x-kom hosting

Jak wyrzucic wirusy?

klimek1313
utworzono
utworzono

witam,
Microsoft Security Essential wykryl dwa wirusy: jmcierk.dll i piynalz.dll. Nie potrafi ich jednak wyrzucic. Recznie tez sie nie da: pierwszy nie pozwala, a drugiego nie widze (oba maja byc w Windows/system32/).
Czym je potraktowac? Prosze o porade. Dzieki

kokoxxr
komentarz
komentarz

to dodaj je do kwarantanny,jak sie nie da to znaczy że system z nich aktualnie korzysta

Sohei
komentarz
komentarz

Wrzuć logi z programów:
[url=http://oldtimer.geekstogo.com/OTL.exe][b][color=blue]OTL[/color][/b][/url]
Ustaw [b]Processes[/b] i [b]Modules[/b] na [b]All[/b] a w [b]Custom Scans/Fixes[/b] wklej:
[quote]netsvcs
msconfig
safebootminimal
safebootnetwork
%systemdrive%\*.*[/quote]

[url=http://images.malwareremoval.com/random/RSIT.exe][b][color=blue]RSIT[/color][/b][/url]
[url=http://www.gmer.net/][b][color=blue]Gmer[/color][/b][/url]
GMER, zakładka Rootkit/Malware, klikasz Szukaj, po skanie Kopiuj lub Zapisz.

  • Dobra wypowiedź 1
klimek1313
komentarz
komentarz

to niby trojan Boaxxe. ponizej logi:
gmer:
[log]
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-08-09 16:12:38
Windows 5.1.2600 Service Pack 3
Running: 923f7zkn.exe; Driver: C:\DOCUME~1\BRIDGE~1.EID\LOCALS~1\Temp\kwdoypoc.sys


---- System - GMER 1.0.15 ----

SSDT spfj.sys ZwCreateKey [0xB9EB50E0]
SSDT spfj.sys ZwEnumerateKey [0xB9ECDDA4]
SSDT spfj.sys ZwEnumerateValueKey [0xB9ECE132]
SSDT spfj.sys ZwOpenKey [0xB9EB50C0]
SSDT spfj.sys ZwQueryKey [0xB9ECE20A]
SSDT spfj.sys ZwQueryValueKey [0xB9ECE08A]
SSDT spfj.sys ZwSetValueKey [0xB9ECE29C]

INT 0x62 ? 8A709BF8
INT 0x63 ? 8A513BF8
INT 0x82 ? 8A709BF8
INT 0x83 ? 8A513BF8
INT 0xA4 ? 8A513BF8
INT 0xB4 ? 8A709BF8
INT 0xB4 ? 8A709BF8
INT 0xB4 ? 8A513BF8
INT 0xB4 ? 8A709BF8

---- Kernel code sections - GMER 1.0.15 ----

PAGE ntkrnlpa.exe!ObReferenceObjectByHandle + 44F 805BB8D1 7 Bytes JMP 8A702150
? spfj.sys The system cannot find the file specified. !
.text USBPORT.SYS!DllUnload B94038AC 5 Bytes JMP 8A5131D8

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [B9EB6042] spfj.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [B9EB613E] spfj.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [B9EB60C0] spfj.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [B9EB6800] spfj.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [B9EB66D6] spfj.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [B9EC5B90] spfj.sys

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8A7081F8
Device \FileSystem\Fastfat \FatCdrom 8A429500
Device \Driver\usbuhci \Device\USBPDO-0 8A5121F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon 8A69A1F8
Device \Driver\dmio \Device\DmControl\DmConfig 8A69A1F8
Device \Driver\dmio \Device\DmControl\DmPnP 8A69A1F8
Device \Driver\dmio \Device\DmControl\DmInfo 8A69A1F8
Device \Driver\usbuhci \Device\USBPDO-1 8A5121F8
Device \Driver\usbuhci \Device\USBPDO-2 8A5121F8
Device \Driver\usbuhci \Device\USBPDO-3 8A5121F8
Device \Driver\usbehci \Device\USBPDO-4 8A4421F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 8A70A1F8
Device \Driver\Cdrom \Device\CdRom0 8A4E61F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [B9E09B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [B9E09B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [B9E09B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP2T1L0-e [B9E09B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort2 [B9E09B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort3 [B9E09B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\NetBT \Device\NetBt_Wins_Export 89EF8500
Device \Driver\NetBT \Device\NetbiosSmb 89EF8500
Device \Driver\NetBT \Device\NetBT_Tcpip_{F01DD29E-94AB-4740-9BB0-07C7D340029B} 89EF8500
Device \Driver\usbuhci \Device\USBFDO-0 8A5121F8
Device \Driver\usbuhci \Device\USBFDO-1 8A5121F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 89E331F8
Device \Driver\usbuhci \Device\USBFDO-2 8A5121F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 89E331F8
Device \Driver\usbuhci \Device\USBFDO-3 8A5121F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{150DAD60-EFBC-4DEE-B58F-817660D399BD} 89EF8500
Device \Driver\usbehci \Device\USBFDO-4 8A4421F8
Device \Driver\Ftdisk \Device\FtControl 8A70A1F8
Device \FileSystem\Fastfat \Fat 8A429500

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Cdfs \Cdfs 89DAC500

---- EOF - GMER 1.0.15 ----

[/log]
[log]
OTL logfile created on: 08/08/2010 22:25:47 - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Bridge.EID90\Desktop\Bridge\1st Off\Tomek\priv\System
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 35.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): C:\pagefile.sys 1905 1905 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 49.15 Gb Free Space | 65.96% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 48.83 Gb Total Space | 32.76 Gb Free Space | 67.10% Space Free | Partition Type: NTFS
Drive J: | 48.83 Gb Total Space | 32.76 Gb Free Space | 67.10% Space Free | Partition Type: NTFS

Computer Name: BRIDGEPC_FORC
Current User Name: Bridge
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010/07/29 11:51:21 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bridge.EID90\Desktop\Bridge\1st Off\Tomek\priv\System\OTL.exe
PRC - [2010/06/15 15:05:58 | 000,719,688 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010/06/15 15:04:28 | 001,051,976 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2010/05/13 17:12:40 | 026,192,168 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Microsoft Connection\Phone\miccon.exe
PRC - [2010/04/17 01:26:28 | 010,355,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
PRC - [2010/01/16 05:18:19 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/11/27 08:43:12 | 000,608,256 | ---- | M] (Haseeb Ahmed) -- C:\Program Files\MSE Update Utility\MSE Update Utility.exe
PRC - [2009/09/13 19:52:50 | 001,048,392 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2009/08/06 20:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
PRC - [2009/07/12 10:21:20 | 000,090,112 | ---- | M] () -- C:\Program Files\Seagull\STA33\DbamSQLAgent.exe
PRC - [2009/07/02 18:36:52 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/05/27 04:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2009/03/09 06:19:15 | 000,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/02/06 13:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2009/02/05 23:56:14 | 000,117,208 | ---- | M] (AnchorFree Inc.) -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2008/11/24 23:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008/11/24 23:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2008/10/20 15:00:46 | 000,329,216 | ---- | M] (UK Hydrographic Office and Chersoft Ltd) -- C:\Program Files\Common Files\CherSoft\TTService\TTService.exe
PRC - [2008/05/06 10:09:26 | 000,020,480 | ---- | M] () -- C:\Program Files\Seagull\STA33\Sta.Importer.Service.exe
PRC - [2008/04/14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008/04/14 02:12:36 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008/04/14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008/04/14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2008/04/14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008/04/14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008/04/14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008/04/14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008/04/14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008/04/14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008/04/14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [BTHSVCS]
PRC - [2008/04/14 02:12:33 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scardsvr.exe
PRC - [2008/04/14 02:12:33 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008/04/14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008/04/14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 02:12:16 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008/04/14 02:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008/04/14 02:12:12 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007/01/04 23:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 23:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2005/10/14 17:51:40 | 014,864,384 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2005/09/20 10:36:20 | 000,114,688 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
PRC - [2005/09/20 10:32:24 | 000,077,824 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2004/09/29 13:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010/07/29 11:51:21 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bridge.EID90\Desktop\Bridge\1st Off\Tomek\priv\System\OTL.exe
MOD - [2010/05/04 19:20:39 | 001,168,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2010/05/04 19:20:36 | 000,268,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll
MOD - [2009/12/08 11:23:28 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009/06/25 10:25:26 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009/04/15 16:51:25 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009/03/21 16:06:58 | 000,989,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009/02/09 14:10:48 | 000,714,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2009/02/09 14:10:48 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008/10/23 14:36:14 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008/10/15 18:34:24 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2008/06/17 21:02:19 | 008,461,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008/04/14 05:42:06 | 000,985,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008/04/14 02:12:51 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2008/04/14 02:12:45 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008/04/14 02:12:08 | 000,727,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008/04/14 02:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008/04/14 02:12:08 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008/04/14 02:12:08 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008/04/14 02:12:07 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008/04/14 02:12:03 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008/04/14 02:12:02 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008/04/14 02:12:02 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008/04/14 02:12:02 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008/04/14 02:12:01 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008/04/14 02:11:58 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008/04/14 02:11:54 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008/04/14 02:11:53 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008/04/14 02:11:51 | 000,792,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008/04/14 02:11:51 | 000,276,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008/04/14 02:11:50 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008/04/14 02:11:49 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008/04/14 02:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008/04/14 02:10:06 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe -- (HotspotShieldService)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\ArcaBit\Common\ArcaBit.Core.Configurator2.exe -- (ArcaBit.Core.Configurator)
SRV - [2010/07/30 01:59:40 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010/06/15 15:04:28 | 001,051,976 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010/06/15 15:01:36 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009/07/12 10:21:20 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Seagull\STA33\DbamSQLAgent.exe -- (Sta.Dbam.SqlAgent$SEAGULL2005) Sta Dbam SqlAgent (SEAGULL2005)
SRV - [2009/07/02 18:36:52 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/05/27 04:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$SEAGULL2005) SQL Server (SEAGULL2005)
SRV - [2009/02/05 23:56:14 | 000,117,208 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2008/11/24 23:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008/11/24 23:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008/11/24 23:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008/10/20 15:00:46 | 000,329,216 | ---- | M] (UK Hydrographic Office and Chersoft Ltd) [Auto | Running] -- C:\Program Files\Common Files\CherSoft\TTService\TTService.exe -- (TTService)
SRV - [2008/05/06 10:09:26 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Seagull\STA33\Sta.Importer.Service.exe -- (Sta.Importer.Service)
SRV - [2007/01/04 23:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2004/09/29 13:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2004/08/04 14:00:00 | 000,101,376 | ---- | M] () [Auto | Start_Pending] -- C:\WINDOWS\System32\jmcierk.dll -- (xcpnsabr)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- D:\UXDCMN.SYS -- (UXDCMN)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\SMCWPCIT.sys -- (SMCWPCIT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\BRIDGE~1.EID\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - [2010/07/29 20:54:08 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/02/25 12:18:08 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/06/18 19:48:04 | 000,142,832 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2009/02/05 23:55:12 | 000,031,704 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hssdrv.sys -- (HssDrv)
DRV - [2008/12/06 20:01:20 | 000,102,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2008/04/13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/01/23 23:25:32 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tapvpn.sys -- (tapvpn)
DRV - [2007/02/28 08:38:22 | 000,091,008 | ---- | M] (OMNIKEY) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cxbu0wdm.sys -- (cxbu0wdm)
DRV - [2006/02/20 18:59:34 | 000,085,408 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810mgmt.sys -- (w810mgmt) Sony Ericsson W810 USB WMC Device Management Drivers (WDM)
DRV - [2006/02/20 18:59:27 | 000,058,288 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810bus.sys -- (w810bus) Sony Ericsson W810 Driver driver (WDM)
DRV - [2005/10/18 13:15:42 | 004,034,048 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/09/24 12:10:24 | 000,008,576 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SIVX32.SYS -- (SIVDRIVER)
DRV - [2005/01/07 17:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/08/04 14:00:00 | 000,023,424 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\yflnahwe.sys -- (yflnahwe)
DRV - [2004/04/21 17:51:00 | 000,016,384 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\wlanndi5.sys -- (wlanndi5)
DRV - [2000/09/09 17:20:26 | 000,047,328 | ---- | M] (Warp Nine Engineering) [Kernel | Auto | Running] -- C:\Program Files\HP DesignJet 500PS\Program\Par1284.sys -- (Par1284)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1

FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/04/09 19:04:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/08 11:44:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/08 11:44:37 | 000,000,000 | ---D | M]

