Shell\open\Command - "" = G:\mi9al8rs.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008-08-03 05:31:58 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^ASUS ChkMail.lnk - C:\PROGRA~1\ASUS\ASUSCH~1\ChkMail.exe - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpReg: [b]AVP[/b] - hkey= - key= - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe File not found
MsConfig - StartUpReg: [b]Control Center[/b] - hkey= - key= - C:\Program Files\ASUS\WLAN Card Utilities\Center.exe (ASUSTeK COMPUTER INC.)
MsConfig - StartUpReg: [b]hpqSRMon[/b] - hkey= - key= - C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: [b]NeroFilterCheck[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]PowerForPhone[/b] - hkey= - key= - C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe (ASUSTek)
MsConfig - StartUpReg: [b]RemoteControl[/b] - hkey= - key= - D:\PROGRAMY\AsusDVD\PDVDServ.exe File not found
MsConfig - StartUpReg: [b]SynTPEnh[/b] - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-04-07 13:24:12 | 000,000,000 | ---D | C] -- C:\rsit
[2010-04-07 13:16:35 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\naekana\Pulpit\OTL.exe
[2010-04-07 13:15:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\naekana\Moje dokumenty\Pobieranie
[2010-04-07 11:58:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\naekana\Moje dokumenty\ASUSTeK
[2010-04-05 14:23:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Sports Interactive
[2010-03-31 00:17:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2010-03-31 00:17:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010-03-26 10:48:18 | 000,000,000 | -HSD | C] -- C:\FOUND.010
[2010-03-23 19:12:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\naekana\Dane aplikacji\Ashampoo
[2010-03-23 19:12:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\naekana\Ustawienia lokalne\Dane aplikacji\ashampoo
[2010-03-23 19:12:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo
[2010-03-23 18:34:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\naekana\Dane aplikacji\Canneverbe Limited
[2010-03-23 18:34:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Canneverbe Limited
[2010-03-22 20:14:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee
[2010-03-19 16:42:34 | 000,000,000 | ---D | C] -- C:\Program Files\Pity 2009
[2010-03-12 15:21:22 | 000,000,000 | -HSD | C] -- C:\FOUND.009
[2010-02-18 17:01:59 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Installer Clean Up
[2008-12-01 21:18:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Apple
[2008-08-03 05:49:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2008-08-03 05:49:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2008-08-03 05:36:56 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2008-08-03 05:36:56 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2004-12-07 09:13:40 | 000,479,432 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dxsetup.exe
[2004-12-07 09:13:38 | 002,249,416 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll
[2004-12-07 09:13:38 | 000,069,832 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\Documents and Settings\naekana\Pulpit\*.tmp files -> C:\Documents and Settings\naekana\Pulpit\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-04-07 13:41:50 | 000,000,063 | RHS- | M] () -- C:\autorun.inf
[2010-04-07 13:34:20 | 000,781,909 | ---- | M] () -- C:\Documents and Settings\naekana\Pulpit\RSIT(2).exe
[2010-04-07 13:32:56 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-04-07 13:32:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-04-07 13:32:50 | 469,159,936 | -HS- | M] () -- C:\hiberfil.sys
[2010-04-07 13:31:40 | 005,767,168 | ---- | M] () -- C:\Documents and Settings\naekana\ntuser.dat
[2010-04-07 13:31:40 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\naekana\ntuser.ini
[2010-04-07 13:23:36 | 000,091,019 | ---- | M] () -- C:\Documents and Settings\naekana\Pulpit\skaner2.JPG
[2010-04-07 13:22:44 | 000,114,731 | ---- | M] () -- C:\Documents and Settings\naekana\Pulpit\skaner1.JPG
[2010-04-07 13:16:38 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\naekana\Pulpit\OTL.exe
[2010-04-07 13:16:24 | 000,781,909 | ---- | M] () -- C:\Documents and Settings\naekana\Pulpit\RSIT.exe
[2010-04-07 13:15:54 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\naekana\Pulpit\ltficky6.exe
[2010-04-07 11:48:02 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-04-07 11:47:58 | 000,015,872 | ---- | M] () -- C:\Documents and Settings\naekana\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-04-07 09:21:46 | 000,117,248 | RHS- | M] () -- C:\ysyjq1bs.exe
[2010-04-05 17:07:48 | 000,012,813 | ---- | M] () -- C:\Documents and Settings\naekana\Pulpit\rachunki.xlsx
[2010-04-05 14:22:56 | 000,001,516 | ---- | M] () -- C:\Documents and Settings\naekana\Pulpit\Football Manager 2005.lnk
[2010-04-05 14:14:18 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-04-02 16:19:10 | 000,558,380 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-04-02 16:19:08 | 001,278,178 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-04-02 16:19:08 | 000,493,554 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-04-02 16:19:08 | 000,118,138 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-04-02 16:19:08 | 000,092,398 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-04-02 16:16:18 | 000,116,224 | RHS- | M] () -- C:\pbyqfn.exe
[2010-04-01 00:37:34 | 000,001,506 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2010-03-31 19:09:10 | 000,115,712 | RHS- | M] () -- C:\sdfqh.exe
[2010-03-31 00:08:30 | 000,112,128 | RHS- | M] () -- C:\mi9al8rs.exe
[2010-03-28 11:50:58 | 000,274,168 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-03-26 18:32:22 | 000,132,608 | RHS- | M] () -- C:\affi8l.exe
[2010-03-25 22:31:12 | 000,135,168 | RHS- | M] () -- C:\bbjl2g.exe
[2010-03-25 17:39:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010-03-23 19:23:04 | 000,128,512 | RHS- | M] () -- C:\ji83j.exe
[2010-03-19 16:42:46 | 000,000,593 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Pity 2009.lnk
[2010-03-18 03:06:48 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-02-13 11:47:20 | 000,045,056 | ---- | M] () -- C:\WINDOWS\System32\acovcnt.exe
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\Documents and Settings\naekana\Pulpit\*.tmp files -> C:\Documents and Settings\naekana\Pulpit\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-04-07 13:34:20 | 000,781,909 | ---- | C] () -- C:\Documents and Settings\naekana\Pulpit\RSIT(2).exe
[2010-04-07 13:23:34 | 000,091,019 | ---- | C] () -- C:\Documents and Settings\naekana\Pulpit\skaner2.JPG
[2010-04-07 13:22:42 | 000,114,731 | ---- | C] () -- C:\Documents and Settings\naekana\Pulpit\skaner1.JPG
[2010-04-07 13:16:23 | 000,781,909 | ---- | C] () -- C:\Documents and Settings\naekana\Pulpit\RSIT.exe
[2010-04-07 13:15:56 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\naekana\Pulpit\ltficky6.exe
[2010-04-05 14:22:54 | 000,001,516 | ---- | C] () -- C:\Documents and Settings\naekana\Pulpit\Football Manager 2005.lnk
[2010-04-05 14:16:55 | 000,117,248 | RHS- | C] () -- C:\ysyjq1bs.exe
[2010-04-02 00:12:18 | 000,116,224 | RHS- | C] () -- C:\pbyqfn.exe
[2010-04-01 00:37:33 | 000,001,506 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2010-03-31 19:09:40 | 000,115,712 | RHS- | C] () -- C:\sdfqh.exe
[2010-03-27 15:58:14 | 000,112,128 | RHS- | C] () -- C:\mi9al8rs.exe
[2010-03-26 10:51:34 | 000,132,608 | RHS- | C] () -- C:\affi8l.exe
[2010-03-24 12:32:51 | 000,135,168 | RHS- | C] () -- C:\bbjl2g.exe
[2010-03-23 19:23:28 | 000,128,512 | RHS- | C] () -- C:\ji83j.exe
[2010-03-23 19:22:47 | 000,115,905 | RHS- | C] () -- C:\mbdm.exe
[2010-03-23 19:22:47 | 000,000,063 | RHS- | C] () -- C:\autorun.inf
[2010-03-19 16:42:44 | 000,000,593 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Pity 2009.lnk
[2010-03-15 14:49:30 | 000,012,813 | ---- | C] () -- C:\Documents and Settings\naekana\Pulpit\rachunki.xlsx
[2010-02-12 16:50:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\acovcnt.exe
[2010-01-31 21:23:32 | 001,910,995 | ---- | C] () -- C:\Documents and Settings\naekana\Dane aplikacji\langInstall.exe
[2009-10-24 13:58:02 | 005,767,168 | ---- | C] () -- C:\Documents and Settings\naekana\ntuser.dat
[2009-10-24 00:25:14 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009-10-16 20:21:37 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-10-07 21:35:09 | 000,000,736 | ---- | C] () -- C:\WINDOWS\DigimaxMaster.INI
[2009-02-21 14:19:24 | 000,002,323 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log
[2008-11-19 22:24:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PCFriend.INI
[2008-10-24 11:51:37 | 000,000,115 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008-09-11 09:30:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2008-09-11 09:20:50 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS6e.DLL
[2008-09-10 14:45:10 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\naekana\.gtk-bookmarks
[2008-09-10 14:08:50 | 000,206,373 | ---- | C] () -- C:\Documents and Settings\naekana\.fonts.cache-1
[2008-08-27 02:43:59 | 000,015,872 | ---- | C] () -- C:\Documents and Settings\naekana\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-08-11 19:45:14 | 000,000,035 | ---- | C] () -- C:\WINDOWS\Blink.ini
[2008-08-07 03:30:25 | 000,004,633 | ---- | C] () -- C:\Documents and Settings\naekana\.recently-used.xbel
[2008-08-04 19:37:20 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008-08-04 13:37:34 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008-08-04 11:06:36 | 000,005,940 | ---- | C] () -- C:\Documents and Settings\naekana\.plugin140_03.trace
[2008-08-03 07:35:37 | 000,000,075 | ---- | C] () -- C:\Documents and Settings\naekana\LuResult.txt
[2008-08-03 06:56:07 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll
[2008-08-03 06:55:03 | 000,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2008-08-03 06:14:09 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\naekana\ntuser.dat.LOG
[2008-08-03 06:14:09 | 000,000,292 | -HS- | C] () -- C:\Documents and Settings\naekana\ntuser.ini
[2008-08-03 06:13:31 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2008-08-03 06:13:31 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT.LOG
[2008-08-03 06:07:24 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008-08-03 05:51:01 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2008-08-03 05:25:53 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys
[2004-12-07 09:13:42 | 003,578,547 | ---- | C] () -- C:\Program Files\ManagedDX.CAB
[2004-12-07 09:13:42 | 001,156,363 | ---- | C] () -- C:\Program Files\BDANT.cab
[2004-12-07 09:13:42 | 000,703,080 | ---- | C] () -- C:\Program Files\BDA.cab
[2004-12-07 09:13:38 | 013,265,040 | R--- | C] () -- C:\Program Files\dxnt.cab
[2004-12-07 09:13:36 | 015,493,481 | ---- | C] () -- C:\Program Files\DirectX.cab
[2004-12-07 09:13:36 | 000,976,020 | ---- | C] () -- C:\Program Files\BDAXP.cab
[2004-12-07 08:47:32 | 000,020,717 | ---- | C] () -- C:\Program Files\DirectX SDK EULA.txt
[2004-11-24 07:38:18 | 000,007,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\MMIOPORT.SYS
[2004-11-24 07:38:18 | 000,002,538 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002-03-19 01:18:54 | 000,120,832 | ---- | C] () -- C:\WINDOWS\System32\LAME_ENC.DLL
[1998-10-11 01:07:38 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll

[color=#E56717]========== LOP Check ==========[/color]

[2008-09-12 22:22:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2008-10-31 07:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\tlen.pl
[2008-11-30 21:43:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2008-12-17 23:06:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Graboid Inc
[2008-12-18 12:21:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Launcher
[2009-05-26 14:08:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Last.fm
[2010-01-16 16:05:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\karta
[2010-01-31 19:46:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-01-31 21:20:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Iceni
[2010-03-23 18:34:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Canneverbe Limited
[2010-03-23 19:12:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo
[2008-08-03 19:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Gadu-Gadu
[2008-08-04 12:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\gtk-2.0
[2008-08-06 08:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Thunderbird
[2008-10-31 07:15:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Tlen.pl
[2008-11-30 21:43:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\ipla
[2008-12-19 12:23:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Orbit
[2009-05-19 16:11:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Mesa Dynamics, LLC
[2009-05-26 14:34:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\COWON
[2009-10-14 12:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\uTorrent
[2010-01-31 19:46:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Gadu-Gadu 10
[2010-03-23 18:34:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Canneverbe Limited
[2010-03-23 19:12:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Ashampoo

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-04-07 09:21:46 | 000,117,248 | RHS- | M] () -- C:\ysyjq1bs.exe
[2010-04-07 13:43:30 | 000,000,063 | RHS- | M] () -- C:\autorun.inf
[2006-07-09 19:41:00 | 000,524,288 | RH-- | M] () -- C:\A9Rp.rom
[2004-10-21 19:57:46 | 000,000,009 | ---- | M] () -- C:\A9RP.10
[2010-04-07 13:32:48 | 603,979,776 | -HS- | M] () -- C:\PAGEFILE.SYS
[2004-08-04 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2008-12-18 13:36:10 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2004-08-04 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004-11-23 16:25:10 | 000,000,014 | ---- | M] () -- C:\XPHL_SP2.POL
[2006-06-22 18:52:56 | 000,000,010 | ---- | M] () -- C:\RECOVERY.DAT
[2009-07-29 03:24:34 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2008-08-03 05:45:10 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008-08-03 05:45:10 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2008-08-03 05:45:10 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008-08-03 05:45:10 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010-04-07 13:32:50 | 469,159,936 | -HS- | M] () -- C:\hiberfil.sys
[2009-12-02 09:04:04 | 000,115,905 | RHS- | M] () -- C:\mbdm.exe
[2010-03-23 19:23:04 | 000,128,512 | RHS- | M] () -- C:\ji83j.exe
[2008-08-03 05:51:08 | 000,000,440 | ---- | M] () -- C:\RHDSetup.log
[2010-03-25 22:31:12 | 000,135,168 | RHS- | M] () -- C:\bbjl2g.exe
[2010-03-26 18:32:22 | 000,132,608 | RHS- | M] () -- C:\affi8l.exe
[2010-03-31 00:08:30 | 000,112,128 | RHS- | M] () -- C:\mi9al8rs.exe
[2010-03-31 19:09:10 | 000,115,712 | RHS- | M] () -- C:\sdfqh.exe
[2010-04-02 16:16:18 | 000,116,224 | RHS- | M] () -- C:\pbyqfn.exe
[2010-04-07 13:23:56 | 000,007,520 | ---- | M] () -- C:\mksbasel.cpp.log
[2007-02-10 10:06:18 | 000,524,288 | RH-- | M] () -- C:\A9RP.BIN
[2009-02-23 04:14:38 | 000,000,594 | ---- | M] () -- C:\updatedatfix.log


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2008-12-18 13:30:02 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:agp440.sys
[2008-12-18 13:30:02 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008-12-18 13:30:02 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008-12-18 13:30:02 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2004-08-04 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2004-08-04 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008-12-18 13:30:02 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:cdrom.sys
[2008-12-18 13:30:02 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004-08-04 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008-04-14 19:20:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 19:20:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 21:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-13 21:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004-08-04 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-04 13:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe
< End of report >[/log]

[URL=http://www.fotosik.pl/showFullSize.php?id=0e8c88269ded15fc][IMG]http://images42.fotosik.pl/193/0e8c88269ded15fcm.jpg[/IMG][/URL]
Screen jest z dupy, bo mi się całość na ekranie nie mieści :P Nazwy rzekomych wirów, których nie widać na screenie to kolejno:
Warm.sobig.f.dam
Trojan.Downloader.Zlob.bbk

Hilfe! Help! Pomoszczi! Oskuuuur! :D

Mateusz J.
komentarz
komentarz

Drugi i trzeci plik to wirusy znajdujące się w folderze przywracania systemu.
Aby je usunąć wyłącz na chwile przywracanie systemu.

Wracając do pierwszego pliku, jest to bibliotek nero (z resztą jak widać), nie będziemy jej usuwać, chyba że chcesz przeinstalować nero.
Jeśli jednak nie chcesz przeinstalowywać wykonaj skan Kaspersky virus removal tool, który powinien wyleczyć bibliotekę.
Tych bibliotek może być więcej dlatego przeskanuj najlepiej obszar całego komputera.