[2010/08/08 11:44:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Mozilla\Extensions
[2010/05/03 04:19:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/08/08 14:34:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Mozilla\Firefox\Profiles\xzyv9j9u.default\extensions
[2010/08/08 12:07:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Bridge.EID90\Application Data\Mozilla\Firefox\Profiles\xzyv9j9u.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/08 14:34:47 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Bridge.EID90\Application Data\Mozilla\Firefox\Profiles\xzyv9j9u.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/08/08 14:34:50 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/12/17 08:13:05 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla(2).org
[2010/01/16 03:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010/01/16 03:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010/01/16 03:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010/01/16 03:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010/01/16 03:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010/01/16 03:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010/08/07 23:10:23 | 000,000,789 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll File not found
O2 - BHO: (no name) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O2 - BHO: () - {FDC9456D-1E39-4363-850A-D67DFECC1351} - C:\WINDOWS\System32\jmcierk.dll ()
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\..\Toolbar\WebBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [MSE Update Utility] C:\Program Files\MSE Update Utility\MSE Update Utility.exe (Haseeb Ahmed)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: Open with Scansoft PDF Converter 3.0 - C:\Program Files\ScanSoft\PDF Professional 3.0\IEShellExt.dll (ScanSoft, Inc.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - Reg Error: Key error. File not found
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - Reg Error: Key error. File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = EID90.FORC
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop Components:0 () - http://by127fd.bay127.hotmail.msn.com/cgi-bin/getmsg?&msg=CD22971B-211B-4F7B-8337-C01DBE49780C&start=0&len=615942&curmbox=00000000-0000-0000-0000-000000000001&a=a148a9eb7def75ab0fc6023ae685cf1f74dff6f533ad256dbc488df2f2fc9bad&mimepart=9
O24 - Desktop Components:1 () - http://by127fd.bay127.hotmail.msn.com/cgi-bin/getmsg?&msg=CD22971B-211B-4F7B-8337-C01DBE49780C&start=0&len=615942&curmbox=00000000-0000-0000-0000-000000000001&a=a148a9eb7def75ab0fc6023ae685cf1f74dff6f533ad256dbc488df2f2fc9bad&mimepart=14
O24 - Desktop Components:2 () - http://www.skipsfarts-forum.net/download.php?action=img&iid=18457
O24 - Desktop Components:3 () - file:///C:/DOCUME~1/BRIDGE~1.EID/LOCALS~1/Temp/msoclip1/01/clip_image002.jpg
O24 - Desktop Components:4 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Bridge.EID90\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Bridge.EID90\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/11/25 15:56:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/08/01 16:24:48 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{0f6cf4b0-86f3-11db-b5ed-0013208aec27}\Shell\Auto\command - "" = RavMonE.exe e
O33 - MountPoints2\{0f6cf4b0-86f3-11db-b5ed-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1270781c-c8a2-11da-b5b7-0013208aec27}\Shell\AutoRun\command - "" = setupSNK.exe
O33 - MountPoints2\{2cc55784-04eb-11de-81b2-0013208aec27}\Shell\AutoRun\command - "" = dbrxubcw.com
O33 - MountPoints2\{2cc55784-04eb-11de-81b2-0013208aec27}\Shell\open\Command - "" = dbrxubcw.com
O33 - MountPoints2\{2cc557d7-04eb-11de-81b2-0013208aec27}\Shell\AutoRun\command - "" = E:\setupSNK.exe -- File not found
O33 - MountPoints2\{44169f9f-50cd-11de-81eb-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{44169f9f-50cd-11de-81eb-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{44169f9f-50cd-11de-81eb-0013208aec27}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{525607c5-bcf7-11dd-b6ad-0013208aec27}\Shell\AutoRun\command - "" = 1utbfd.bat
O33 - MountPoints2\{525607c5-bcf7-11dd-b6ad-0013208aec27}\Shell\open\Command - "" = 1utbfd.bat
O33 - MountPoints2\{5265cf4d-9874-11df-8976-0013208aec27}\Shell\AutoRun\command - "" = kasper/kasper32.exe
O33 - MountPoints2\{5265cf4d-9874-11df-8976-0013208aec27}\Shell\explore\command - "" = .////////kasper/\\\\\kasper32.exe
O33 - MountPoints2\{5265cf4d-9874-11df-8976-0013208aec27}\Shell\open\command - "" = kasper/////////kasper32.exe
O33 - MountPoints2\{6c4e67ab-68bf-11de-81f9-0013208aec27}\Shell\AutoRun\command - "" = E:\Toshiba\more4you.exe -- File not found
O33 - MountPoints2\{73debc77-9af0-11dc-b64f-0013208aec27}\Shell\AutoRun\command - "" = E:\wd_windows_tools\setup.exe -- File not found
O33 - MountPoints2\{76cde37c-e956-11dd-b6cc-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{76cde37c-e956-11dd-b6cc-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{76cde37c-e956-11dd-b6cc-0013208aec27}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{7e9e5cb7-2a78-11de-81d6-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{7e9e5cb7-2a78-11de-81d6-0013208aec27}\Shell\Auto\command - "" = asp.net
O33 - MountPoints2\{7e9e5cb7-2a78-11de-81d6-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7e9e5ccc-2a78-11de-81d6-0013208aec27}\Shell\AutoRun\command - "" = lc.exe
O33 - MountPoints2\{7e9e5ccc-2a78-11de-81d6-0013208aec27}\Shell\open\Command - "" = lc.exe
O33 - MountPoints2\{911c376b-0bab-11dd-b676-0013208aec27}\Shell\AutoRun\command - "" = 1utbfd.bat
O33 - MountPoints2\{911c376b-0bab-11dd-b676-0013208aec27}\Shell\open\Command - "" = 1utbfd.bat
O33 - MountPoints2\{9454f1fd-2ef2-11dc-b609-0013208aec27}\Shell\Auto\command - "" = sal.xls.exe
O33 - MountPoints2\{9454f1fd-2ef2-11dc-b609-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9d254a51-2fcd-11de-81db-0013208aec27}\Shell\Auto\command - "" = Start.exe
O33 - MountPoints2\{9d254a51-2fcd-11de-81db-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9d254a70-2fcd-11de-81db-0013208aec27}\Shell\AutoRun\command - "" = E:\driver\usb\usb_driver.exe -- File not found
O33 - MountPoints2\{9d254a70-2fcd-11de-81db-0013208aec27}\Shell\open\command - "" = E:\driver\usb\usb_driver.exe -- File not found
O33 - MountPoints2\{addfa9a9-a26b-11dc-b650-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{addfa9a9-a26b-11dc-b650-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{addfa9a9-a26b-11dc-b650-0013208aec27}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{addfa9d5-a26b-11dc-b650-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{addfa9d5-a26b-11dc-b650-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{addfa9d5-a26b-11dc-b650-0013208aec27}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{b188b011-3f38-11dd-b685-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{b188b011-3f38-11dd-b685-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b188b011-3f38-11dd-b685-0013208aec27}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{b188b0da-3f38-11dd-b685-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{b188b0da-3f38-11dd-b685-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b188b0da-3f38-11dd-b685-0013208aec27}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{b293de47-92a4-11dd-b69a-0013208aec27}\Shell\AutoRun\command - "" = wd_windows_tools\setup.exe
O33 - MountPoints2\{b875b817-e77b-11db-b5fa-0013208aec27}\Shell\AutoRun\command - "" = G:\1utbfd.bat -- File not found
O33 - MountPoints2\{b875b817-e77b-11db-b5fa-0013208aec27}\Shell\open\Command - "" = G:\1utbfd.bat -- File not found
O33 - MountPoints2\{bc2d213e-9ce2-11de-822a-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{bc2d213e-9ce2-11de-822a-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{bc2d213e-9ce2-11de-822a-0013208aec27}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{bfd52835-4fa0-11db-b5dd-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{bfd52835-4fa0-11db-b5dd-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c4f8b1f7-9af7-11db-b5ef-0013208aec27}\Shell\Auto\command - "" = RavMonE.exe e
O33 - MountPoints2\{c4f8b1f7-9af7-11db-b5ef-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c5f066f2-fe20-11dc-b671-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{c5f066f2-fe20-11dc-b671-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c5f066f2-fe20-11dc-b671-0013208aec27}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{cd06d8ba-cd82-11dd-b6b7-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{cd06d8ba-cd82-11dd-b6b7-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cd06d8ba-cd82-11dd-b6b7-0013208aec27}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{dcf7aa50-9982-11df-8986-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{dcf7aa50-9982-11df-8986-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{dcf7aa50-9982-11df-8986-0013208aec27}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{e1a35834-5881-11dd-b68a-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{e1a35834-5881-11dd-b68a-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e1a35834-5881-11dd-b68a-0013208aec27}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{e9d12b2e-207f-11de-81ce-0013208aec27}\Shell\Auto\command - "" = Start.exe
O33 - MountPoints2\{e9d12b2e-207f-11de-81ce-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e9d12b2f-207f-11de-81ce-0013208aec27}\Shell\AutoRun\command - "" = F:\wdsync.exe -- File not found
O33 - MountPoints2\{f5acac63-7721-11dd-b691-0013208aec27}\Shell\AutoRun\command - "" = E:\ekugb3.bat -- File not found
O33 - MountPoints2\{f5acac63-7721-11dd-b691-0013208aec27}\Shell\explore\Command - "" = E:\ekugb3.bat -- File not found
O33 - MountPoints2\{f5acac63-7721-11dd-b691-0013208aec27}\Shell\open\Command - "" = E:\ekugb3.bat -- File not found
O33 - MountPoints2\{f6972b72-9b43-11df-899d-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{f6972b72-9b43-11df-899d-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f6972b72-9b43-11df-899d-0013208aec27}\Shell\AutoRun\command - "" = F:\wubi.exe -- File not found
O33 - MountPoints2\{f93e3682-a940-11dc-b651-0013208aec27}\Shell\AutOplay\COMmAND - "" = xkhm.pif
O33 - MountPoints2\{f93e3682-a940-11dc-b651-0013208aec27}\Shell\AutoRun\command - "" = xkhm.pif
O33 - MountPoints2\{f93e3682-a940-11dc-b651-0013208aec27}\Shell\explorE\Command - "" = xkhm.pif
O33 - MountPoints2\{f93e3682-a940-11dc-b651-0013208aec27}\Shell\oPen\coMMAnD - "" = xkhm.pif
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: xcpnsabr - C:\WINDOWS\System32\jmcierk.dll ()
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: SSHNAS - File not found

MsConfig - Services: "DefWatch"
MsConfig - Services: "Symantec AntiVirus"
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe - (Adobe Systems Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk - C:\PROGRA~1\MICROS~2\Office\OSA9.EXE - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^Bridge.EID90^Start Menu^Programs^Startup^LimeWire On Startup.lnk - C:\PROGRA~1\LimeWire\LimeWire.exe - File not found
MsConfig - StartUpReg: [b]5DR8ZAD8GX[/b] - hkey= - key= - C:\DOCUME~1\BRIDGE~1.EID\LOCALS~1\Temp\Fgj.exe File not found
MsConfig - StartUpReg: [b]beuunog[/b] - hkey= - key= - C:\Documents and Settings\Bridge.EID90\beuunog.exe File not found
MsConfig - StartUpReg: [b]ccApp[/b] - hkey= - key= - C:\Program Files\Common Files\Symantec Shared\ccApp.exe File not found
MsConfig - StartUpReg: [b]DS Clock[/b] - hkey= - key= - C:\Program Files\DS Clock\DSClock.exe File not found
MsConfig - StartUpReg: [b]HP Software Update[/b] - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
MsConfig - StartUpReg: [b]jcvex[/b] - hkey= - key= - C:\Documents and Settings\Bridge.EID90\jcvex.exe File not found
MsConfig - StartUpReg: [b]KernelFaultCheck[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]laedu[/b] - hkey= - key= - C:\Documents and Settings\Bridge.EID90\laedu.exe File not found
MsConfig - StartUpReg: [b]Messenger (Yahoo!)[/b] - hkey= - key= - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
MsConfig - StartUpReg: [b]NeroFilterCheck[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]PDF3 Registry Controller[/b] - hkey= - key= - C:\Program Files\ScanSoft\PDF Professional 3.0\RegistryController.exe (ScanSoft, Inc.)
MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\qttask.exe File not found
MsConfig - StartUpReg: [b]roapu[/b] - hkey= - key= - C:\Documents and Settings\Bridge.EID90\roapu.exe File not found
MsConfig - StartUpReg: [b]SSBkgdUpdate[/b] - hkey= - key= - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.)
MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: [b]swg[/b] - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe File not found
MsConfig - StartUpReg: [b]TkBellExe[/b] - hkey= - key= - C:\Program Files\K-Lite Codec Pack\Real\Update_OB\realsched.exe File not found
MsConfig - StartUpReg: [b]toeeqi[/b] - hkey= - key= - C:\Documents and Settings\Bridge.EID90\toeeqi.exe File not found
MsConfig - StartUpReg: [b]tuook[/b] - hkey= - key= - C:\Documents and Settings\Bridge.EID90\tuook.exe File not found
MsConfig - StartUpReg: [b]vptray[/b] - hkey= - key= - C:\PROGRA~1\SYMANT~1\VPTray.exe File not found
MsConfig - StartUpReg: [b]zzzHPSETUP[/b] - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: MsMpSvc - c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: MsMpSvc - c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm - File not found
SafeBootNet: nm.sys - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010/08/08 22:25:28 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/08/08 13:32:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\My Documents\Pobieranie
[2010/08/08 10:56:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Desktop\New Folder
[2010/08/07 17:38:36 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2010/08/07 14:29:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Local Settings\Application Data\Haseeb_Ahmed
[2010/08/07 14:28:23 | 000,000,000 | ---D | C] -- C:\Program Files\MSE Update Utility
[2010/08/06 11:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/08/05 13:57:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\DoctorWeb
[2010/08/05 00:46:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Identities
[2010/08/02 10:37:32 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Bridge.EID90\UserData
[2010/08/01 16:24:48 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010/07/31 21:15:15 | 000,000,000 | ---D | C] -- C:\Program Files\Skype
[2010/07/30 19:11:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Connection
[2010/07/30 01:59:43 | 000,030,536 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2010/07/30 01:59:42 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2010/07/30 01:59:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Application Data\TuneUp Software
[2010/07/30 01:59:09 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2010
[2010/07/30 01:59:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2010/07/30 01:58:35 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010/07/29 22:07:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Application Data\ImgBurn
[2010/07/29 21:42:16 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn
[2010/07/29 21:03:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\DAEMON Tools Images
[2010/07/29 20:49:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Application Data\DAEMON Tools Lite
[2010/07/29 20:49:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/07/29 14:48:45 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/07/29 14:48:44 | 000,000,000 | ---D | C] -- C:\rsit
[2010/07/29 09:59:33 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/07/29 09:59:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/07/27 05:27:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/07/27 05:27:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/07/26 16:14:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/07/26 16:03:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/07/18 22:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\Moffsoft Calculator 2
[2010/07/15 03:25:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Application Data\Feedreader
[2010/07/15 03:25:48 | 000,000,000 | ---D | C] -- C:\Program Files\FeedReader30
[2010/07/14 21:54:28 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/07/12 16:44:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Desktop\HSE docs
[2006/01/02 15:18:27 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\Implode.dll
[2004/11/24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010/08/08 22:22:02 | 000,000,980 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/08 22:12:06 | 000,000,486 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\Shortcut to tmMaster.exe.lnk
[2010/08/08 22:01:00 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/08/08 21:38:36 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-545701781-3224946616-1018453507-1121.job
[2010/08/08 21:38:35 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-545701781-3224946616-1018453507-1121.job
[2010/08/08 20:37:31 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/08 20:37:25 | 000,000,976 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/08 20:37:25 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010/08/08 20:28:46 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/08 20:28:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/08 13:22:56 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2010/08/08 13:22:53 | 018,751,488 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\ntuser.dat
[2010/08/08 13:22:53 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Bridge.EID90\ntuser.ini
[2010/08/08 11:53:00 | 000,000,434 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010/08/08 11:44:41 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/08 11:44:41 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/08/08 04:41:21 | 000,000,164 | ---- | M] () -- C:\WINDOWS\infotech.ini
[2010/08/08 00:16:17 | 000,344,064 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\2 shift Muster list _ Rest Hours 2010.xls
[2010/08/07 23:10:23 | 000,000,789 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/08/07 21:42:55 | 000,000,850 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Application Data\Microsoft\Internet Explorer\Quick Launch\MSE Update Utility.lnk
[2010/08/07 17:38:47 | 000,055,296 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/06 11:52:36 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/08/06 09:51:18 | 000,008,628 | -H-- | M] () -- C:\WINDOWS\System32\zshp1000.GID
[2010/08/06 09:00:01 | 000,000,496 | ---- | M] () -- C:\WINDOWS\tasks\Automatyczna konserwacja.job
[2010/08/04 23:21:59 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\Defraggler Volume C Task.job
[2010/08/01 21:50:20 | 000,000,529 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\POB.lnk
[2010/07/31 15:26:19 | 000,000,431 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\Shortcut to P7300138.JPG.lnk
[2010/07/31 12:26:47 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\skk1r7K.dat
[2010/07/29 20:54:08 | 000,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/07/29 12:13:50 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to WINWORD.lnk
[2010/07/28 22:16:28 | 000,000,170 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Start Menu.lnk
[2010/07/28 22:16:28 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Templates.lnk
[2010/07/28 22:16:28 | 000,000,166 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\UserData.lnk
[2010/07/28 22:16:28 | 000,000,164 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\WINDOWS.lnk
[2010/07/28 22:16:28 | 000,000,158 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\temp.lnk
[2010/07/28 22:16:27 | 000,000,178 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Local Settings.lnk
[2010/07/28 22:16:27 | 000,000,174 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\My Documents.lnk
[2010/07/28 22:16:27 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\PrintHood.lnk
[2010/07/28 22:16:27 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Gadu-Gadu.lnk
[2010/07/28 22:16:27 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Favorites.lnk
[2010/07/28 22:16:27 | 000,000,164 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\NetHood.lnk
[2010/07/28 22:16:27 | 000,000,164 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop.lnk
[2010/07/28 22:16:27 | 000,000,162 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\SendTo.lnk
[2010/07/28 22:16:27 | 000,000,162 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Recent.lnk
[2010/07/28 22:16:26 | 000,000,182 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Application Data.lnk
[2010/07/28 22:16:26 | 000,000,176 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\.housecall6.6.lnk
[2010/07/28 22:16:26 | 000,000,172 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\.thumbnails.lnk
[2010/07/28 22:16:26 | 000,000,164 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Cookies.lnk
[2010/07/28 22:16:26 | 000,000,162 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Citrix.lnk
[2010/07/28 22:16:26 | 000,000,160 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Video.lnk
[2010/07/28 22:16:26 | 000,000,160 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Music.lnk
[2010/07/28 22:16:26 | 000,000,154 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\...lnk
[2010/07/28 22:16:26 | 000,000,152 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\..lnk
[2010/07/28 22:16:25 | 000,000,170 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\New Folder.lnk
[2010/07/28 22:16:25 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Passwords.lnk
[2010/07/28 22:16:25 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Documents.lnk
[2010/07/28 22:16:25 | 000,000,166 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Pictures.lnk
[2010/07/28 09:51:24 | 000,001,167 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/07/28 09:51:24 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/07/28 09:51:24 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/07/27 23:39:05 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\adot.exe
[2010/07/27 13:37:33 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\hoacum.exe
[2010/07/26 23:51:35 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\quanu.exe
[2010/07/26 23:50:18 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\qlus.exe
[2010/07/26 23:45:16 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\railad.exe
[2010/07/26 01:40:10 | 000,076,190 | ---- | M] () -- C:\WINDOWS\hpgins07.dat
[2010/07/26 01:37:26 | 000,076,190 | ---- | M] () -- C:\WINDOWS\hpgins07.dat.temp
[2010/07/26 01:27:57 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmpE1EA6.FOT
[2010/07/26 01:27:57 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmpD4EA6.FOT
[2010/07/26 01:27:57 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmpC7EA6.FOT
[2010/07/26 01:27:57 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmpBBEA6.FOT
[2010/07/26 01:27:57 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp42DA6.FOT
[2010/07/26 01:27:57 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp35DA6.FOT
[2010/07/26 01:27:57 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp0FDA6.FOT
[2010/07/24 02:18:31 | 006,297,520 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\091116_Leo_HTC_Russian_UM.pdf
[2010/07/20 02:09:40 | 000,374,272 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\Muster list _ Rest Hours 2010.xls
[2010/07/12 11:12:30 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\Worker onb-transfer.xls
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010/08/08 22:12:06 | 000,000,486 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Desktop\Shortcut to tmMaster.exe.lnk
[2010/08/08 11:44:41 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/08 11:44:41 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/08/07 23:15:42 | 018,751,488 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\ntuser.dat
[2010/08/07 21:42:55 | 000,000,850 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Application Data\Microsoft\Internet Explorer\Quick Launch\MSE Update Utility.lnk
[2010/08/01 21:50:20 | 000,000,529 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Desktop\POB.lnk
[2010/07/31 15:26:19 | 000,000,431 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Desktop\Shortcut to P7300138.JPG.lnk
[2010/07/30 22:20:45 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\skk1r7K.dat
[2010/07/30 08:57:35 | 000,000,496 | ---- | C] () -- C:\WINDOWS\tasks\Automatyczna konserwacja.job
[2010/07/29 20:54:08 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/07/29 12:13:50 | 000,000,746 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to WINWORD.lnk
[2010/07/28 09:14:56 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-545701781-3224946616-1018453507-1121.job
[2010/07/27 23:39:05 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\adot.exe
[2010/07/27 15:28:58 | 000,000,178 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Local Settings
[2010/07/27 15:28:58 | 000,000,174 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\My Documents
[2010/07/27 15:28:58 | 000,000,170 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Start Menu
[2010/07/27 15:28:58 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Templates
[2010/07/27 15:28:58 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\PrintHood
[2010/07/27 15:28:58 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Gadu-Gadu
[2010/07/27 15:28:58 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Favorites
[2010/07/27 15:28:58 | 000,000,166 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\UserData
[2010/07/27 15:28:58 | 000,000,164 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\WINDOWS
[2010/07/27 15:28:58 | 000,000,164 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\NetHood
[2010/07/27 15:28:58 | 000,000,164 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Desktop
[2010/07/27 15:28:58 | 000,000,164 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Cookies
[2010/07/27 15:28:58 | 000,000,162 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\SendTo
[2010/07/27 15:28:58 | 000,000,162 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Recent
[2010/07/27 15:28:58 | 000,000,162 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Citrix
[2010/07/27 15:28:58 | 000,000,158 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\temp
[2010/07/27 15:28:57 | 000,000,182 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Application Data
[2010/07/27 15:28:57 | 000,000,176 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\.housecall6.6
[2010/07/27 15:28:57 | 000,000,172 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\.thumbnails
[2010/07/27 15:28:57 | 000,000,170 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\New Folder.lnk
[2010/07/27 15:28:57 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Passwords.lnk
[2010/07/27 15:28:57 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Documents.lnk
[2010/07/27 15:28:57 | 000,000,166 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Pictures.lnk
[2010/07/27 15:28:57 | 000,000,160 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Video.lnk
[2010/07/27 15:28:57 | 000,000,160 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Music.lnk
[2010/07/27 15:28:57 | 000,000,154 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\..
[2010/07/27 15:28:57 | 000,000,152 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\.
[2010/07/27 13:37:33 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\hoacum.exe
[2010/07/27 00:50:02 | 000,003,758 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\FDC9456D-1E39-4363-850A-D67DFECC1351.txt
[2010/07/26 23:51:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\quanu.exe
[2010/07/26 23:50:18 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\qlus.exe
[2010/07/26 23:45:16 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\railad.exe
[2010/07/26 16:31:16 | 000,003,758 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Local Settings\Application Data\FDC9456D-1E39-4363-850A-D67DFECC1351.txt
[2010/07/26 15:53:07 | 000,000,434 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2010/07/26 01:37:24 | 000,000,848 | ---- | C] () -- C:\WINDOWS\hpgmdl07.dat.temp
[2010/07/26 01:27:57 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpE1EA6.FOT
[2010/07/26 01:27:57 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpD4EA6.FOT
[2010/07/26 01:27:57 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpC7EA6.FOT
[2010/07/26 01:27:57 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpBBEA6.FOT
[2010/07/26 01:27:57 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp42DA6.FOT
[2010/07/26 01:27:57 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp35DA6.FOT
[2010/07/26 01:27:57 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp0FDA6.FOT
[2010/07/24 02:15:35 | 006,297,520 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Desktop\091116_Leo_HTC_Russian_UM.pdf
[2010/07/12 09:52:01 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Desktop\Worker onb-transfer.xls
[2010/06/03 23:59:18 | 000,233,525 | ---- | C] () -- C:\WINDOWS\System32\isutil.dll
[2010/06/03 23:59:11 | 000,000,271 | ---- | C] () -- C:\WINDOWS\apptune.ini
[2010/04/25 17:49:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\swsystem.dll
[2010/04/09 19:45:05 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/04/09 19:45:03 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/04/09 19:44:51 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010/04/09 19:44:51 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/04/09 19:44:51 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/01/25 15:51:57 | 000,000,091 | ---- | C] () -- C:\WINDOWS\hrconfig.ini
[2009/10/16 07:07:12 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/06/13 10:34:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\AutoRun.INI
[2009/02/02 16:57:17 | 000,000,025 | ---- | C] () -- C:\WINDOWS\USERTK.INI
[2008/12/19 17:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008/12/17 19:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008/12/17 19:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008/12/17 19:22:48 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/12/17 19:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008/12/17 18:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008/12/11 13:27:02 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008/11/04 08:30:27 | 000,000,291 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/08/06 18:03:54 | 000,073,216 | ---- | C] () -- C:\WINDOWS\System32\see32.dll
[2008/07/13 15:51:23 | 000,000,012 | ---- | C] () -- C:\WINDOWS\System32\winxdpr3.dll
[2008/07/03 17:05:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\geotrans2.INI
[2008/05/16 18:36:57 | 000,000,197 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/12/22 17:18:04 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\cmabout.dll
[2007/12/22 17:18:04 | 000,010,229 | ---- | C] () -- C:\WINDOWS\System32\cmdiag.ini
[2007/12/22 17:18:04 | 000,000,142 | ---- | C] () -- C:\WINDOWS\System32\cmabout.ini
[2007/12/01 17:52:18 | 000,000,391 | R--- | C] () -- C:\WINDOWS\hpw1000k.ini
[2007/12/01 17:49:16 | 000,016,954 | ---- | C] () -- C:\WINDOWS\hpbj1000.ini
[2007/10/07 20:31:52 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\adistres.dll
[2007/08/25 17:48:18 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\mchInjDrv.sys
[2007/08/22 15:24:25 | 000,000,222 | ---- | C] () -- C:\WINDOWS\VOGEL.INI
[2007/04/11 01:54:09 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2007/02/19 15:12:22 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\chksvrn.dll
[2006/11/11 08:31:44 | 000,000,099 | ---- | C] () -- C:\WINDOWS\notesnsd.ini
[2006/10/16 19:12:58 | 000,025,088 | ---- | C] () -- C:\WINDOWS\System32\HOTFLDR.DLL
[2006/10/11 09:05:00 | 000,000,023 | ---- | C] () -- C:\WINDOWS\ZDPLUSSEARCH.INI
[2006/07/29 17:14:28 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI
[2006/07/25 20:47:34 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A6W.INI
[2006/07/25 20:47:27 | 000,000,198 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2006/07/25 12:29:32 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\hlinkprx.dll
[2006/07/25 12:29:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[2006/05/26 01:57:16 | 000,000,096 | ---- | C] () -- C:\WINDOWS\VPPLAYS.INI
[2006/04/21 17:00:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2006/02/03 07:45:05 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/01/21 17:51:53 | 000,042,379 | ---- | C] () -- C:\WINDOWS\convfac.ini
[2006/01/21 17:51:53 | 000,014,775 | ---- | C] () -- C:\WINDOWS\convit.ini
[2006/01/02 15:18:58 | 000,000,928 | ---- | C] () -- C:\WINDOWS\tmmaster.INI
[2006/01/02 15:18:58 | 000,000,164 | ---- | C] () -- C:\WINDOWS\infotech.ini
[2006/01/02 15:18:46 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2006/01/02 15:18:29 | 000,000,042 | ---- | C] () -- C:\WINDOWS\tmfull.ini
[2006/01/02 15:18:27 | 000,748,160 | ---- | C] () -- C:\WINDOWS\System32\Co2c40en.dll
[2005/12/12 14:05:42 | 000,026,784 | ---- | C] () -- C:\WINDOWS\uflfinra.dll
[2005/12/12 14:05:42 | 000,024,592 | ---- | C] () -- C:\WINDOWS\uflsamp1.dll
[2005/12/12 14:05:42 | 000,022,704 | ---- | C] () -- C:\WINDOWS\uflbar.dll
[2005/12/12 14:05:42 | 000,018,240 | ---- | C] () -- C:\WINDOWS\ufldts.dll
[2005/12/12 14:05:42 | 000,014,400 | ---- | C] () -- C:\WINDOWS\uf5dts.dll
[2005/12/12 14:05:35 | 000,000,069 | ---- | C] () -- C:\WINDOWS\RETSAMMT.DLL
[2005/12/08 15:21:10 | 000,000,043 | ---- | C] () -- C:\WINDOWS\hpfccopy.INI
[2005/12/06 22:41:17 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI
[2005/12/03 15:27:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2005/12/02 19:20:13 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\acdbres.dll
[2005/12/02 19:17:07 | 000,001,156 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/12/02 19:17:06 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2005/12/02 19:17:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2005/12/02 19:06:45 | 000,000,044 | ---- | C] () -- C:\WINDOWS\lotus.ini
[2005/11/28 12:32:53 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/11/28 08:40:00 | 000,157,184 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2005/11/25 16:02:39 | 000,014,336 | R--- | C] () -- C:\WINDOWS\SIVI64.sys
[2005/11/25 16:02:39 | 000,009,728 | R--- | C] () -- C:\WINDOWS\SIVX64.sys
[2005/11/25 16:02:39 | 000,008,576 | R--- | C] () -- C:\WINDOWS\SIVX32.sys
[2005/11/25 16:02:39 | 000,007,810 | R--- | C] () -- C:\WINDOWS\SIVNT4.sys
[2005/11/25 16:02:39 | 000,003,904 | R--- | C] () -- C:\WINDOWS\GWIOPM.SYS
[2005/11/25 16:02:30 | 000,008,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\SIVX32.SYS
[2005/11/25 16:00:24 | 000,000,750 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/10/21 15:05:33 | 000,000,029 | ---- | C] () -- C:\WINDOWS\hrdir.ini
[2005/04/12 15:53:10 | 000,372,736 | ---- | C] () -- C:\WINDOWS\System32\hpzidi01.dll
[2005/03/28 16:14:38 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2004/10/03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004/08/04 14:00:00 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\jmcierk.dll.bak
[2004/08/04 14:00:00 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\jmcierk.dll
[2004/04/27 01:29:58 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll

[color=#E56717]========== LOP Check ==========[/color]

[2009/08/07 19:05:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\19784374
[2010/07/29 09:59:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2007/08/23 01:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ArcaBit
[2009/03/27 13:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CherSoft
[2010/07/29 20:49:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2005/12/28 10:48:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2010/04/17 19:26:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2006/10/11 09:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2008/09/29 02:50:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2009/03/16 04:45:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2008/09/29 02:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/07/30 01:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2008/05/09 03:42:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/10/11 09:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\zeon
[2010/07/30 01:58:35 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2009/08/29 21:08:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Auslogics
[2008/04/17 12:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\CherSoft
[2010/07/29 21:05:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\DAEMON Tools Lite
[2007/11/09 04:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\EuroTalk
[2010/07/15 03:25:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Feedreader
[2009/01/29 18:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Gadu-Gadu
[2008/04/19 19:34:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\gtk-2.0
[2008/01/24 04:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\ICAClient
[2010/07/29 22:34:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\ImgBurn
[2007/10/07 20:29:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\InterTrust
[2007/08/25 03:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\KeySafe
[2010/04/28 22:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\MSA
[2007/02/22 11:58:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\MSNInstaller
[2008/05/19 18:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Opera
[2009/02/25 09:19:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Password Solutions
[2009/08/03 21:14:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\STA
[2008/03/10 11:12:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\TeamViewer
[2010/07/30 01:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\TuneUp Software
[2008/05/09 02:07:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Viewpoint
[2006/10/11 09:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Zeon
[2009/07/12 10:21:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\STA
[2009/07/12 09:18:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\STA
[2010/08/08 11:53:00 | 000,000,434 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2010/08/06 09:00:01 | 000,000,496 | ---- | M] () -- C:\WINDOWS\Tasks\Automatyczna konserwacja.job
[2010/08/04 23:21:59 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\Defraggler Volume C Task.job
[2010/08/08 20:37:25 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2010/08/08 22:01:00 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2005/11/25 15:56:41 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/07/28 09:51:24 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2005/11/25 15:56:41 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2007/12/04 17:51:57 | 000,000,081 | ---- | M] () -- C:\CTX.DAT
[2000/12/13 10:28:42 | 000,030,068 | ---- | M] () -- C:\FIXKRIZ.EXE
[2007/04/11 01:54:14 | 000,001,119 | ---- | M] () -- C:\INSTALL.LOG
[2005/11/25 15:56:41 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/05/05 02:34:26 | 000,007,572 | ---- | M] () -- C:\mksbasel.cpp.log
[2005/11/25 15:56:41 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/10/03 16:54:57 | 000,250,048 | -HS- | M] () -- C:\ntldr
[2010/08/08 20:28:37 | 1997,537,280 | -HS- | M] () -- C:\pagefile.sys
[2001/05/24 13:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE

[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2010/05/29 19:28:13 | 000,038,400 | ---- | M] ()(C:\Documents and Settings\Bridge.EID90\My Documents\??????? SIA SB PLUSS.doc) -- C:\Documents and Settings\Bridge.EID90\My Documents\Магазин SIA SB PLUSS.doc
[2010/05/29 19:28:12 | 000,038,400 | ---- | C] ()(C:\Documents and Settings\Bridge.EID90\My Documents\??????? SIA SB PLUSS.doc) -- C:\Documents and Settings\Bridge.EID90\My Documents\Магазин SIA SB PLUSS.doc

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0F8F5844
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Bridge.EID90\Desktop\tmMaster.exe:SummaryInformation
@Alternate Data Stream - 5157 bytes -> C:\Documents and Settings\Bridge.EID90\(l:§'dn€
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5BB923A2
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:44DAF2F1
< End of report >
[/log]
[log]
Logfile of random's system information tool 1.08 (written by random/random)
Run by Bridge at 2010-08-08 22:35:29
Microsoft Windows XP Professional Service Pack 3
System drive C: has 50 GB (66%) free of 76 GB
Total RAM: 1271 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:37:11, on 08/08/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\system32\HPZipm12.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\CherSoft\TTService\TTService.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Seagull\STA33\DbamSQLAgent.exe
C:\Program Files\Seagull\STA33\Sta.Importer.Service.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\MSE Update Utility\MSE Update Utility.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Connection\Phone\miccon.exe
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Bridge.EID90\Desktop\Bridge\1st Off\Tomek\priv\System\RSIT.exe
C:\Program Files\trend micro\Bridge.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll
O2 - BHO: (no name) - {FDC9456D-1E39-4363-850A-D67DFECC1351} - c:\windows\system32\jmcierk.dll (file missing)
O3 - Toolbar: LimeWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
O4 - HKLM\..\Run: [MSE Update Utility] C:\Program Files\MSE Update Utility\MSE Update Utility.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O8 - Extra context menu item: &Search - ?p=ZRxdm427YYNO
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with Scansoft PDF Converter 3.0 - res://C:\Program Files\ScanSoft\PDF Professional 3.0\IEShellExt.dll /100
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = EID90.FORC
O17 - HKLM\Software\..\Telephony: DomainName = EID90.FORC
O17 - HKLM\System\CCS\Services\Tcpip\..\{F01DD29E-94AB-4740-9BB0-07C7D340029B}: NameServer = 10.0.90.3
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = EID90.FORC
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = EID90.FORC
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcaBit.Core.Configurator - Unknown owner - C:\Program Files\ArcaBit\Common\ArcaBit.Core.Configurator2.exe (file missing)
O23 - Service: Google Update Service (gupdate1ca48fef46c63a7) (gupdate1ca48fef46c63a7) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe (file missing)
O23 - Service: Hotspot Shield Helper Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sta Dbam SqlAgent (SEAGULL2005) (Sta.Dbam.SqlAgent$SEAGULL2005) - Unknown owner - C:\Program Files\Seagull\STA33\DbamSQLAgent.exe
O23 - Service: Sta Importer Service (Sta.Importer.Service) - Unknown owner - C:\Program Files\Seagull\STA33\Sta.Importer.Service.exe
O23 - Service: TTService - UK Hydrographic Office and Chersoft Ltd - C:\Program Files\Common Files\CherSoft\TTService\TTService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O24 - Desktop Component 0: (no name) - http://by127fd.bay127.hotmail.msn.com/cgi-bin/getmsg?&msg=CD22971B-211B-4F7B-8337-C01DBE49780C&start=0&len=615942&curmbox=00000000-0000-0000-0000-000000000001&a=a148a9eb7def75ab0fc6023ae685cf1f74dff6f533ad256dbc488df2f2fc9bad&mimepart=9
O24 - Desktop Component 1: (no name) - http://by127fd.bay127.hotmail.msn.com/cgi-bin/getmsg?&msg=CD22971B-211B-4F7B-8337-C01DBE49780C&start=0&len=615942&curmbox=00000000-0000-0000-0000-000000000001&a=a148a9eb7def75ab0fc6023ae685cf1f74dff6f533ad256dbc488df2f2fc9bad&mimepart=14
O24 - Desktop Component 2: (no name) - http://www.skipsfarts-forum.net/download.php?action=img&iid=18457
O24 - Desktop Component 3: (no name) - file:///C:/DOCUME~1/BRIDGE~1.EID/LOCALS~1/Temp/msoclip1/01/clip_image002.jpg