A w logu zaś widzimy infekcję z pendrive, usuwanie poniżej.
Uruchom OTL i w oknie Custom Scans/Fixes wklej
[code]
:OTL
MOD - [2010-04-07 13:33:00 | 000,079,360 | RHS- | M] () -- C:\Documents and Settings\naekana\Ustawienia lokalne\Temp\cvasds0.dll
O3 - HKLM\..\Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - No CLSID value found.
O3 - HKU\S-1-5-21-1934228333-2307936120-1222219993-1005\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-1934228333-2307936120-1222219993-1005\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O4 - HKU\S-1-5-21-1934228333-2307936120-1222219993-1005..\Run: [cdoosoft] C:\Documents and Settings\naekana\Ustawienia lokalne\Temp\herss.exe ()
O32 - AutoRun File - [2010-04-07 13:40:36 | 000,000,063 | RHS- | M] () - C:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010-04-07 13:40:36 | 000,000,063 | RHS- | M] () - D:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{faed92f8-455c-11de-91ea-000e50ead57c}\Shell\AutoRun\command - "" = G:\mi9al8rs.exe -- File not found
O33 - MountPoints2\{faed92f8-455c-11de-91ea-000e50ead57c}\Shell\open\Command - "" = G:\mi9al8rs.exe -- File not found

:Files
C:\Documents and Settings\naekana\Ustawienia lokalne\Temp\cvasds0.dll
C:\Documents and Settings\naekana\Ustawienia lokalne\Temp\herss.exe
C:\autorun.inf
D:\autorun.inf
C:\mi9al8rs.exe
D:\mi9al8rs.exe
C:\FOUND.010
C:\FOUND.009
C:\ysyjq1bs.exe
D:\ysyjq1bs.exe
C:\pbyqfn.exe
C:\sdfqh.exe
C:\mi9al8rs.exe
C:\affi8l.exe
C:\bbjl2g.exe
C:\ji83j.exe
D:\pbyqfn.exe
D:\sdfqh.exe
D:\mi9al8rs.exe
D:\affi8l.exe
D:\bbjl2g.exe
D:\ji83j.exe
C:\mbdm.exe
D:\mbdm.exe

:Commands
[emptytemp]
[Reboot]

[/code]
Kliknij Run Fix. Zatwierdź restart komputera.
Po ponownym uruchomieniu komputera tworzysz nowy log i pokazujesz do kontroli.

Miło mi Cie ponownie "zobaczyć".

  • Dobra wypowiedź 1
naekana
komentarz
komentarz

Kasper znalazł...14 wirów :blink: (Gdzie ja łaziłam? :haha:) Opcja wyleczenia nie była możliwa, jedynie usunięcie plików. Przywracanie wyłączyłam. Poniżej log z OTL.

[log]OTL logfile created on: 2010-04-08 10:49:53 - Run 3
OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\naekana\Pulpit
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

447,00 Mb Total Physical Memory | 52,00 Mb Available Physical Memory | 12,00% Memory free
959,00 Mb Paging File | 585,00 Mb Available in Paging File | 61,00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32,45 Gb Total Space | 15,93 Gb Free Space | 49,11% Space Free | Partition Type: FAT32
Drive D: | 21,56 Gb Total Space | 9,79 Gb Free Space | 45,43% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANNA
Current User Name: naekana
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-04-07 13:16:38 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\naekana\Pulpit\OTL.exe
PRC - [2010-04-04 10:11:00 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-03-17 23:33:20 | 008,319,560 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2010-03-09 04:28:30 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2009-08-06 19:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
PRC - [2009-05-21 18:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
PRC - [2009-02-09 13:25:58 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 19:21:50 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 19:21:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPDEVMGMT]
PRC - [2008-04-14 19:21:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-14 19:21:42 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 19:21:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 19:21:10 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-14 19:21:10 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 19:21:02 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2008-03-25 20:49:02 | 000,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
PRC - [2008-03-25 20:49:00 | 000,569,344 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
PRC - [2008-03-25 20:40:42 | 000,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2007-10-14 21:17:32 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2006-06-01 14:02:54 | 000,491,520 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
PRC - [2006-05-31 22:57:02 | 000,573,440 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2006-05-30 10:28:20 | 000,811,008 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2006-04-27 03:39:50 | 000,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ATI2EVXX.EXE
PRC - [2006-04-17 02:24:30 | 000,110,592 | ---- | M] () -- C:\WINDOWS\ATK0100\HControl.exe
PRC - [2006-04-17 00:34:42 | 016,143,872 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2006-04-01 01:37:00 | 002,170,880 | ---- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe
PRC - [2006-03-14 17:46:00 | 000,090,112 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
PRC - [2006-02-21 15:20:54 | 000,180,224 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2006-01-26 20:51:16 | 000,761,946 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2005-11-08 22:02:46 | 000,038,912 | ---- | M] (Felix 'SniperBeamer' Geyer) -- C:\Program Files\Thunderbird-Tray\TBTray.exe
PRC - [2005-07-06 15:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\WINDOWS\system32\ACEngSvr.exe
PRC - [2005-06-20 23:10:30 | 000,053,248 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2005-02-17 07:15:20 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2004-11-02 20:24:46 | 000,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
PRC - [2004-01-26 11:38:38 | 000,866,816 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe
PRC - [2003-10-16 18:07:12 | 000,053,248 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\TaskBarIcon.exe
PRC - [2003-10-16 18:07:10 | 000,024,576 | ---- | M] () -- C:\Program Files\Neostrada TP\CnxMon.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-04-07 13:16:38 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\naekana\Pulpit\OTL.exe
MOD - [2009-12-08 10:25:46 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 10:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 16:54:38 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009-03-21 16:09:00 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 12:53:44 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2009-02-09 12:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-10-23 13:42:42 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-06-17 20:03:16 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 19:21:56 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 19:20:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 19:20:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 19:20:56 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 19:20:56 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 19:20:56 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 19:20:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 19:20:44 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 19:20:44 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 19:20:44 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 19:20:44 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 19:20:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 19:20:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 19:20:36 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008-04-14 19:20:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-14 19:20:32 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-14 19:20:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 19:12:58 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime
MOD - [2008-04-14 18:59:08 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-10-22 13:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\92772342.sys -- (92772342)
DRV - [2009-10-09 23:31:10 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\9277234.sys -- (setup_9.0.0.722_07.04.2010_19-07drv)
DRV - [2009-09-25 17:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\92772341.sys -- (92772341)
DRV - [2008-04-13 18:36:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2006-06-14 18:16:00 | 000,425,472 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZD1211BU.sys -- (ZD1211BU(ASUS)) ASUS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ASUS)
DRV - [2006-05-31 23:03:00 | 000,894,336 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2006-04-27 03:46:50 | 001,540,096 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006-04-17 01:31:26 | 004,262,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-01-26 20:25:54 | 000,191,936 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006-01-18 12:41:58 | 000,080,512 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005-07-13 21:14:34 | 000,027,904 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\risdptsk.sys -- (risdptsk)
DRV - [2005-07-12 04:00:30 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005-02-17 08:07:48 | 000,005,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2004-08-03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2003-12-08 11:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2003-12-08 11:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
DRV - [2002-09-09 19:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5)
DRV - [2001-08-17 21:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com

IE - HKU\S-1-5-21-1934228333-2307936120-1222219993-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com
IE - HKU\S-1-5-21-1934228333-2307936120-1222219993-1005\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Neostrada TP\SearchPageURL.dll ()
IE - HKU\S-1-5-21-1934228333-2307936120-1222219993-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "chrome://fastdial/content/fastdial.html"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.11
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.7
FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b1
FF - prefs.js..extensions.enabledItems: {446c03e0-2c35-11db-a98b-0800200c9a66}:0.6.1.14
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100211.5
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {FBF6D7FB-F305-4445-BB3D-FEF66579A033}:4.9
FF - prefs.js..extensions.enabledItems: {C0CB8BA3-6C1B-47e8-A6AB-1FAB889562D9}:0.6.0.5
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: secureLogin@blueimp.net:0.9.3
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.2
FF - prefs.js..extensions.enabledItems: {d33c2f7c-b1e6-4d46-ab0e-be1f6d05c904}:2.0.2
FF - prefs.js..extensions.enabledItems: CrystalFox_Qute@BigRedBrent:3.7

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-05-26 12:49:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-05-26 12:49:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2008-08-06 08:22:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010-02-17 05:21:54 | 000,000,000 | ---D | M]

[2009-01-10 16:50:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Extensions
[2008-08-04 10:36:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions
[2010-03-27 16:06:02 | 000,000,000 | ---D | M] (Screengrab) -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2010-01-29 11:59:06 | 000,000,000 | ---D | M] (All-in-One Sidebar) -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
[2009-08-09 08:58:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-03-17 23:37:50 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2010-02-06 13:42:20 | 000,000,000 | ---D | M] (Favicon Picker 2) -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\{446c03e0-2c35-11db-a98b-0800200c9a66}
[2008-08-05 19:49:22 | 000,000,000 | ---D | M] (QuickNote) -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\{C0CB8BA3-6C1B-47e8-A6AB-1FAB889562D9}
[2010-01-07 18:13:52 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-01-07 18:13:54 | 000,000,000 | ---D | M] (Tiny Menu) -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\{d33c2f7c-b1e6-4d46-ab0e-be1f6d05c904}
[2010-01-30 02:17:36 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2009-10-26 00:07:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010-02-16 01:55:16 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010-03-17 23:37:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
[2009-07-07 19:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\CrystalFox_Qute@BigRedBrent
[2008-12-19 14:47:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\dlembed@aeruder.net
[2009-07-30 11:47:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\fastdial@telega.phpnet.us
[2010-02-06 13:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\extensions\secureLogin@blueimp.net
[2009-10-31 17:49:22 | 000,002,062 | ---- | M] () -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\searchplugins\getionarypl.xml
[2009-10-31 17:49:22 | 000,002,064 | ---- | M] () -- C:\Documents and Settings\naekana\Dane aplikacji\Mozilla\Firefox\Profiles\rddvirzg.default\searchplugins\getionaryen.xml
[2009-05-26 12:49:22 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-03-16 21:50:20 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-03-16 21:50:20 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-03-16 21:50:20 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-03-16 21:50:20 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-03-16 21:50:20 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-03-16 21:50:20 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2004-08-04 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4 - HKLM..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SpeedTouch USB Diagnostics] C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe (THOMSON Telecom Belgium)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe File not found
O4 - HKLM..\Run: [WooCnxMon] C:\Program Files\Neostrada TP\CnxMon.exe ()
O4 - HKLM..\Run: [WOOTASKBARICON] C:\Program Files\Neostrada TP\TaskBarIcon.exe (France Télécom R&D)
O4 - HKLM..\Run: [WOOWATCH] C:\Program Files\Neostrada TP\Watch.exe (France Télécom R&D)
O4 - HKU\S-1-5-21-1934228333-2307936120-1222219993-1005..\Run: [ccleaner] D:\PROGRAMY\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\MultiFrame.lnk = C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe (ASUSTek Computer Inc.)
O4 - Startup: C:\Documents and Settings\naekana\Menu Start\Programy\Autostart\TB-Tray.lnk = C:\Program Files\Thunderbird-Tray\TBTray.exe (Felix 'SniperBeamer' Geyer)
O4 - Startup: C:\Documents and Settings\naekana\Menu Start\Programy\Autostart\setup_9.0.0.722_07.04.2010_19-07.lnk = C:\Documents and Settings\naekana\Pulpit\Virus Removal Tool\setup_9.0.0.722_07.04.2010_19-07\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1934228333-2307936120-1222219993-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Zaznaczanie HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ATI2EVXX.DLL (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\naekana\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\naekana\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-08-03 05:45:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008-08-03 05:31:58 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^ASUS ChkMail.lnk - C:\PROGRA~1\ASUS\ASUSCH~1\ChkMail.exe - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpReg: [b]AVP[/b] - hkey= - key= - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe File not found