--
End of file - 10624 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\Automatyczna konserwacja.job
C:\WINDOWS\tasks\Defraggler Volume C Task.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\OGALogon.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-545701781-3224946616-1018453507-1121.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-545701781-3224946616-1018453507-1121.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-04-09 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
LimeWire Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-03-28 1196936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - C:\Program Files\Hotspot Shield\hssie\HssIE.dll [2009-03-18 204248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDC9456D-1E39-4363-850A-D67DFECC1351}]
c:\windows\system32\jmcierk.dll [2004-08-04 101376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - LimeWire Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-03-28 1196936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-10-14 14864384]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"Synchronization Manager"=C:\WINDOWS\system32\mobsync.exe [2008-04-14 143360]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2009-09-13 1048392]
"MSE Update Utility"=C:\Program Files\MSE Update Utility\MSE Update Utility.exe [2009-11-27 608256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\5DR8ZAD8GX]
C:\DOCUME~1\BRIDGE~1.EID\LOCALS~1\Temp\Fgj.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beuunog]
C:\Documents and Settings\Bridge.EID90\beuunog.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
C:\Program Files\Common Files\Symantec Shared\ccApp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DS Clock]
C:\Program Files\DS Clock\DSClock.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-05-11 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\jcvex]
C:\Documents and Settings\Bridge.EID90\jcvex.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\laedu]
C:\Documents and Settings\Bridge.EID90\laedu.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe [2010-04-29 5248312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF3 Registry Controller]
C:\Program Files\ScanSoft\PDF Professional 3.0\\RegistryController.exe [2005-04-29 106496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\roapu]
C:\Documents and Settings\Bridge.EID90\roapu.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-09-30 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\K-Lite Codec Pack\Real\Update_OB\realsched.exe -osboot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toeeqi]
C:\Documents and Settings\Bridge.EID90\toeeqi.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tuook]
C:\Documents and Settings\Bridge.EID90\tuook.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vptray]
C:\PROGRA~1\SYMANT~1\VPTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zzzHPSETUP]
D:\Setup.exe \RESET []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]
C:\PROGRA~1\Adobe\ACROBA~2.0\Distillr\AcroTray.exe [2001-03-15 49254]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2004-11-04 258048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqthb08.exe [2005-05-12 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE -b -l []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Bridge.EID90^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
C:\PROGRA~1\LimeWire\LimeWire.exe -startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"DefWatch"=2
"Symantec AntiVirus"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2005-06-23 43712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=0xFFFFFFFF

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Connection\Phone\miccon.exe"="C:\Program Files\Microsoft Connection\Phone\miccon.exe:*:Enabled:miccon"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe"="C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe:*:Disabled:Toolbox for HP Printing System for Windows"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Hewlett-Packard\HP Business Inkjet 1000\Toolbox\HPWTTBX.exe"="C:\Program Files\Hewlett-Packard\HP Business Inkjet 1000\Toolbox\HPWTTBX.exe:*:Disabled:Toolbox for HP Printing System for Windows"
"C:\Program Files\Password Solutions\Office Password Recovery PRO\OfficePasswordRecoveryPRO.exe"="C:\Program Files\Password Solutions\Office Password Recovery PRO\OfficePasswordRecoveryPRO.exe:*:Enabled:Office Password Recovery PRO"
"C:\Nautisk\Neptune\client\Neptune.exe"="C:\Nautisk\Neptune\client\Neptune.exe:*:Enabled:Neptune"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Microsoft Connection\Phone\miccon.exe"="C:\Program Files\Microsoft Connection\Phone\miccon.exe:*:Enabled:miccon"

======List of files/folders created in the last 1 months======

2010-08-08 22:25:28 ----D---- C:\_OTL
2010-08-07 22:48:00 ----A---- C:\WINDOWS\system32\drivers\ISAPNP.SYS
2010-08-07 17:38:36 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2010-08-07 14:28:23 ----D---- C:\Program Files\MSE Update Utility
2010-08-06 11:59:21 ----D---- C:\Program Files\Microsoft Security Essentials
2010-08-01 16:24:48 ----RASHD---- C:\autorun.inf
2010-07-31 21:15:15 ----D---- C:\Program Files\Skype
2010-07-30 19:11:43 ----D---- C:\Program Files\Microsoft Connection
2010-07-30 01:59:43 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2010-07-30 01:59:42 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2010-07-30 01:59:21 ----D---- C:\Documents and Settings\Bridge.EID90\Application Data\TuneUp Software
2010-07-30 01:59:09 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-07-30 01:59:02 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2010-07-30 01:58:35 ----SHD---- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-07-29 22:07:23 ----D---- C:\Documents and Settings\Bridge.EID90\Application Data\ImgBurn
2010-07-29 21:42:16 ----D---- C:\Program Files\ImgBurn
2010-07-29 20:54:08 ----A---- C:\WINDOWS\system32\drivers\sptd.sys
2010-07-29 20:49:36 ----D---- C:\Documents and Settings\Bridge.EID90\Application Data\DAEMON Tools Lite
2010-07-29 20:49:33 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
2010-07-29 14:48:45 ----D---- C:\Program Files\trend micro
2010-07-29 14:48:44 ----D---- C:\rsit
2010-07-29 09:59:33 ----D---- C:\Program Files\Alwil Software
2010-07-29 09:59:33 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
2010-07-29 03:09:17 ----A---- C:\WINDOWS\ModemLog_Communications cable between two computers.txt
2010-07-18 22:24:42 ----D---- C:\Program Files\Moffsoft Calculator 2
2010-07-15 03:25:54 ----D---- C:\Documents and Settings\Bridge.EID90\Application Data\Feedreader
2010-07-15 03:25:48 ----D---- C:\Program Files\FeedReader30
2010-07-15 01:44:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$

======List of files/folders modified in the last 1 months======

2010-08-08 22:35:34 ----D---- C:\WINDOWS\Prefetch
2010-08-08 22:33:17 ----D---- C:\WINDOWS\system32
2010-08-08 22:33:15 ----D---- C:\WINDOWS\Temp
2010-08-08 22:04:11 ----D---- C:\Program Files\Common Files\System
2010-08-08 21:38:35 ----SD---- C:\WINDOWS\Tasks
2010-08-08 21:38:12 ----D---- C:\Documents and Settings\Bridge.EID90\Application Data\Skype
2010-08-08 20:37:35 ----D---- C:\WINDOWS\system32\Lang
2010-08-08 20:30:41 ----SHD---- C:\System Volume Information
2010-08-08 20:30:41 ----D---- C:\WINDOWS\system32\Restore
2010-08-08 20:29:08 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-08 20:28:46 ----SHD---- C:\WINDOWS\CSC
2010-08-08 15:44:20 ----D---- C:\WINDOWS\security
2010-08-08 13:22:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-08 12:23:56 ----AC---- C:\WINDOWS\ntbtlog.txt
2010-08-08 11:44:46 ----D---- C:\Documents and Settings\Bridge.EID90\Application Data\Mozilla
2010-08-08 11:44:40 ----D---- C:\Program Files\Mozilla Firefox
2010-08-08 04:44:51 ----SHD---- C:\WINDOWS\Installer
2010-08-08 04:44:51 ----HD---- C:\Config.Msi
2010-08-08 04:44:51 ----D---- C:\WINDOWS
2010-08-08 04:41:21 ----A---- C:\WINDOWS\infotech.ini
2010-08-07 23:27:36 ----HD---- C:\WINDOWS\inf
2010-08-07 23:20:33 ----D---- C:\WINDOWS\system32\config
2010-08-07 23:20:09 ----D---- C:\WINDOWS\system32\wbem
2010-08-07 23:20:09 ----D---- C:\WINDOWS\Registration
2010-08-07 23:10:23 ----D---- C:\WINDOWS\system32\drivers\etc
2010-08-07 23:08:22 ----D---- C:\WINDOWS\system32\drivers
2010-08-07 14:28:23 ----RD---- C:\Program Files
2010-08-06 11:59:28 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-08-05 19:59:39 ----SHD---- C:\Documents and Settings
2010-08-05 19:55:41 ----A---- C:\WINDOWS\OEWABLog.txt
2010-07-31 21:17:19 ----D---- C:\Program Files\hp LaserJet 1000
2010-07-31 21:15:33 ----D---- C:\Program Files\QuickTime
2010-07-31 15:41:45 ----D---- C:\Program Files\ZipCentral
2010-07-31 13:20:09 ----RSD---- C:\WINDOWS\Fonts
2010-07-30 21:28:59 ----D---- C:\Documents and Settings\Bridge.EID90\Application Data\skypePM
2010-07-30 03:03:35 ----D---- C:\TempEI4
2010-07-30 03:03:27 ----D---- C:\TEMP
2010-07-30 03:00:52 ----D---- C:\Downloads
2010-07-30 00:13:46 ----D---- C:\Program Files\Yahoo!
2010-07-30 00:13:46 ----D---- C:\Documents and Settings\Bridge.EID90\Application Data\Yahoo!
2010-07-30 00:13:46 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2010-07-29 23:52:31 ----D---- C:\Program Files\Common Files
2010-07-29 10:16:52 ----D---- C:\Program Files\Windows Media Player
2010-07-29 10:06:26 ----D---- C:\WINDOWS\WinSxS
2010-07-29 03:09:40 ----D---- C:\WINDOWS\system32\ias
2010-07-28 09:51:24 ----ASH---- C:\boot.ini
2010-07-28 09:51:24 ----A---- C:\WINDOWS\win.ini
2010-07-28 09:51:24 ----A---- C:\WINDOWS\system.ini
2010-07-28 09:16:29 ----D---- C:\Documents and Settings\Bridge.EID90\Application Data\U3
2010-07-27 12:44:58 ----D---- C:\Program Files\Google
2010-07-23 12:02:39 ----SD---- C:\Documents and Settings\Bridge.EID90\Application Data\Microsoft
2010-07-15 01:44:07 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-15 01:42:52 ----HD---- C:\WINDOWS\$hf_mig$
2010-07-15 01:42:13 ----D---- C:\Program Files\Common Files\Microsoft Shared

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-01-26 20576]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-07-29 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R0 yflnahwe;yflnahwe; C:\WINDOWS\system32\drivers\yflnahwe.sys [2004-08-04 23424]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2009-06-18 142832]
R2 Par1284;Par1284; \??\C:\Program Files\HP DesignJet 500PS\Program\Par1284.sys []
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2005-06-13 162816]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HssDrv;Hotspot Shield Helper Miniport; C:\WINDOWS\system32\DRIVERS\HssDrv.sys [2009-02-05 31704]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-10-18 4034048]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
R3 tapvpn;TAP VPN Adapter; C:\WINDOWS\system32\DRIVERS\tapvpn.sys [2008-01-23 27136]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 BthEnum;Bluetooth Enumerator Service; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Bluetooth Modem Communications Driver; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 cpuz132;cpuz132; \??\C:\DOCUME~1\BRIDGE~1.EID\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys []
S3 cxbu0wdm;CardMan 3x21; C:\WINDOWS\system32\DRIVERS\cxbu0wdm.sys [2007-02-28 91008]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-12-14 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-12-14 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-12-14 21744]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SIVDRIVER;SIV Kernel Driver; \??\C:\WINDOWS\system32\Drivers\SIVX32.SYS []
S3 SMCWPCIT;SMCWPCIT-G 108Mbps Wireless PCI adapter Service; C:\WINDOWS\system32\DRIVERS\SMCWPCIT.sys []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 UXDCMN;UXDCMN; \??\D:\UXDCMN.SYS []
S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [2006-02-20 58288]
S3 w810mgmt;Sony Ericsson W810 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w810mgmt.sys [2006-02-20 85408]
S3 wlanndi5;wlanndi5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\wlanndi5.SYS []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WUDFRd;WUDFRd; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2006-09-28 82944]
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 HssSrv;Hotspot Shield Helper Service; C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe [2009-02-05 117208]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2009-07-02 17904]
R2 MSSQL$SEAGULL2005;SQL Server (SEAGULL2005); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 Sta.Dbam.SqlAgent$SEAGULL2005;Sta Dbam SqlAgent (SEAGULL2005); C:\Program Files\Seagull\STA33\DbamSQLAgent.exe [2009-07-12 90112]
R2 Sta.Importer.Service;Sta Importer Service; C:\Program Files\Seagull\STA33\Sta.Importer.Service.exe [2008-05-06 20480]
R2 TTService;TTService; C:\Program Files\Common Files\CherSoft\TTService\TTService.exe [2008-10-20 329216]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-06-15 1051976]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 xcpnsabr;Terminal Device Support; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 gupdate1ca48fef46c63a7;Google Update Service (gupdate1ca48fef46c63a7); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-09 133104]
S2 HotspotShieldService;Hotspot Shield Service; C:\Program Files\Hotspot Shield\bin\openvpnas.exe []
S3 ArcaBit.Core.Configurator;ArcaBit.Core.Configurator; C:\Program Files\ArcaBit\Common\ArcaBit.Core.Configurator2.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-30 138168]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-07-30 435016]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe []
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe []
S4 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe []

-----------------EOF-----------------
[/log]

Sohei
komentarz
komentarz

[code]:Processes
Explorer.exe



:OTL

[2010/07/26 01:27:57 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmpE1EA6.FOT
[2010/07/26 01:27:57 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmpD4EA6.FOT
[2010/07/26 01:27:57 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmpC7EA6.FOT
[2010/07/26 01:27:57 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmpBBEA6.FOT
[2010/07/26 01:27:57 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp42DA6.FOT
[2010/07/26 01:27:57 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp35DA6.FOT
[2010/07/26 01:27:57 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp0FDA6.FOT



:files
C:\WINDOWS\hpgins07.dat.temp
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\hpgmdl07.dat.temp
C:\WINDOWS\System32\zshp1000.GID
C:\WINDOWS\hpgins07.dat.temp
C:\Documents and Settings\All Users\Application Data\skk1r7K.dat

C:\Documents and Settings\Bridge.EID90\adot.exe
C:\Documents and Settings\Bridge.EID90\hoacum.exe
C:\Documents and Settings\Bridge.EID90\quanu.exe
C:\Documents and Settings\Bridge.EID90\qlus.exe
C:\Documents and Settings\Bridge.EID90\railad.exe
C:\Documents and Settings\Bridge.EID90\hoacum.exe

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]
Wklejasz to do OTL w białe okienko i klikasz run fix.
Wykonaj pełny skan [url=http://dobreprogramy.pl/index.php?dz=2&id=1998][b]DR WEB CureIt[/b][/url]
Wykonaj pełny skan[url=http://www.dobreprogramy.pl/Malwarebytes-AntiMalware,Program,Windows,13117.html][b]MBAM[/b][/url]
Co znajda usun po czym daj logi z usuwania + nowy log OTL

  • Dobra wypowiedź 1
klimek1313
komentarz
komentarz

DRWEB (dziwny jakis, zapisal w excelu):
[log]
yflnahwe.sys;C:\WINDOWS\system32\drivers;Trojan.NtRootKit.1652;Deleted.;
nircmd.exe;C:\WINDOWS\system32\STA;Tool.NirCmd.1;Deleted.;
[/log]

z mbama mam dwa bo mi przerwalo:
[log]
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4411

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

09/08/2010 20:40:46
mbam-log-2010-08-09 (20-40-46).txt

Scan type: Quick scan
Objects scanned: 0
Time elapsed: 9 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fdc9456d-1e39-4363-850a-d67dfecc1351} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fdc9456d-1e39-4363-850a-d67dfecc1351} (Trojan.BHO.H) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\WINDOWS\system32\jmcierk.dll (Trojan.BHO.H) -> Delete on reboot.
[/log]
[log]
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4411

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

09/08/2010 22:41:33
mbam-log-2010-08-09 (22-41-33).txt

Scan type: Full scan (C:\|)
Objects scanned: 245521
Time elapsed: 1 hour(s), 0 minute(s), 7 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 16
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 2
Files Infected: 10

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{56acb669-4139-5611-cbba-f5acb0f4db09} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\5DR8ZAD8GX (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WORT (Trojan.Vilsel) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\TG0PTF86JH (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\uid (Malware.Trace) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Documents and Settings\All Users\Application Data\19784374 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec (Stolen.data) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\Windows Media Player\run.exe (Trojan.CryptRun) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\19784374\19784374 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\user.ds.lll (Stolen.data) -> Quarantined and deleted successfully.
C:\WINDOWS\9g2234wesdf3dfgjf23 (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\WINDOWS\f23567.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\WINDOWS\Help\kfdtk.chm (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\t55ft2668f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\WINDOWS\t55ft3105f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
[/log]
i koncowy OTL:
[log]
OTL logfile created on: 09/08/2010 22:47:49 - Run 3
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Bridge.EID90\Desktop\Bridge\1st Off\Tomek\priv\System
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 46.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): C:\pagefile.sys 1905 1905 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 50.22 Gb Free Space | 67.40% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 48.83 Gb Total Space | 32.76 Gb Free Space | 67.10% Space Free | Partition Type: NTFS
Drive J: | 48.83 Gb Total Space | 32.76 Gb Free Space | 67.10% Space Free | Partition Type: NTFS

Computer Name: BRIDGEPC_FORC
Current User Name: Bridge
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010/07/29 11:51:21 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bridge.EID90\Desktop\Bridge\1st Off\Tomek\priv\System\OTL.exe
PRC - [2010/06/15 15:05:58 | 000,719,688 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010/06/15 15:04:28 | 001,051,976 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2010/01/16 05:18:19 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/11/27 08:43:12 | 000,608,256 | ---- | M] (Haseeb Ahmed) -- C:\Program Files\MSE Update Utility\MSE Update Utility.exe
PRC - [2009/09/13 19:52:50 | 001,048,392 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2009/08/06 20:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
PRC - [2009/07/12 10:21:20 | 000,090,112 | ---- | M] () -- C:\Program Files\Seagull\STA33\DbamSQLAgent.exe
PRC - [2009/07/02 18:36:52 | 000,203,800 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MpCmdRun.exe
PRC - [2009/07/02 18:36:52 | 000,203,800 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\MpCmdRun.exe
PRC - [2009/07/02 18:36:52 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/05/27 04:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2009/03/09 06:19:15 | 000,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/02/06 13:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2009/02/05 23:56:14 | 000,117,208 | ---- | M] (AnchorFree Inc.) -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2008/11/24 23:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008/11/24 23:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2008/10/20 15:00:46 | 000,329,216 | ---- | M] (UK Hydrographic Office and Chersoft Ltd) -- C:\Program Files\Common Files\CherSoft\TTService\TTService.exe
PRC - [2008/05/06 10:09:26 | 000,020,480 | ---- | M] () -- C:\Program Files\Seagull\STA33\Sta.Importer.Service.exe
PRC - [2008/04/14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008/04/14 02:12:36 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008/04/14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008/04/14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2008/04/14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008/04/14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008/04/14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008/04/14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008/04/14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008/04/14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008/04/14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [BTHSVCS]
PRC - [2008/04/14 02:12:33 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scardsvr.exe
PRC - [2008/04/14 02:12:33 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008/04/14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008/04/14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 02:12:16 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008/04/14 02:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008/04/14 02:12:12 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007/01/04 23:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 23:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2005/10/14 17:51:40 | 014,864,384 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2005/09/20 10:32:24 | 000,077,824 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2004/09/29 13:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2001/10/24 08:25:58 | 000,212,992 | ---- | M] () -- C:\Program Files\Hewlett-Packard\LaserJet All-in-one\hppdirector.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010/07/29 11:51:21 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bridge.EID90\Desktop\Bridge\1st Off\Tomek\priv\System\OTL.exe
MOD - [2009/12/08 11:23:28 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009/06/25 10:25:26 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009/04/15 16:51:25 | 000,585,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2009/03/21 16:06:58 | 000,989,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009/02/09 14:10:48 | 000,714,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2009/02/09 14:10:48 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008/10/23 14:36:14 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008/06/17 21:02:19 | 008,461,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008/04/14 05:42:06 | 000,985,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008/04/14 02:12:51 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2008/04/14 02:12:45 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008/04/14 02:12:08 | 000,727,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008/04/14 02:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008/04/14 02:12:08 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008/04/14 02:12:08 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008/04/14 02:12:07 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008/04/14 02:12:03 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008/04/14 02:12:02 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008/04/14 02:12:02 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008/04/14 02:12:02 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008/04/14 02:12:01 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008/04/14 02:11:58 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008/04/14 02:11:54 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008/04/14 02:11:53 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008/04/14 02:11:51 | 000,792,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008/04/14 02:11:51 | 000,276,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008/04/14 02:11:50 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008/04/14 02:11:49 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008/04/14 02:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008/04/14 02:10:06 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\jmcierk.dll -- (xcpnsabr) Sony USB Filter (SONYPVU1)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe -- (HotspotShieldService)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\ArcaBit\Common\ArcaBit.Core.Configurator2.exe -- (ArcaBit.Core.Configurator)
SRV - [2010/07/30 01:59:40 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010/06/15 15:04:28 | 001,051,976 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010/06/15 15:01:36 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009/07/12 10:21:20 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Seagull\STA33\DbamSQLAgent.exe -- (Sta.Dbam.SqlAgent$SEAGULL2005) Sta Dbam SqlAgent (SEAGULL2005)
SRV - [2009/07/02 18:36:52 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/05/27 04:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$SEAGULL2005) SQL Server (SEAGULL2005)
SRV - [2009/02/05 23:56:14 | 000,117,208 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2008/11/24 23:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008/11/24 23:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008/11/24 23:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008/10/20 15:00:46 | 000,329,216 | ---- | M] (UK Hydrographic Office and Chersoft Ltd) [Auto | Running] -- C:\Program Files\Common Files\CherSoft\TTService\TTService.exe -- (TTService)
SRV - [2008/05/06 10:09:26 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Seagull\STA33\Sta.Importer.Service.exe -- (Sta.Importer.Service)
SRV - [2007/01/04 23:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2004/09/29 13:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- D:\UXDCMN.SYS -- (UXDCMN)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\SMCWPCIT.sys -- (SMCWPCIT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\BRIDGE~1.EID\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - [2010/07/29 20:54:08 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/02/25 12:18:08 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/06/18 19:48:04 | 000,142,832 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2009/02/05 23:55:12 | 000,031,704 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hssdrv.sys -- (HssDrv)
DRV - [2008/12/06 20:01:20 | 000,102,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2008/04/13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/01/23 23:25:32 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tapvpn.sys -- (tapvpn)
DRV - [2007/02/28 08:38:22 | 000,091,008 | ---- | M] (OMNIKEY) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cxbu0wdm.sys -- (cxbu0wdm)
DRV - [2006/02/20 18:59:34 | 000,085,408 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810mgmt.sys -- (w810mgmt) Sony Ericsson W810 USB WMC Device Management Drivers (WDM)
DRV - [2006/02/20 18:59:27 | 000,058,288 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810bus.sys -- (w810bus) Sony Ericsson W810 Driver driver (WDM)
DRV - [2005/10/18 13:15:42 | 004,034,048 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/09/24 12:10:24 | 000,008,576 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SIVX32.SYS -- (SIVDRIVER)
DRV - [2005/01/07 17:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/04/21 17:51:00 | 000,016,384 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\wlanndi5.sys -- (wlanndi5)
DRV - [2000/09/09 17:20:26 | 000,047,328 | ---- | M] (Warp Nine Engineering) [Kernel | Auto | Running] -- C:\Program Files\HP DesignJet 500PS\Program\Par1284.sys -- (Par1284)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1

FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/04/09 19:04:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/08 11:44:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/08 11:44:37 | 000,000,000 | ---D | M]

[2010/08/08 11:44:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Mozilla\Extensions
[2010/05/03 04:19:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/08/08 14:34:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Mozilla\Firefox\Profiles\xzyv9j9u.default\extensions
[2010/08/08 12:07:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Bridge.EID90\Application Data\Mozilla\Firefox\Profiles\xzyv9j9u.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/08 14:34:47 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Bridge.EID90\Application Data\Mozilla\Firefox\Profiles\xzyv9j9u.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/08/08 14:34:50 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/12/17 08:13:05 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla(2).org
[2010/01/16 03:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010/01/16 03:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010/01/16 03:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010/01/16 03:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010/01/16 03:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010/01/16 03:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010/08/07 23:10:23 | 000,000,789 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll File not found
O2 - BHO: (no name) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\..\Toolbar\WebBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [HP AutoIndexer] C:\Program Files\Hewlett-Packard\LaserJet All-in-one\hppautoindexer.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP SchedIndexer] C:\Program Files\Hewlett-Packard\LaserJet All-in-one\hppschedindexer.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPLJ Config] C:\Program Files\Hewlett-Packard\LaserJet All-in-one\hppcfg.exe ()
O4 - HKLM..\Run: [MSE Update Utility] C:\Program Files\MSE Update Utility\MSE Update Utility.exe (Haseeb Ahmed)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP LaserJet Director.lnk = C:\Program Files\Hewlett-Packard\LaserJet All-in-one\hppdirector.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: Open with Scansoft PDF Converter 3.0 - C:\Program Files\ScanSoft\PDF Professional 3.0\IEShellExt.dll (ScanSoft, Inc.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - Reg Error: Key error. File not found
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - Reg Error: Key error. File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = EID90.FORC
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop Components:0 () - http://by127fd.bay127.hotmail.msn.com/cgi-bin/getmsg?&msg=CD22971B-211B-4F7B-8337-C01DBE49780C&start=0&len=615942&curmbox=00000000-0000-0000-0000-000000000001&a=a148a9eb7def75ab0fc6023ae685cf1f74dff6f533ad256dbc488df2f2fc9bad&mimepart=9
O24 - Desktop Components:1 () - http://by127fd.bay127.hotmail.msn.com/cgi-bin/getmsg?&msg=CD22971B-211B-4F7B-8337-C01DBE49780C&start=0&len=615942&curmbox=00000000-0000-0000-0000-000000000001&a=a148a9eb7def75ab0fc6023ae685cf1f74dff6f533ad256dbc488df2f2fc9bad&mimepart=14
O24 - Desktop Components:2 () - http://www.skipsfarts-forum.net/download.php?action=img&iid=18457
O24 - Desktop Components:3 () - file:///C:/DOCUME~1/BRIDGE~1.EID/LOCALS~1/Temp/msoclip1/01/clip_image002.jpg
O24 - Desktop Components:4 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Bridge.EID90\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Bridge.EID90\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/11/25 15:56:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/08/01 16:24:48 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{0f6cf4b0-86f3-11db-b5ed-0013208aec27}\Shell\Auto\command - "" = RavMonE.exe e
O33 - MountPoints2\{0f6cf4b0-86f3-11db-b5ed-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1270781c-c8a2-11da-b5b7-0013208aec27}\Shell\AutoRun\command - "" = setupSNK.exe
O33 - MountPoints2\{2cc55784-04eb-11de-81b2-0013208aec27}\Shell\AutoRun\command - "" = dbrxubcw.com
O33 - MountPoints2\{2cc55784-04eb-11de-81b2-0013208aec27}\Shell\open\Command - "" = dbrxubcw.com
O33 - MountPoints2\{2cc557d7-04eb-11de-81b2-0013208aec27}\Shell\AutoRun\command - "" = E:\setupSNK.exe -- File not found
O33 - MountPoints2\{44169f9f-50cd-11de-81eb-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{44169f9f-50cd-11de-81eb-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{44169f9f-50cd-11de-81eb-0013208aec27}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{525607c5-bcf7-11dd-b6ad-0013208aec27}\Shell\AutoRun\command - "" = 1utbfd.bat
O33 - MountPoints2\{525607c5-bcf7-11dd-b6ad-0013208aec27}\Shell\open\Command - "" = 1utbfd.bat
O33 - MountPoints2\{5265cf4d-9874-11df-8976-0013208aec27}\Shell\AutoRun\command - "" = kasper/kasper32.exe
O33 - MountPoints2\{5265cf4d-9874-11df-8976-0013208aec27}\Shell\explore\command - "" = .////////kasper/\\\\\kasper32.exe
O33 - MountPoints2\{5265cf4d-9874-11df-8976-0013208aec27}\Shell\open\command - "" = kasper/////////kasper32.exe
O33 - MountPoints2\{6c4e67ab-68bf-11de-81f9-0013208aec27}\Shell\AutoRun\command - "" = E:\Toshiba\more4you.exe -- File not found
O33 - MountPoints2\{73debc77-9af0-11dc-b64f-0013208aec27}\Shell\AutoRun\command - "" = E:\wd_windows_tools\setup.exe -- File not found
O33 - MountPoints2\{76cde37c-e956-11dd-b6cc-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{76cde37c-e956-11dd-b6cc-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{76cde37c-e956-11dd-b6cc-0013208aec27}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{7e9e5cb7-2a78-11de-81d6-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{7e9e5cb7-2a78-11de-81d6-0013208aec27}\Shell\Auto\command - "" = asp.net
O33 - MountPoints2\{7e9e5cb7-2a78-11de-81d6-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7e9e5ccc-2a78-11de-81d6-0013208aec27}\Shell\AutoRun\command - "" = lc.exe
O33 - MountPoints2\{7e9e5ccc-2a78-11de-81d6-0013208aec27}\Shell\open\Command - "" = lc.exe
O33 - MountPoints2\{911c376b-0bab-11dd-b676-0013208aec27}\Shell\AutoRun\command - "" = 1utbfd.bat
O33 - MountPoints2\{911c376b-0bab-11dd-b676-0013208aec27}\Shell\open\Command - "" = 1utbfd.bat
O33 - MountPoints2\{9454f1fd-2ef2-11dc-b609-0013208aec27}\Shell\Auto\command - "" = sal.xls.exe
O33 - MountPoints2\{9454f1fd-2ef2-11dc-b609-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9d254a51-2fcd-11de-81db-0013208aec27}\Shell\Auto\command - "" = Start.exe
O33 - MountPoints2\{9d254a51-2fcd-11de-81db-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9d254a70-2fcd-11de-81db-0013208aec27}\Shell\AutoRun\command - "" = E:\driver\usb\usb_driver.exe -- File not found
O33 - MountPoints2\{9d254a70-2fcd-11de-81db-0013208aec27}\Shell\open\command - "" = E:\driver\usb\usb_driver.exe -- File not found
O33 - MountPoints2\{addfa9a9-a26b-11dc-b650-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{addfa9a9-a26b-11dc-b650-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{addfa9a9-a26b-11dc-b650-0013208aec27}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{addfa9d5-a26b-11dc-b650-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{addfa9d5-a26b-11dc-b650-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{addfa9d5-a26b-11dc-b650-0013208aec27}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{b188b011-3f38-11dd-b685-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{b188b011-3f38-11dd-b685-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b188b011-3f38-11dd-b685-0013208aec27}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{b188b0da-3f38-11dd-b685-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{b188b0da-3f38-11dd-b685-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b188b0da-3f38-11dd-b685-0013208aec27}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{b293de47-92a4-11dd-b69a-0013208aec27}\Shell\AutoRun\command - "" = wd_windows_tools\setup.exe
O33 - MountPoints2\{b875b817-e77b-11db-b5fa-0013208aec27}\Shell\AutoRun\command - "" = G:\1utbfd.bat -- File not found
O33 - MountPoints2\{b875b817-e77b-11db-b5fa-0013208aec27}\Shell\open\Command - "" = G:\1utbfd.bat -- File not found
O33 - MountPoints2\{bc2d213e-9ce2-11de-822a-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{bc2d213e-9ce2-11de-822a-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{bc2d213e-9ce2-11de-822a-0013208aec27}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{bfd52835-4fa0-11db-b5dd-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{bfd52835-4fa0-11db-b5dd-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c4f8b1f7-9af7-11db-b5ef-0013208aec27}\Shell\Auto\command - "" = RavMonE.exe e
O33 - MountPoints2\{c4f8b1f7-9af7-11db-b5ef-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c5f066f2-fe20-11dc-b671-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{c5f066f2-fe20-11dc-b671-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c5f066f2-fe20-11dc-b671-0013208aec27}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{cd06d8ba-cd82-11dd-b6b7-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{cd06d8ba-cd82-11dd-b6b7-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cd06d8ba-cd82-11dd-b6b7-0013208aec27}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{dcf7aa50-9982-11df-8986-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{dcf7aa50-9982-11df-8986-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{dcf7aa50-9982-11df-8986-0013208aec27}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{e1a35834-5881-11dd-b68a-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{e1a35834-5881-11dd-b68a-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e1a35834-5881-11dd-b68a-0013208aec27}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{e9d12b2e-207f-11de-81ce-0013208aec27}\Shell\Auto\command - "" = Start.exe
O33 - MountPoints2\{e9d12b2e-207f-11de-81ce-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e9d12b2f-207f-11de-81ce-0013208aec27}\Shell\AutoRun\command - "" = F:\wdsync.exe -- File not found
O33 - MountPoints2\{f5acac63-7721-11dd-b691-0013208aec27}\Shell\AutoRun\command - "" = E:\ekugb3.bat -- File not found
O33 - MountPoints2\{f5acac63-7721-11dd-b691-0013208aec27}\Shell\explore\Command - "" = E:\ekugb3.bat -- File not found
O33 - MountPoints2\{f5acac63-7721-11dd-b691-0013208aec27}\Shell\open\Command - "" = E:\ekugb3.bat -- File not found
O33 - MountPoints2\{f6972b72-9b43-11df-899d-0013208aec27}\Shell - "" = AutoRun
O33 - MountPoints2\{f6972b72-9b43-11df-899d-0013208aec27}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f6972b72-9b43-11df-899d-0013208aec27}\Shell\AutoRun\command - "" = F:\wubi.exe -- File not found
O33 - MountPoints2\{f93e3682-a940-11dc-b651-0013208aec27}\Shell\AutOplay\COMmAND - "" = xkhm.pif
O33 - MountPoints2\{f93e3682-a940-11dc-b651-0013208aec27}\Shell\AutoRun\command - "" = xkhm.pif
O33 - MountPoints2\{f93e3682-a940-11dc-b651-0013208aec27}\Shell\explorE\Command - "" = xkhm.pif
O33 - MountPoints2\{f93e3682-a940-11dc-b651-0013208aec27}\Shell\oPen\coMMAnD - "" = xkhm.pif
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: xcpnsabr - C:\WINDOWS\System32\jmcierk.dll File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: SSHNAS - File not found