MsConfig - StartUpReg: [b]Control Center[/b] - hkey= - key= - C:\Program Files\ASUS\WLAN Card Utilities\Center.exe (ASUSTeK COMPUTER INC.)
MsConfig - StartUpReg: [b]hpqSRMon[/b] - hkey= - key= - C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: [b]NeroFilterCheck[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]PowerForPhone[/b] - hkey= - key= - C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe (ASUSTek)
MsConfig - StartUpReg: [b]RemoteControl[/b] - hkey= - key= - D:\PROGRAMY\AsusDVD\PDVDServ.exe File not found
MsConfig - StartUpReg: [b]SynTPEnh[/b] - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-04-08 10:37:27 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-04-07 18:02:52 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\9277234.sys
[2010-04-07 18:02:52 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\92772341.sys
[2010-04-07 18:02:52 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\92772342.sys
[2010-04-07 18:02:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\naekana\Pulpit\Virus Removal Tool
[2010-04-07 17:59:57 | 069,094,224 | ---- | C] ( ) -- C:\Documents and Settings\naekana\Pulpit\setup_9.0.0.722_07.04.2010_19-07.exe
[2010-04-07 13:24:12 | 000,000,000 | ---D | C] -- C:\rsit
[2010-04-07 13:16:35 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\naekana\Pulpit\OTL.exe
[2010-04-07 13:15:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\naekana\Moje dokumenty\Pobieranie
[2010-04-07 11:58:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\naekana\Moje dokumenty\ASUSTeK
[2010-04-05 14:23:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Sports Interactive
[2010-03-31 00:17:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2010-03-31 00:17:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010-03-23 19:12:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\naekana\Dane aplikacji\Ashampoo
[2010-03-23 19:12:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\naekana\Ustawienia lokalne\Dane aplikacji\ashampoo
[2010-03-23 19:12:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo
[2010-03-23 18:34:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\naekana\Dane aplikacji\Canneverbe Limited
[2010-03-23 18:34:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Canneverbe Limited
[2010-03-22 20:14:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\McAfee
[2010-03-19 16:42:34 | 000,000,000 | ---D | C] -- C:\Program Files\Pity 2009
[2010-02-18 17:01:59 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Installer Clean Up
[2008-12-01 21:18:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Apple
[2008-08-03 05:49:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2008-08-03 05:49:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2008-08-03 05:36:56 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2008-08-03 05:36:56 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2004-12-07 09:13:40 | 000,479,432 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dxsetup.exe
[2004-12-07 09:13:38 | 002,249,416 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll
[2004-12-07 09:13:38 | 000,069,832 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll
[3 C:\Documents and Settings\naekana\Pulpit\*.tmp files -> C:\Documents and Settings\naekana\Pulpit\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-04-08 10:41:10 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-04-08 10:41:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-04-08 10:41:04 | 469,159,936 | -HS- | M] () -- C:\hiberfil.sys
[2010-04-08 10:40:06 | 005,767,168 | ---- | M] () -- C:\Documents and Settings\naekana\ntuser.dat
[2010-04-08 10:40:06 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\naekana\ntuser.ini
[2010-04-08 10:39:50 | 001,278,178 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-04-08 10:39:50 | 000,558,380 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-04-08 10:39:50 | 000,493,554 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-04-08 10:39:50 | 000,118,138 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-04-08 10:39:50 | 000,092,398 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-04-08 10:16:22 | 000,116,224 | RHS- | M] () -- C:\ba.exe
[2010-04-07 18:04:24 | 000,002,129 | ---- | M] () -- C:\Documents and Settings\naekana\Menu Start\Programy\Autostart\setup_9.0.0.722_07.04.2010_19-07.lnk
[2010-04-07 18:02:32 | 069,094,224 | ---- | M] ( ) -- C:\Documents and Settings\naekana\Pulpit\setup_9.0.0.722_07.04.2010_19-07.exe
[2010-04-07 15:32:34 | 000,012,937 | ---- | M] () -- C:\Documents and Settings\naekana\Pulpit\rachunki.xlsx
[2010-04-07 14:07:28 | 000,075,841 | ---- | M] () -- C:\Documents and Settings\naekana\Pulpit\skaner full.JPG
[2010-04-07 14:04:54 | 000,021,875 | ---- | M] () -- C:\Documents and Settings\naekana\Pulpit\skaner2.JPG
[2010-04-07 14:04:18 | 000,053,899 | ---- | M] () -- C:\Documents and Settings\naekana\Pulpit\skaner1.JPG
[2010-04-07 13:16:38 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\naekana\Pulpit\OTL.exe
[2010-04-07 13:15:54 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\naekana\Pulpit\ltficky6.exe