MsConfig - Services: "DefWatch"
MsConfig - Services: "Symantec AntiVirus"
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe - (Adobe Systems Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk - C:\PROGRA~1\MICROS~2\Office\OSA9.EXE - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^Bridge.EID90^Start Menu^Programs^Startup^LimeWire On Startup.lnk - C:\PROGRA~1\LimeWire\LimeWire.exe - File not found
MsConfig - StartUpReg: [b]5DR8ZAD8GX[/b] - hkey= - key= - C:\DOCUME~1\BRIDGE~1.EID\LOCALS~1\Temp\Fgj.exe File not found
MsConfig - StartUpReg: [b]beuunog[/b] - hkey= - key= - C:\Documents and Settings\Bridge.EID90\beuunog.exe File not found
MsConfig - StartUpReg: [b]ccApp[/b] - hkey= - key= - C:\Program Files\Common Files\Symantec Shared\ccApp.exe File not found
MsConfig - StartUpReg: [b]DS Clock[/b] - hkey= - key= - C:\Program Files\DS Clock\DSClock.exe File not found
MsConfig - StartUpReg: [b]HP Software Update[/b] - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
MsConfig - StartUpReg: [b]igfxpers[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]igfxtray[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]jcvex[/b] - hkey= - key= - C:\Documents and Settings\Bridge.EID90\jcvex.exe File not found
MsConfig - StartUpReg: [b]KernelFaultCheck[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]laedu[/b] - hkey= - key= - C:\Documents and Settings\Bridge.EID90\laedu.exe File not found
MsConfig - StartUpReg: [b]Messenger (Yahoo!)[/b] - hkey= - key= - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
MsConfig - StartUpReg: [b]NeroFilterCheck[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]PDF3 Registry Controller[/b] - hkey= - key= - C:\Program Files\ScanSoft\PDF Professional 3.0\RegistryController.exe (ScanSoft, Inc.)
MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\qttask.exe File not found
MsConfig - StartUpReg: [b]roapu[/b] - hkey= - key= - C:\Documents and Settings\Bridge.EID90\roapu.exe File not found
MsConfig - StartUpReg: [b]SSBkgdUpdate[/b] - hkey= - key= - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.)
MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: [b]swg[/b] - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe File not found
MsConfig - StartUpReg: [b]Synchronization Manager[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]TkBellExe[/b] - hkey= - key= - C:\Program Files\K-Lite Codec Pack\Real\Update_OB\realsched.exe File not found
MsConfig - StartUpReg: [b]toeeqi[/b] - hkey= - key= - C:\Documents and Settings\Bridge.EID90\toeeqi.exe File not found
MsConfig - StartUpReg: [b]tuook[/b] - hkey= - key= - C:\Documents and Settings\Bridge.EID90\tuook.exe File not found
MsConfig - StartUpReg: [b]vptray[/b] - hkey= - key= - C:\PROGRA~1\SYMANT~1\VPTray.exe File not found
MsConfig - StartUpReg: [b]zzzHPSETUP[/b] - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: MsMpSvc - c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: MsMpSvc - c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm - File not found
SafeBootNet: nm.sys - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010/08/09 20:16:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Application Data\Malwarebytes
[2010/08/09 20:16:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/08/09 20:16:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/08/09 20:16:42 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/08/09 20:16:42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/09 19:52:53 | 000,000,000 | ---D | C] -- C:\My Documents
[2010/08/09 19:51:24 | 000,317,952 | ---- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\roboex32.dll
[2010/08/09 19:48:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010/08/08 22:25:28 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/08/08 13:32:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\My Documents\Pobieranie
[2010/08/07 14:29:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Local Settings\Application Data\Haseeb_Ahmed
[2010/08/07 14:28:23 | 000,000,000 | ---D | C] -- C:\Program Files\MSE Update Utility
[2010/08/06 11:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/08/05 13:57:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\DoctorWeb
[2010/08/05 00:46:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Identities
[2010/08/02 10:37:32 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Bridge.EID90\UserData
[2010/08/01 16:24:48 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010/07/31 21:15:15 | 000,000,000 | ---D | C] -- C:\Program Files\Skype
[2010/07/30 19:11:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Connection
[2010/07/30 01:59:43 | 000,030,536 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2010/07/30 01:59:42 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2010/07/30 01:59:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Application Data\TuneUp Software
[2010/07/30 01:59:09 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2010
[2010/07/30 01:59:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2010/07/30 01:58:35 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010/07/29 22:07:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Application Data\ImgBurn
[2010/07/29 21:42:16 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn
[2010/07/29 21:03:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\DAEMON Tools Images
[2010/07/29 20:49:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Application Data\DAEMON Tools Lite
[2010/07/29 20:49:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/07/29 14:48:45 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/07/29 14:48:44 | 000,000,000 | ---D | C] -- C:\rsit
[2010/07/29 09:59:33 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/07/29 09:59:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/07/27 05:27:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/07/27 05:27:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/07/26 16:14:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/07/26 16:03:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/07/18 22:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\Moffsoft Calculator 2
[2010/07/15 03:25:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Application Data\Feedreader
[2010/07/15 03:25:48 | 000,000,000 | ---D | C] -- C:\Program Files\FeedReader30
[2010/07/12 16:44:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Desktop\HSE docs
[2010/07/09 19:31:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Desktop\VF OM
[2010/07/04 21:53:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Desktop\Riser Inspection
[2010/06/29 13:47:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Desktop\Rigging and Lifting Equipment Certs
[2010/06/28 07:17:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\My Documents\HSE REPORTS
[2010/06/27 23:01:57 | 000,000,000 | ---D | C] -- C:\Program Files\Leksykonia
[2010/06/19 20:00:05 | 000,000,000 | ---D | C] -- C:\Lotus
[2010/06/19 17:52:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Desktop\JOB LIST TO BE DONE DURING SHIPYARD
[2006/01/02 15:18:27 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\Implode.dll
[2004/11/24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010/08/09 22:43:52 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/09 22:43:52 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-545701781-3224946616-1018453507-1121.job
[2010/08/09 22:43:50 | 000,000,976 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/09 22:43:50 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010/08/09 22:43:27 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/09 22:43:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/09 22:42:25 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2010/08/09 22:42:21 | 018,751,488 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\ntuser.dat
[2010/08/09 22:42:21 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Bridge.EID90\ntuser.ini
[2010/08/09 22:22:00 | 000,000,980 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/09 22:01:00 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/08/09 19:54:09 | 000,000,838 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP LaserJet Director.lnk
[2010/08/09 19:53:53 | 000,001,416 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/08/09 19:53:53 | 000,000,659 | ---- | M] () -- C:\WINDOWS\FMTMSAM.INI
[2010/08/09 19:53:35 | 000,000,168 | ---- | M] () -- C:\WINDOWS\hpbafd.ini
[2010/08/09 19:48:36 | 000,000,608 | -HS- | M] () -- C:\WINDOWS\System32\winzvprt5.sys
[2010/08/09 18:28:49 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/08/09 18:28:48 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/08/09 17:11:05 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-545701781-3224946616-1018453507-1121.job
[2010/08/09 06:08:37 | 000,000,164 | ---- | M] () -- C:\WINDOWS\infotech.ini
[2010/08/08 23:35:46 | 000,616,258 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/08 23:35:46 | 000,507,322 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/08 23:35:46 | 000,097,566 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/08 11:44:41 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/08 11:44:41 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/08/08 00:16:17 | 000,344,064 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\2 shift Muster list _ Rest Hours 2010.xls
[2010/08/07 23:10:23 | 000,000,789 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/08/07 21:42:55 | 000,000,850 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Application Data\Microsoft\Internet Explorer\Quick Launch\MSE Update Utility.lnk
[2010/08/07 17:38:47 | 000,055,296 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/06 11:52:36 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/08/06 09:00:01 | 000,000,496 | ---- | M] () -- C:\WINDOWS\tasks\Automatyczna konserwacja.job
[2010/08/04 23:21:59 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\Defraggler Volume C Task.job
[2010/08/01 21:50:20 | 000,000,529 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\POB.lnk
[2010/07/29 20:54:08 | 000,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/07/29 12:13:50 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to WINWORD.lnk
[2010/07/28 22:16:28 | 000,000,170 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Start Menu.lnk
[2010/07/28 22:16:28 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Templates.lnk
[2010/07/28 22:16:28 | 000,000,166 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\UserData.lnk
[2010/07/28 22:16:28 | 000,000,164 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\WINDOWS.lnk
[2010/07/28 22:16:28 | 000,000,158 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\temp.lnk
[2010/07/28 22:16:27 | 000,000,178 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Local Settings.lnk
[2010/07/28 22:16:27 | 000,000,174 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\My Documents.lnk
[2010/07/28 22:16:27 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\PrintHood.lnk
[2010/07/28 22:16:27 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Gadu-Gadu.lnk
[2010/07/28 22:16:27 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Favorites.lnk
[2010/07/28 22:16:27 | 000,000,164 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\NetHood.lnk
[2010/07/28 22:16:27 | 000,000,164 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop.lnk
[2010/07/28 22:16:27 | 000,000,162 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\SendTo.lnk
[2010/07/28 22:16:27 | 000,000,162 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Recent.lnk
[2010/07/28 22:16:26 | 000,000,182 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Application Data.lnk
[2010/07/28 22:16:26 | 000,000,176 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\.housecall6.6.lnk
[2010/07/28 22:16:26 | 000,000,172 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\.thumbnails.lnk
[2010/07/28 22:16:26 | 000,000,164 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Cookies.lnk
[2010/07/28 22:16:26 | 000,000,162 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Citrix.lnk
[2010/07/28 22:16:26 | 000,000,160 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Video.lnk
[2010/07/28 22:16:26 | 000,000,160 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Music.lnk
[2010/07/28 22:16:26 | 000,000,154 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\...lnk
[2010/07/28 22:16:26 | 000,000,152 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\..lnk
[2010/07/28 22:16:25 | 000,000,170 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\New Folder.lnk
[2010/07/28 22:16:25 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Passwords.lnk
[2010/07/28 22:16:25 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Documents.lnk
[2010/07/28 22:16:25 | 000,000,166 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Pictures.lnk
[2010/07/26 01:40:10 | 000,076,190 | ---- | M] () -- C:\WINDOWS\hpgins07.dat
[2010/07/24 02:18:31 | 006,297,520 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\091116_Leo_HTC_Russian_UM.pdf
[2010/07/20 02:09:40 | 000,374,272 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\Muster list _ Rest Hours 2010.xls
[2010/07/12 11:12:30 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\Worker onb-transfer.xls
[2010/07/08 10:46:21 | 000,082,944 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\My Documents\Ocean going logo.doc
[2010/07/01 12:12:57 | 000,000,029 | ---- | M] () -- C:\WINDOWS\hrdir.ini
[2010/06/28 08:10:08 | 000,032,256 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\My Documents\Safety Template.doc
[2010/06/26 07:20:49 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\crew declaratn 2.xls
[2010/06/25 16:31:58 | 000,030,720 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\crew declaration.xls
[2010/06/23 09:37:43 | 000,033,792 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\personnel Data 4 SPM.29-04-10..xls
[2010/06/21 19:03:15 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\My Documents\gms liferafts.doc
[2010/06/21 06:31:37 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\My Documents\Current color.doc
[2010/06/19 20:20:03 | 000,000,451 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\Shortcut to Lotus on Viking Forcados (Forc).lnk
[2010/06/19 20:03:01 | 000,000,562 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\Lotus Notes.lnk
[2010/06/19 20:00:31 | 000,000,995 | ---- | M] () -- C:\WINDOWS\System32\notespis.inf
[2010/06/19 20:00:30 | 000,000,044 | ---- | M] () -- C:\WINDOWS\lotus.ini
[2010/06/18 08:07:16 | 000,744,448 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\My Documents\femi.doc
[2010/06/17 10:31:28 | 000,004,566 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/06/16 03:41:45 | 000,300,440 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/15 15:06:42 | 000,030,536 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2010/06/15 15:01:36 | 000,030,024 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2010/06/14 15:30:32 | 001,446,565 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\My Documents\delivery paper.pdf

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010/08/09 20:07:47 | 000,000,838 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP LaserJet Director.lnk
[2010/08/09 19:53:52 | 000,000,659 | ---- | C] () -- C:\WINDOWS\FMTMSAM.INI
[2010/08/09 19:53:28 | 000,000,168 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2010/08/09 19:52:45 | 000,000,019 | ---- | C] () -- C:\WINDOWS\hppsi_indexbase.dat
[2010/08/09 19:52:06 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\irisco32.dll
[2010/08/09 19:51:31 | 000,343,040 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2010/08/09 19:51:31 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2010/08/09 19:51:11 | 000,000,033 | ---- | C] () -- C:\WINDOWS\hppLangChoice.ini
[2010/08/09 19:48:36 | 000,000,608 | -HS- | C] () -- C:\WINDOWS\System32\winzvprt5.sys
[2010/08/08 11:44:41 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/08 11:44:41 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/08/07 23:15:42 | 018,751,488 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\ntuser.dat
[2010/08/07 21:42:55 | 000,000,850 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Application Data\Microsoft\Internet Explorer\Quick Launch\MSE Update Utility.lnk
[2010/08/01 21:50:20 | 000,000,529 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Desktop\POB.lnk
[2010/07/30 08:57:35 | 000,000,496 | ---- | C] () -- C:\WINDOWS\tasks\Automatyczna konserwacja.job
[2010/07/29 20:54:08 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/07/29 12:13:50 | 000,000,746 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to WINWORD.lnk
[2010/07/28 09:14:56 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-545701781-3224946616-1018453507-1121.job
[2010/07/27 15:28:58 | 000,000,178 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Local Settings
[2010/07/27 15:28:58 | 000,000,174 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\My Documents
[2010/07/27 15:28:58 | 000,000,170 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Start Menu
[2010/07/27 15:28:58 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Templates
[2010/07/27 15:28:58 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\PrintHood
[2010/07/27 15:28:58 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Gadu-Gadu
[2010/07/27 15:28:58 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Favorites
[2010/07/27 15:28:58 | 000,000,166 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\UserData
[2010/07/27 15:28:58 | 000,000,164 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\WINDOWS
[2010/07/27 15:28:58 | 000,000,164 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\NetHood
[2010/07/27 15:28:58 | 000,000,164 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Desktop
[2010/07/27 15:28:58 | 000,000,164 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Cookies
[2010/07/27 15:28:58 | 000,000,162 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\SendTo
[2010/07/27 15:28:58 | 000,000,162 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Recent
[2010/07/27 15:28:58 | 000,000,162 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Citrix
[2010/07/27 15:28:58 | 000,000,158 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\temp
[2010/07/27 15:28:57 | 000,000,182 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Application Data
[2010/07/27 15:28:57 | 000,000,176 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\.housecall6.6
[2010/07/27 15:28:57 | 000,000,172 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\.thumbnails
[2010/07/27 15:28:57 | 000,000,170 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\New Folder.lnk
[2010/07/27 15:28:57 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Passwords.lnk
[2010/07/27 15:28:57 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Documents.lnk
[2010/07/27 15:28:57 | 000,000,166 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Pictures.lnk
[2010/07/27 15:28:57 | 000,000,160 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Video.lnk
[2010/07/27 15:28:57 | 000,000,160 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Music.lnk
[2010/07/27 15:28:57 | 000,000,154 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\..
[2010/07/27 15:28:57 | 000,000,152 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\.
[2010/07/27 00:50:02 | 000,003,758 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\FDC9456D-1E39-4363-850A-D67DFECC1351.txt
[2010/07/26 16:31:16 | 000,003,758 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Local Settings\Application Data\FDC9456D-1E39-4363-850A-D67DFECC1351.txt
[2010/07/24 02:15:35 | 006,297,520 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Desktop\091116_Leo_HTC_Russian_UM.pdf
[2010/07/12 09:52:01 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Desktop\Worker onb-transfer.xls
[2010/07/08 10:46:21 | 000,082,944 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\My Documents\Ocean going logo.doc
[2010/06/28 06:50:16 | 000,032,256 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\My Documents\Safety Template.doc
[2010/06/26 07:20:49 | 000,016,896 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Desktop\crew declaratn 2.xls
[2010/06/25 09:40:34 | 000,030,720 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Desktop\crew declaration.xls
[2010/06/21 19:03:15 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\My Documents\gms liferafts.doc
[2010/06/21 06:31:37 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\My Documents\Current color.doc
[2010/06/19 20:03:01 | 000,000,562 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Desktop\Lotus Notes.lnk
[2010/06/19 19:50:09 | 000,000,451 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Desktop\Shortcut to Lotus on Viking Forcados (Forc).lnk
[2010/06/18 08:07:16 | 000,744,448 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\My Documents\femi.doc
[2010/06/14 15:30:26 | 001,446,565 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\My Documents\delivery paper.pdf
[2010/06/03 23:59:18 | 000,233,525 | ---- | C] () -- C:\WINDOWS\System32\isutil.dll
[2010/06/03 23:59:11 | 000,000,271 | ---- | C] () -- C:\WINDOWS\apptune.ini
[2010/04/25 17:49:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\swsystem.dll
[2010/04/09 19:45:05 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/04/09 19:45:03 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/04/09 19:44:51 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010/04/09 19:44:51 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/04/09 19:44:51 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/01/25 15:51:57 | 000,000,091 | ---- | C] () -- C:\WINDOWS\hrconfig.ini
[2009/10/16 07:07:12 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/06/13 10:34:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\AutoRun.INI
[2009/02/02 16:57:17 | 000,000,025 | ---- | C] () -- C:\WINDOWS\USERTK.INI
[2008/12/19 17:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008/12/17 19:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008/12/17 19:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008/12/17 19:22:48 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/12/17 19:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008/12/17 18:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008/12/11 13:27:02 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008/11/04 08:30:27 | 000,000,291 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/08/06 18:03:54 | 000,073,216 | ---- | C] () -- C:\WINDOWS\System32\see32.dll
[2008/07/13 15:51:23 | 000,000,012 | ---- | C] () -- C:\WINDOWS\System32\winxdpr3.dll
[2008/07/03 17:05:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\geotrans2.INI
[2008/05/16 18:36:57 | 000,000,197 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/12/22 17:18:04 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\cmabout.dll
[2007/12/22 17:18:04 | 000,010,229 | ---- | C] () -- C:\WINDOWS\System32\cmdiag.ini
[2007/12/22 17:18:04 | 000,000,142 | ---- | C] () -- C:\WINDOWS\System32\cmabout.ini
[2007/12/01 17:52:18 | 000,000,391 | R--- | C] () -- C:\WINDOWS\hpw1000k.ini
[2007/12/01 17:49:16 | 000,016,954 | ---- | C] () -- C:\WINDOWS\hpbj1000.ini
[2007/10/07 20:31:52 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\adistres.dll
[2007/08/25 17:48:18 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\mchInjDrv.sys
[2007/08/22 15:24:25 | 000,000,222 | ---- | C] () -- C:\WINDOWS\VOGEL.INI
[2007/04/11 01:54:09 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2007/03/16 17:00:00 | 000,003,403 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2007/02/19 15:12:22 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\chksvrn.dll
[2006/11/11 08:31:44 | 000,000,099 | ---- | C] () -- C:\WINDOWS\notesnsd.ini
[2006/10/16 19:12:58 | 000,025,088 | ---- | C] () -- C:\WINDOWS\System32\HOTFLDR.DLL
[2006/10/11 09:05:00 | 000,000,023 | ---- | C] () -- C:\WINDOWS\ZDPLUSSEARCH.INI
[2006/07/29 17:14:28 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI
[2006/07/25 20:47:34 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A6W.INI
[2006/07/25 20:47:27 | 000,000,198 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2006/07/25 12:29:32 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\hlinkprx.dll
[2006/07/25 12:29:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[2006/05/26 01:57:16 | 000,000,096 | ---- | C] () -- C:\WINDOWS\VPPLAYS.INI
[2006/04/21 17:00:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2006/02/03 07:45:05 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/01/21 17:51:53 | 000,042,379 | ---- | C] () -- C:\WINDOWS\convfac.ini
[2006/01/21 17:51:53 | 000,014,775 | ---- | C] () -- C:\WINDOWS\convit.ini
[2006/01/02 15:18:58 | 000,000,928 | ---- | C] () -- C:\WINDOWS\tmmaster.INI
[2006/01/02 15:18:58 | 000,000,164 | ---- | C] () -- C:\WINDOWS\infotech.ini
[2006/01/02 15:18:46 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2006/01/02 15:18:29 | 000,000,042 | ---- | C] () -- C:\WINDOWS\tmfull.ini
[2006/01/02 15:18:27 | 000,748,160 | ---- | C] () -- C:\WINDOWS\System32\Co2c40en.dll
[2005/12/12 14:05:42 | 000,026,784 | ---- | C] () -- C:\WINDOWS\uflfinra.dll
[2005/12/12 14:05:42 | 000,024,592 | ---- | C] () -- C:\WINDOWS\uflsamp1.dll
[2005/12/12 14:05:42 | 000,022,704 | ---- | C] () -- C:\WINDOWS\uflbar.dll
[2005/12/12 14:05:42 | 000,018,240 | ---- | C] () -- C:\WINDOWS\ufldts.dll
[2005/12/12 14:05:42 | 000,014,400 | ---- | C] () -- C:\WINDOWS\uf5dts.dll
[2005/12/12 14:05:35 | 000,000,069 | ---- | C] () -- C:\WINDOWS\RETSAMMT.DLL
[2005/12/08 15:21:10 | 000,000,043 | ---- | C] () -- C:\WINDOWS\hpfccopy.INI
[2005/12/06 22:41:17 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI
[2005/12/03 15:27:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2005/12/02 19:20:13 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\acdbres.dll
[2005/12/02 19:17:07 | 000,001,156 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/12/02 19:17:06 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2005/12/02 19:17:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2005/12/02 19:06:45 | 000,000,044 | ---- | C] () -- C:\WINDOWS\lotus.ini
[2005/11/28 12:32:53 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/11/28 08:40:00 | 000,157,184 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2005/11/25 16:02:39 | 000,014,336 | R--- | C] () -- C:\WINDOWS\SIVI64.sys
[2005/11/25 16:02:39 | 000,009,728 | R--- | C] () -- C:\WINDOWS\SIVX64.sys
[2005/11/25 16:02:39 | 000,008,576 | R--- | C] () -- C:\WINDOWS\SIVX32.sys
[2005/11/25 16:02:39 | 000,007,810 | R--- | C] () -- C:\WINDOWS\SIVNT4.sys
[2005/11/25 16:02:39 | 000,003,904 | R--- | C] () -- C:\WINDOWS\GWIOPM.SYS
[2005/11/25 16:02:30 | 000,008,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\SIVX32.SYS
[2005/11/25 16:00:24 | 000,000,750 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/10/21 15:05:33 | 000,000,029 | ---- | C] () -- C:\WINDOWS\hrdir.ini
[2005/04/12 15:53:10 | 000,372,736 | ---- | C] () -- C:\WINDOWS\System32\hpzidi01.dll
[2005/03/28 16:14:38 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2004/10/03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004/04/27 01:29:58 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010/07/29 09:59:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2007/08/23 01:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ArcaBit
[2009/03/27 13:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CherSoft
[2010/07/29 20:49:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2005/12/28 10:48:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2010/04/17 19:26:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2006/10/11 09:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2008/09/29 02:50:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2009/03/16 04:45:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2008/09/29 02:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/07/30 01:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2008/05/09 03:42:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/10/11 09:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\zeon
[2010/07/30 01:58:35 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2009/08/29 21:08:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Auslogics
[2008/04/17 12:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\CherSoft
[2010/07/29 21:05:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\DAEMON Tools Lite
[2007/11/09 04:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\EuroTalk
[2010/07/15 03:25:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Feedreader
[2009/01/29 18:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Gadu-Gadu
[2008/04/19 19:34:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\gtk-2.0
[2008/01/24 04:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\ICAClient
[2010/07/29 22:34:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\ImgBurn
[2007/10/07 20:29:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\InterTrust
[2007/08/25 03:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\KeySafe
[2010/04/28 22:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\MSA
[2007/02/22 11:58:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\MSNInstaller
[2008/05/19 18:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Opera
[2009/02/25 09:19:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Password Solutions
[2009/08/03 21:14:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\STA
[2008/03/10 11:12:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\TeamViewer
[2010/07/30 01:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\TuneUp Software
[2008/05/09 02:07:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Viewpoint
[2006/10/11 09:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Zeon
[2009/07/12 10:21:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\STA
[2009/07/12 09:18:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\STA
[2010/08/06 09:00:01 | 000,000,496 | ---- | M] () -- C:\WINDOWS\Tasks\Automatyczna konserwacja.job
[2010/08/04 23:21:59 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\Defraggler Volume C Task.job
[2010/08/09 22:43:50 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2010/08/09 22:01:00 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2005/11/25 15:56:41 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/08/09 18:28:49 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2005/11/25 15:56:41 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2007/12/04 17:51:57 | 000,000,081 | ---- | M] () -- C:\CTX.DAT
[2000/12/13 10:28:42 | 000,030,068 | ---- | M] () -- C:\FIXKRIZ.EXE
[2007/04/11 01:54:14 | 000,001,119 | ---- | M] () -- C:\INSTALL.LOG
[2005/11/25 15:56:41 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/08/09 20:01:36 | 000,000,000 | ---- | M] () -- C:\Log.txt
[2009/05/05 02:34:26 | 000,007,572 | ---- | M] () -- C:\mksbasel.cpp.log
[2005/11/25 15:56:41 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/10/03 16:54:57 | 000,250,048 | -HS- | M] () -- C:\ntldr
[2010/08/09 22:43:19 | 1997,537,280 | -HS- | M] () -- C:\pagefile.sys
[2001/05/24 13:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004/08/04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2008/10/03 16:49:37 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2008/10/03 16:49:37 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004/08/04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/10/03 16:49:37 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/10/03 16:49:37 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2004/08/04 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2004/08/04 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004/08/04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008/10/03 16:49:37 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008/10/03 16:49:37 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004/08/04 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008/04/14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004/08/04 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004/08/04 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2010/05/29 19:28:13 | 000,038,400 | ---- | M] ()(C:\Documents and Settings\Bridge.EID90\My Documents\??????? SIA SB PLUSS.doc) -- C:\Documents and Settings\Bridge.EID90\My Documents\Магазин SIA SB PLUSS.doc
[2010/05/29 19:28:12 | 000,038,400 | ---- | C] ()(C:\Documents and Settings\Bridge.EID90\My Documents\??????? SIA SB PLUSS.doc) -- C:\Documents and Settings\Bridge.EID90\My Documents\Магазин SIA SB PLUSS.doc

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0F8F5844
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Bridge.EID90\Desktop\tmMaster.exe:SummaryInformation
@Alternate Data Stream - 5157 bytes -> C:\Documents and Settings\Bridge.EID90\(l:§'dn€
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5BB923A2
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:44DAF2F1
< End of report >
[/log]

Sohei
komentarz
komentarz

[code]:Processes
Explorer.exe



:OTL




:files
C:\WINDOWS\System32\jmcierk.dll


:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]

:services
xcpnsabr
SONYPVU1


:Commands
[emptytemp]
[start explorer]
[Reboot][/code]
Wklejasz to do OTL w białe okienko i klikasz run fix.Potem nowy log z OTL + GMER

  • Dobra wypowiedź 1
klimek1313
komentarz
komentarz

tylko OTL, gmer po 3 h sie zawiesil totalnie:
[log]
OTL logfile created on: 10/08/2010 12:30:00 - Run 4
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Bridge.EID90\Desktop\Bridge\1st Off\Tomek\priv\System
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 47.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): C:\pagefile.sys 1905 1905 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 49.50 Gb Free Space | 66.42% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 48.83 Gb Total Space | 32.76 Gb Free Space | 67.10% Space Free | Partition Type: NTFS
Drive J: | 48.83 Gb Total Space | 32.76 Gb Free Space | 67.10% Space Free | Partition Type: NTFS

Computer Name: BRIDGEPC_FORC
Current User Name: Bridge
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010/08/10 05:04:57 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/07/29 11:51:21 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bridge.EID90\Desktop\Bridge\1st Off\Tomek\priv\System\OTL.exe
PRC - [2010/06/15 15:05:58 | 000,719,688 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010/06/15 15:04:28 | 001,051,976 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2009/11/27 08:43:12 | 000,608,256 | ---- | M] (Haseeb Ahmed) -- C:\Program Files\MSE Update Utility\MSE Update Utility.exe
PRC - [2009/09/13 19:52:50 | 001,048,392 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2009/07/12 10:21:20 | 000,090,112 | ---- | M] () -- C:\Program Files\Seagull\STA33\DbamSQLAgent.exe
PRC - [2009/07/02 18:36:52 | 000,203,800 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MpCmdRun.exe
PRC - [2009/07/02 18:36:52 | 000,203,800 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\MpCmdRun.exe
PRC - [2009/07/02 18:36:52 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/05/27 04:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2009/02/05 23:56:14 | 000,117,208 | ---- | M] (AnchorFree Inc.) -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2008/11/24 23:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008/11/24 23:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2008/10/20 15:00:46 | 000,329,216 | ---- | M] (UK Hydrographic Office and Chersoft Ltd) -- C:\Program Files\Common Files\CherSoft\TTService\TTService.exe
PRC - [2008/05/06 10:09:26 | 000,020,480 | ---- | M] () -- C:\Program Files\Seagull\STA33\Sta.Importer.Service.exe
PRC - [2008/04/14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/04 23:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 23:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2004/09/29 13:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2001/10/24 08:25:58 | 000,212,992 | ---- | M] () -- C:\Program Files\Hewlett-Packard\LaserJet All-in-one\hppdirector.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010/07/29 11:51:21 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bridge.EID90\Desktop\Bridge\1st Off\Tomek\priv\System\OTL.exe
MOD - [2008/04/14 02:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe -- (HotspotShieldService)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\ArcaBit\Common\ArcaBit.Core.Configurator2.exe -- (ArcaBit.Core.Configurator)
SRV - [2010/07/30 01:59:40 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010/06/15 15:04:28 | 001,051,976 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010/06/15 15:01:36 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009/07/12 10:21:20 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Seagull\STA33\DbamSQLAgent.exe -- (Sta.Dbam.SqlAgent$SEAGULL2005) Sta Dbam SqlAgent (SEAGULL2005)
SRV - [2009/07/02 18:36:52 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/05/27 04:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$SEAGULL2005) SQL Server (SEAGULL2005)
SRV - [2009/02/05 23:56:14 | 000,117,208 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2008/11/24 23:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008/11/24 23:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008/11/24 23:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008/10/20 15:00:46 | 000,329,216 | ---- | M] (UK Hydrographic Office and Chersoft Ltd) [Auto | Running] -- C:\Program Files\Common Files\CherSoft\TTService\TTService.exe -- (TTService)
SRV - [2008/05/06 10:09:26 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Seagull\STA33\Sta.Importer.Service.exe -- (Sta.Importer.Service)
SRV - [2007/01/04 23:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2004/09/29 13:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- D:\UXDCMN.SYS -- (UXDCMN)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\SMCWPCIT.sys -- (SMCWPCIT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\BRIDGE~1.EID\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - [2010/07/29 20:54:08 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/02/25 12:18:08 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/06/18 19:48:04 | 000,142,832 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2009/02/05 23:55:12 | 000,031,704 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hssdrv.sys -- (HssDrv)
DRV - [2008/12/06 20:01:20 | 000,102,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2008/04/13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/01/23 23:25:32 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tapvpn.sys -- (tapvpn)
DRV - [2007/02/28 08:38:22 | 000,091,008 | ---- | M] (OMNIKEY) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cxbu0wdm.sys -- (cxbu0wdm)
DRV - [2006/02/20 18:59:34 | 000,085,408 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810mgmt.sys -- (w810mgmt) Sony Ericsson W810 USB WMC Device Management Drivers (WDM)
DRV - [2006/02/20 18:59:27 | 000,058,288 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810bus.sys -- (w810bus) Sony Ericsson W810 Driver driver (WDM)
DRV - [2005/10/18 13:15:42 | 004,034,048 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/09/24 12:10:24 | 000,008,576 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SIVX32.SYS -- (SIVDRIVER)
DRV - [2005/01/07 17:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/04/21 17:51:00 | 000,016,384 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\wlanndi5.sys -- (wlanndi5)
DRV - [2000/09/09 17:20:26 | 000,047,328 | ---- | M] (Warp Nine Engineering) [Kernel | Auto | Running] -- C:\Program Files\HP DesignJet 500PS\Program\Par1284.sys -- (Par1284)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1

FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/04/09 19:04:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/10 05:05:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/10 12:04:44 | 000,000,000 | ---D | M]

[2010/08/08 11:44:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Mozilla\Extensions
[2010/05/03 04:19:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/08/08 14:34:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Mozilla\Firefox\Profiles\xzyv9j9u.default\extensions
[2010/08/08 12:07:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Bridge.EID90\Application Data\Mozilla\Firefox\Profiles\xzyv9j9u.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/08 14:34:47 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Bridge.EID90\Application Data\Mozilla\Firefox\Profiles\xzyv9j9u.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/08/08 14:34:50 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/12/17 08:13:05 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla(2).org
[2010/08/10 05:05:05 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010/08/10 05:05:05 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010/08/10 05:05:05 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010/08/10 05:05:05 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010/08/10 05:05:05 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010/08/10 05:05:05 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010/08/07 23:10:23 | 000,000,789 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\..\Toolbar\WebBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [hp 1000 firmware] C:\Program Files\hp LaserJet 1000\fwdl.exe (Zenographics)
O4 - HKLM..\Run: [HP AutoIndexer] C:\Program Files\Hewlett-Packard\LaserJet All-in-one\hppautoindexer.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP SchedIndexer] C:\Program Files\Hewlett-Packard\LaserJet All-in-one\hppschedindexer.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPLJ Config] C:\Program Files\Hewlett-Packard\LaserJet All-in-one\hppcfg.exe ()
O4 - HKLM..\Run: [MSE Update Utility] C:\Program Files\MSE Update Utility\MSE Update Utility.exe (Haseeb Ahmed)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP LaserJet Director.lnk = C:\Program Files\Hewlett-Packard\LaserJet All-in-one\hppdirector.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-545701781-3224946616-1018453507-1121\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: Open with Scansoft PDF Converter 3.0 - C:\Program Files\ScanSoft\PDF Professional 3.0\IEShellExt.dll (ScanSoft, Inc.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - Reg Error: Key error. File not found
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - Reg Error: Key error. File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = EID90.FORC
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop Components:0 () - http://by127fd.bay127.hotmail.msn.com/cgi-bin/getmsg?&msg=CD22971B-211B-4F7B-8337-C01DBE49780C&start=0&len=615942&curmbox=00000000-0000-0000-0000-000000000001&a=a148a9eb7def75ab0fc6023ae685cf1f74dff6f533ad256dbc488df2f2fc9bad&mimepart=9
O24 - Desktop Components:1 () - http://by127fd.bay127.hotmail.msn.com/cgi-bin/getmsg?&msg=CD22971B-211B-4F7B-8337-C01DBE49780C&start=0&len=615942&curmbox=00000000-0000-0000-0000-000000000001&a=a148a9eb7def75ab0fc6023ae685cf1f74dff6f533ad256dbc488df2f2fc9bad&mimepart=14
O24 - Desktop Components:2 () - http://www.skipsfarts-forum.net/download.php?action=img&iid=18457
O24 - Desktop Components:3 () - file:///C:/DOCUME~1/BRIDGE~1.EID/LOCALS~1/Temp/msoclip1/01/clip_image002.jpg
O24 - Desktop Components:4 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Bridge.EID90\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Bridge.EID90\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/11/25 15:56:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/08/01 16:24:48 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: xcpnsabr - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: SSHNAS - File not found