[2010-04-07 11:48:02 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-04-07 11:47:58 | 000,015,872 | ---- | M] () -- C:\Documents and Settings\naekana\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-04-05 14:22:56 | 000,001,516 | ---- | M] () -- C:\Documents and Settings\naekana\Pulpit\Football Manager 2005.lnk
[2010-04-05 14:14:18 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-04-01 00:37:34 | 000,001,506 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2010-03-28 11:50:58 | 000,274,168 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-03-25 17:39:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010-03-19 16:42:46 | 000,000,593 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Pity 2009.lnk
[2010-03-18 03:06:48 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-02-13 11:47:20 | 000,045,056 | ---- | M] () -- C:\WINDOWS\System32\acovcnt.exe
[3 C:\Documents and Settings\naekana\Pulpit\*.tmp files -> C:\Documents and Settings\naekana\Pulpit\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-04-08 10:16:51 | 000,116,224 | RHS- | C] () -- C:\ba.exe
[2010-04-07 18:04:23 | 000,002,129 | ---- | C] () -- C:\Documents and Settings\naekana\Menu Start\Programy\Autostart\setup_9.0.0.722_07.04.2010_19-07.lnk
[2010-04-07 13:54:51 | 000,075,841 | ---- | C] () -- C:\Documents and Settings\naekana\Pulpit\skaner full.JPG
[2010-04-07 13:23:34 | 000,021,875 | ---- | C] () -- C:\Documents and Settings\naekana\Pulpit\skaner2.JPG
[2010-04-07 13:22:42 | 000,053,899 | ---- | C] () -- C:\Documents and Settings\naekana\Pulpit\skaner1.JPG
[2010-04-07 13:15:56 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\naekana\Pulpit\ltficky6.exe
[2010-04-05 14:22:54 | 000,001,516 | ---- | C] () -- C:\Documents and Settings\naekana\Pulpit\Football Manager 2005.lnk
[2010-04-01 00:37:33 | 000,001,506 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
[2010-03-19 16:42:44 | 000,000,593 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Pity 2009.lnk
[2010-03-15 14:49:30 | 000,012,937 | ---- | C] () -- C:\Documents and Settings\naekana\Pulpit\rachunki.xlsx
[2010-02-12 16:50:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\acovcnt.exe
[2010-01-31 21:23:32 | 001,910,995 | ---- | C] () -- C:\Documents and Settings\naekana\Dane aplikacji\langInstall.exe
[2009-10-24 13:58:02 | 005,767,168 | ---- | C] () -- C:\Documents and Settings\naekana\ntuser.dat
[2009-10-24 00:25:14 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009-10-16 20:21:37 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-10-07 21:35:09 | 000,000,736 | ---- | C] () -- C:\WINDOWS\DigimaxMaster.INI
[2009-02-21 14:19:24 | 000,002,323 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log
[2008-11-19 22:24:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PCFriend.INI
[2008-10-24 11:51:37 | 000,000,115 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008-09-11 09:30:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2008-09-11 09:20:50 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS6e.DLL
[2008-09-10 14:45:10 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\naekana\.gtk-bookmarks
[2008-09-10 14:08:50 | 000,206,373 | ---- | C] () -- C:\Documents and Settings\naekana\.fonts.cache-1
[2008-08-27 02:43:59 | 000,015,872 | ---- | C] () -- C:\Documents and Settings\naekana\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-08-11 19:45:14 | 000,000,035 | ---- | C] () -- C:\WINDOWS\Blink.ini
[2008-08-07 03:30:25 | 000,004,633 | ---- | C] () -- C:\Documents and Settings\naekana\.recently-used.xbel
[2008-08-04 19:37:20 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008-08-04 13:37:34 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008-08-04 11:06:36 | 000,005,940 | ---- | C] () -- C:\Documents and Settings\naekana\.plugin140_03.trace
[2008-08-03 07:35:37 | 000,000,075 | ---- | C] () -- C:\Documents and Settings\naekana\LuResult.txt
[2008-08-03 06:56:07 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll
[2008-08-03 06:55:03 | 000,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2008-08-03 06:14:09 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\naekana\ntuser.dat.LOG
[2008-08-03 06:14:09 | 000,000,292 | -HS- | C] () -- C:\Documents and Settings\naekana\ntuser.ini
[2008-08-03 06:13:31 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2008-08-03 06:13:31 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT.LOG
[2008-08-03 06:07:24 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008-08-03 05:51:01 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2008-08-03 05:25:53 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys
[2004-12-07 09:13:42 | 003,578,547 | ---- | C] () -- C:\Program Files\ManagedDX.CAB
[2004-12-07 09:13:42 | 001,156,363 | ---- | C] () -- C:\Program Files\BDANT.cab
[2004-12-07 09:13:42 | 000,703,080 | ---- | C] () -- C:\Program Files\BDA.cab
[2004-12-07 09:13:38 | 013,265,040 | R--- | C] () -- C:\Program Files\dxnt.cab
[2004-12-07 09:13:36 | 015,493,481 | ---- | C] () -- C:\Program Files\DirectX.cab
[2004-12-07 09:13:36 | 000,976,020 | ---- | C] () -- C:\Program Files\BDAXP.cab
[2004-12-07 08:47:32 | 000,020,717 | ---- | C] () -- C:\Program Files\DirectX SDK EULA.txt
[2004-11-24 07:38:18 | 000,007,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\MMIOPORT.SYS
[2004-11-24 07:38:18 | 000,002,538 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003-04-08 11:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002-03-19 01:18:54 | 000,120,832 | ---- | C] () -- C:\WINDOWS\System32\LAME_ENC.DLL
[1998-10-11 01:07:38 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll

[color=#E56717]========== LOP Check ==========[/color]

[2008-09-12 22:22:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2008-10-31 07:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\tlen.pl
[2008-11-30 21:43:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2008-12-17 23:06:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Graboid Inc
[2008-12-18 12:21:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Launcher
[2009-05-26 14:08:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Last.fm
[2010-01-16 16:05:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\karta
[2010-01-31 19:46:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-01-31 21:20:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Iceni
[2010-03-23 18:34:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Canneverbe Limited
[2010-03-23 19:12:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo
[2008-08-03 19:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Gadu-Gadu
[2008-08-04 12:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\gtk-2.0
[2008-08-06 08:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Thunderbird
[2008-10-31 07:15:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Tlen.pl
[2008-11-30 21:43:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\ipla
[2008-12-19 12:23:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Orbit
[2009-05-19 16:11:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Mesa Dynamics, LLC
[2009-05-26 14:34:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\COWON
[2009-10-14 12:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\uTorrent
[2010-01-31 19:46:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Gadu-Gadu 10
[2010-03-23 18:34:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Canneverbe Limited
[2010-03-23 19:12:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\naekana\Dane aplikacji\Ashampoo

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2006-07-09 19:41:00 | 000,524,288 | RH-- | M] () -- C:\A9Rp.rom
[2004-10-21 19:57:46 | 000,000,009 | ---- | M] () -- C:\A9RP.10
[2010-04-08 10:41:02 | 603,979,776 | -HS- | M] () -- C:\PAGEFILE.SYS
[2004-08-04 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2008-12-18 13:36:10 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2004-08-04 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004-11-23 16:25:10 | 000,000,014 | ---- | M] () -- C:\XPHL_SP2.POL
[2006-06-22 18:52:56 | 000,000,010 | ---- | M] () -- C:\RECOVERY.DAT
[2009-07-29 03:24:34 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2008-08-03 05:45:10 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008-08-03 05:45:10 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2008-08-03 05:45:10 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008-08-03 05:45:10 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010-04-08 10:41:04 | 469,159,936 | -HS- | M] () -- C:\hiberfil.sys
[2010-04-08 10:16:22 | 000,116,224 | RHS- | M] () -- C:\ba.exe
[2008-08-03 05:51:08 | 000,000,440 | ---- | M] () -- C:\RHDSetup.log
[2010-04-07 13:23:56 | 000,007,520 | ---- | M] () -- C:\mksbasel.cpp.log
[2007-02-10 10:06:18 | 000,524,288 | RH-- | M] () -- C:\A9RP.BIN
[2009-02-23 04:14:38 | 000,000,594 | ---- | M] () -- C:\updatedatfix.log


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2008-12-18 13:30:02 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:agp440.sys
[2008-12-18 13:30:02 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008-12-18 13:30:02 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008-12-18 13:30:02 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2004-08-04 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2004-08-04 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008-12-18 13:30:02 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2004-08-04 13:00:00 | 018,789,127 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:cdrom.sys
[2008-12-18 13:30:02 | 023,908,281 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004-08-04 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2004-08-04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=05684DE2DA55A04C8AAAB5911AFE7643 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008-04-14 19:20:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008-04-14 19:20:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-13 21:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-13 21:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004-08-04 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-04 13:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 19:21:48 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe
< End of report >[/log]

Mateusz J.
komentarz
komentarz

Włącz pokazywanie ukrytych plików i folderów oraz wyłącz ukrywanie chronionych plikow systemowtch.
Następnie usuń: C:\ba.exe
W OTL odpalasz opcję CleanUP.
Clean :)

  • Dobra wypowiedź 1
naekana
komentarz
komentarz

Z c:\ usunięty, ale jest jeszcze taki pliczek na d:\ Usunąć?

Mateusz J.
komentarz
komentarz

Gafa...
Tak usuń :)

  • Dobra wypowiedź 1
naekana
komentarz
komentarz

Usunięte. Śmiga. Dzięks :D:cmok:

A i jeszcze jedna kwestia - co zrobić z tym chorym penem, co by za każdym razem nie zadżumiał mi laptopka?:D Zapoznałam się z tym tematem -> http://www.forumpc.pl/index.php?showtopic=99378, ale trochę to chaotycznie napisane. Więc po kolei:

1 - wyłączyć autouruchamianie (jak to z powrotem włączyć? czy to zapobiegnie przeniesieniu wirów na dysk po wpięciu pena?)
2 - użyć Flash Disinfectora (czy dane znajdujące na penie zostaną bezpowrotnie utracone po tej operacji?)

Jak zabezpieczyć się przed ewentualną (ponowną) infekcją? Kasper wyłapie wiry zanim przeniosą się na twardziela, czy za każdym razem przed wpięciem pena trzeba będzie wyłączać autouruchamianie?

Mateusz J.
komentarz
komentarz

Przeczytaj: http://www.searchengines.pl/Infekcje-z-pendrive-mediow-przenosnych-t94761.html
Wyłączenie autouruchamianie zapobiega przenoszenie wirusów przy wpięciu pendrive, jednak nie 100%, jak wejdziesz już na pendrive to wirusy i tka sie przenoszą.
Flash Disinfector nie usuwa zawartości pendrive.

Najlepiej przeczytaj: http://www.searchengines.pl/Infekcje-z-pendrive-mediow-przenosnych-t94761.html

naekana
komentarz
komentarz

Ok, zdecydowałam się na Pandę USB Vaccine. Czy jeśli ją pobiorę, to nie będzie się czasem kłócić z Kasperem (tj. czy taka kombinacja nie spowolni mi drastycznie kompa)? Upieram się przy Kasperze, bo to najlepsze jak dotąd z przetestowanych przeze mnie zabezpieczeń.

Mateusz J.
komentarz
komentarz

Oj...Kasper może gryźć pandę.
Ale nie testowałem takiego połączenia, a więc proponuje spróbować.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.