MsConfig - Services: "DefWatch"
MsConfig - Services: "Symantec AntiVirus"
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe - (Adobe Systems Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk - C:\PROGRA~1\MICROS~2\Office\OSA9.EXE - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^Bridge.EID90^Start Menu^Programs^Startup^LimeWire On Startup.lnk - C:\PROGRA~1\LimeWire\LimeWire.exe - File not found
MsConfig - StartUpReg: [b]5DR8ZAD8GX[/b] - hkey= - key= - C:\DOCUME~1\BRIDGE~1.EID\LOCALS~1\Temp\Fgj.exe File not found
MsConfig - StartUpReg: [b]beuunog[/b] - hkey= - key= - C:\Documents and Settings\Bridge.EID90\beuunog.exe File not found
MsConfig - StartUpReg: [b]ccApp[/b] - hkey= - key= - C:\Program Files\Common Files\Symantec Shared\ccApp.exe File not found
MsConfig - StartUpReg: [b]DS Clock[/b] - hkey= - key= - C:\Program Files\DS Clock\DSClock.exe File not found
MsConfig - StartUpReg: [b]HP Software Update[/b] - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
MsConfig - StartUpReg: [b]igfxpers[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]igfxtray[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]jcvex[/b] - hkey= - key= - C:\Documents and Settings\Bridge.EID90\jcvex.exe File not found
MsConfig - StartUpReg: [b]KernelFaultCheck[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]laedu[/b] - hkey= - key= - C:\Documents and Settings\Bridge.EID90\laedu.exe File not found
MsConfig - StartUpReg: [b]Messenger (Yahoo!)[/b] - hkey= - key= - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
MsConfig - StartUpReg: [b]NeroFilterCheck[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]PDF3 Registry Controller[/b] - hkey= - key= - C:\Program Files\ScanSoft\PDF Professional 3.0\RegistryController.exe (ScanSoft, Inc.)
MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\qttask.exe File not found
MsConfig - StartUpReg: [b]roapu[/b] - hkey= - key= - C:\Documents and Settings\Bridge.EID90\roapu.exe File not found
MsConfig - StartUpReg: [b]SSBkgdUpdate[/b] - hkey= - key= - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.)
MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: [b]swg[/b] - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe File not found
MsConfig - StartUpReg: [b]Synchronization Manager[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]TkBellExe[/b] - hkey= - key= - C:\Program Files\K-Lite Codec Pack\Real\Update_OB\realsched.exe File not found
MsConfig - StartUpReg: [b]toeeqi[/b] - hkey= - key= - C:\Documents and Settings\Bridge.EID90\toeeqi.exe File not found
MsConfig - StartUpReg: [b]tuook[/b] - hkey= - key= - C:\Documents and Settings\Bridge.EID90\tuook.exe File not found
MsConfig - StartUpReg: [b]vptray[/b] - hkey= - key= - C:\PROGRA~1\SYMANT~1\VPTray.exe File not found
MsConfig - StartUpReg: [b]zzzHPSETUP[/b] - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: MsMpSvc - c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: MsMpSvc - c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm - File not found
SafeBootNet: nm.sys - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010/08/10 12:03:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/08/10 11:24:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\My Documents\My Albums
[2010/08/10 02:25:10 | 000,900,388 | ---- | C] (Macromedia, Inc.) -- C:\WINDOWS\System32\hpflash1.exe
[2010/08/10 02:25:10 | 000,630,784 | ---- | C] (Zenographics) -- C:\WINDOWS\apptune.exe
[2010/08/10 02:25:10 | 000,073,728 | ---- | C] (Zenographics) -- C:\WINDOWS\System32\ZSHP1000.dll
[2010/08/10 02:25:10 | 000,036,864 | ---- | C] (Zenographics) -- C:\WINDOWS\System32\zstatus.exe
[2010/08/10 02:25:09 | 000,212,992 | R--- | C] (Zenographics) -- C:\WINDOWS\System32\VSETUP.DLL
[2010/08/10 02:25:09 | 000,135,168 | R--- | C] (Zenographics) -- C:\WINDOWS\System32\ZUNINST.EXE
[2010/08/10 02:25:09 | 000,086,016 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZSPOOL.DLL
[2010/08/10 02:25:09 | 000,086,016 | ---- | C] (Zenographics) -- C:\WINDOWS\System32\zlmhp1.dll
[2010/08/10 02:25:09 | 000,054,784 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\zPJL.dll
[2010/08/10 02:25:09 | 000,049,152 | R--- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZLANG.DLL
[2010/08/10 02:25:09 | 000,045,056 | R--- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZPP.DLL
[2010/08/10 02:25:09 | 000,028,672 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\zlm.dll
[2010/08/10 02:25:09 | 000,023,552 | R--- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZGDI32.DLL
[2010/08/10 02:25:09 | 000,019,456 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\ZTAG32.DLL
[2010/08/10 02:25:09 | 000,012,288 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\IMF32.DLL
[2010/08/10 02:25:08 | 000,036,864 | ---- | C] (Zenographics, Inc.) -- C:\WINDOWS\System32\zpppcl.dll
[2010/08/09 20:16:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Application Data\Malwarebytes
[2010/08/09 20:16:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/08/09 20:16:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/08/09 20:16:42 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/08/09 20:16:42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/09 19:52:53 | 000,000,000 | ---D | C] -- C:\My Documents
[2010/08/09 19:51:24 | 000,317,952 | ---- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\roboex32.dll
[2010/08/09 19:48:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010/08/08 22:25:28 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/08/08 13:32:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\My Documents\Pobieranie
[2010/08/07 14:29:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Local Settings\Application Data\Haseeb_Ahmed
[2010/08/07 14:28:23 | 000,000,000 | ---D | C] -- C:\Program Files\MSE Update Utility
[2010/08/06 11:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/08/05 13:57:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\DoctorWeb
[2010/08/05 00:46:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Identities
[2010/08/02 10:37:32 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Bridge.EID90\UserData
[2010/08/01 16:24:48 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010/07/31 21:15:15 | 000,000,000 | ---D | C] -- C:\Program Files\Skype
[2010/07/30 19:11:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Connection
[2010/07/30 01:59:43 | 000,030,536 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2010/07/30 01:59:42 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2010/07/30 01:59:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Application Data\TuneUp Software
[2010/07/30 01:59:09 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2010
[2010/07/30 01:59:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2010/07/30 01:58:35 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010/07/29 22:07:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Application Data\ImgBurn
[2010/07/29 21:42:16 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn
[2010/07/29 21:03:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\DAEMON Tools Images
[2010/07/29 20:49:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Application Data\DAEMON Tools Lite
[2010/07/29 20:49:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/07/29 14:48:45 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/07/29 14:48:44 | 000,000,000 | ---D | C] -- C:\rsit
[2010/07/29 09:59:33 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/07/29 09:59:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/07/27 05:27:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/07/27 05:27:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/07/26 16:14:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/07/26 16:03:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/07/18 22:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\Moffsoft Calculator 2
[2010/07/15 03:25:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Application Data\Feedreader
[2010/07/15 03:25:48 | 000,000,000 | ---D | C] -- C:\Program Files\FeedReader30
[2010/07/12 16:44:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Desktop\HSE docs
[2010/07/09 19:31:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Desktop\VF OM
[2010/07/04 21:53:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Desktop\Riser Inspection
[2010/06/29 13:47:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Desktop\Rigging and Lifting Equipment Certs
[2010/06/28 07:17:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\My Documents\HSE REPORTS
[2010/06/27 23:01:57 | 000,000,000 | ---D | C] -- C:\Program Files\Leksykonia
[2010/06/19 20:00:05 | 000,000,000 | ---D | C] -- C:\Lotus
[2010/06/19 17:52:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bridge.EID90\Desktop\JOB LIST TO BE DONE DURING SHIPYARD
[2006/01/02 15:18:27 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\Implode.dll
[2004/11/24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010/08/10 12:25:41 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/10 12:25:40 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-545701781-3224946616-1018453507-1121.job
[2010/08/10 12:25:39 | 000,000,976 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/10 12:25:39 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010/08/10 12:24:44 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/10 12:24:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/10 12:24:40 | 000,300,440 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/10 12:23:43 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2010/08/10 12:23:32 | 018,751,488 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\ntuser.dat
[2010/08/10 12:23:32 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Bridge.EID90\ntuser.ini
[2010/08/10 12:22:00 | 000,000,980 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/10 12:21:48 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Reader 9.lnk
[2010/08/10 12:20:03 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-545701781-3224946616-1018453507-1121.job
[2010/08/10 12:01:00 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/08/10 11:28:58 | 000,054,272 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/10 03:56:28 | 000,073,072 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/08/10 02:54:54 | 000,343,552 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\2 shift Muster list _ Rest Hours 2010.xls
[2010/08/10 01:37:21 | 000,000,164 | ---- | M] () -- C:\WINDOWS\infotech.ini
[2010/08/09 19:54:09 | 000,000,838 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP LaserJet Director.lnk
[2010/08/09 19:53:53 | 000,001,416 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/08/09 19:53:53 | 000,000,659 | ---- | M] () -- C:\WINDOWS\FMTMSAM.INI
[2010/08/09 19:53:35 | 000,000,168 | ---- | M] () -- C:\WINDOWS\hpbafd.ini
[2010/08/09 19:48:36 | 000,000,608 | -HS- | M] () -- C:\WINDOWS\System32\winzvprt5.sys
[2010/08/09 18:28:49 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/08/09 18:28:48 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/08/08 23:35:46 | 000,616,258 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/08 23:35:46 | 000,507,322 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/08 23:35:46 | 000,097,566 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/08 11:44:41 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/08 11:44:41 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/08/07 23:10:23 | 000,000,789 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/08/07 21:42:55 | 000,000,850 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Application Data\Microsoft\Internet Explorer\Quick Launch\MSE Update Utility.lnk
[2010/08/06 11:52:36 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/08/06 09:00:01 | 000,000,496 | ---- | M] () -- C:\WINDOWS\tasks\Automatyczna konserwacja.job
[2010/08/04 23:21:59 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\Defraggler Volume C Task.job
[2010/08/01 21:50:20 | 000,000,529 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\POB.lnk
[2010/07/29 20:54:08 | 000,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/07/29 12:13:50 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to WINWORD.lnk
[2010/07/28 22:16:28 | 000,000,170 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Start Menu.lnk
[2010/07/28 22:16:28 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Templates.lnk
[2010/07/28 22:16:28 | 000,000,166 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\UserData.lnk
[2010/07/28 22:16:28 | 000,000,164 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\WINDOWS.lnk
[2010/07/28 22:16:28 | 000,000,158 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\temp.lnk
[2010/07/28 22:16:27 | 000,000,178 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Local Settings.lnk
[2010/07/28 22:16:27 | 000,000,174 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\My Documents.lnk
[2010/07/28 22:16:27 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\PrintHood.lnk
[2010/07/28 22:16:27 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Gadu-Gadu.lnk
[2010/07/28 22:16:27 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Favorites.lnk
[2010/07/28 22:16:27 | 000,000,164 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\NetHood.lnk
[2010/07/28 22:16:27 | 000,000,164 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop.lnk
[2010/07/28 22:16:27 | 000,000,162 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\SendTo.lnk
[2010/07/28 22:16:27 | 000,000,162 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Recent.lnk
[2010/07/28 22:16:26 | 000,000,182 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Application Data.lnk
[2010/07/28 22:16:26 | 000,000,176 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\.housecall6.6.lnk
[2010/07/28 22:16:26 | 000,000,172 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\.thumbnails.lnk
[2010/07/28 22:16:26 | 000,000,164 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Cookies.lnk
[2010/07/28 22:16:26 | 000,000,162 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Citrix.lnk
[2010/07/28 22:16:26 | 000,000,160 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Video.lnk
[2010/07/28 22:16:26 | 000,000,160 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Music.lnk
[2010/07/28 22:16:26 | 000,000,154 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\...lnk
[2010/07/28 22:16:26 | 000,000,152 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\..lnk
[2010/07/28 22:16:25 | 000,000,170 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\New Folder.lnk
[2010/07/28 22:16:25 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Passwords.lnk
[2010/07/28 22:16:25 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Documents.lnk
[2010/07/28 22:16:25 | 000,000,166 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Pictures.lnk
[2010/07/26 01:40:10 | 000,076,190 | ---- | M] () -- C:\WINDOWS\hpgins07.dat
[2010/07/24 02:18:31 | 006,297,520 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\091116_Leo_HTC_Russian_UM.pdf
[2010/07/20 02:09:40 | 000,374,272 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\Muster list _ Rest Hours 2010.xls
[2010/07/12 11:12:30 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\Worker onb-transfer.xls
[2010/07/08 10:46:21 | 000,082,944 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\My Documents\Ocean going logo.doc
[2010/07/01 12:12:57 | 000,000,029 | ---- | M] () -- C:\WINDOWS\hrdir.ini
[2010/06/28 08:10:08 | 000,032,256 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\My Documents\Safety Template.doc
[2010/06/26 07:20:49 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\crew declaratn 2.xls
[2010/06/25 16:31:58 | 000,030,720 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\crew declaration.xls
[2010/06/23 09:37:43 | 000,033,792 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\personnel Data 4 SPM.29-04-10..xls
[2010/06/21 19:03:15 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\My Documents\gms liferafts.doc
[2010/06/21 06:31:37 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\My Documents\Current color.doc
[2010/06/19 20:20:03 | 000,000,451 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\Shortcut to Lotus on Viking Forcados (Forc).lnk
[2010/06/19 20:03:01 | 000,000,562 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\Desktop\Lotus Notes.lnk
[2010/06/19 20:00:31 | 000,000,995 | ---- | M] () -- C:\WINDOWS\System32\notespis.inf
[2010/06/19 20:00:30 | 000,000,044 | ---- | M] () -- C:\WINDOWS\lotus.ini
[2010/06/18 08:07:16 | 000,744,448 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\My Documents\femi.doc
[2010/06/17 10:31:28 | 000,004,566 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/06/15 15:06:42 | 000,030,536 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2010/06/15 15:01:36 | 000,030,024 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2010/06/14 15:30:32 | 001,446,565 | ---- | M] () -- C:\Documents and Settings\Bridge.EID90\My Documents\delivery paper.pdf

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010/08/10 12:21:48 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Reader 9.lnk
[2010/08/10 02:25:14 | 000,233,525 | ---- | C] () -- C:\WINDOWS\System32\isutil.dll
[2010/08/10 02:25:11 | 000,000,271 | ---- | C] () -- C:\WINDOWS\apptune.ini
[2010/08/10 02:25:10 | 000,007,287 | ---- | C] () -- C:\WINDOWS\System32\ZShp1000.hlp
[2010/08/09 20:07:47 | 000,000,838 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP LaserJet Director.lnk
[2010/08/09 19:53:52 | 000,000,659 | ---- | C] () -- C:\WINDOWS\FMTMSAM.INI
[2010/08/09 19:53:28 | 000,000,168 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2010/08/09 19:52:45 | 000,000,019 | ---- | C] () -- C:\WINDOWS\hppsi_indexbase.dat
[2010/08/09 19:52:06 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\irisco32.dll
[2010/08/09 19:51:31 | 000,343,040 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2010/08/09 19:51:31 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2010/08/09 19:51:11 | 000,000,033 | ---- | C] () -- C:\WINDOWS\hppLangChoice.ini
[2010/08/09 19:48:36 | 000,000,608 | -HS- | C] () -- C:\WINDOWS\System32\winzvprt5.sys
[2010/08/08 11:44:41 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/08 11:44:41 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/08/07 23:15:42 | 018,751,488 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\ntuser.dat
[2010/08/07 21:42:55 | 000,000,850 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Application Data\Microsoft\Internet Explorer\Quick Launch\MSE Update Utility.lnk
[2010/08/01 21:50:20 | 000,000,529 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Desktop\POB.lnk
[2010/07/30 08:57:35 | 000,000,496 | ---- | C] () -- C:\WINDOWS\tasks\Automatyczna konserwacja.job
[2010/07/29 20:54:08 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/07/29 12:13:50 | 000,000,746 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to WINWORD.lnk
[2010/07/28 09:14:56 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-545701781-3224946616-1018453507-1121.job
[2010/07/27 15:28:58 | 000,000,178 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Local Settings
[2010/07/27 15:28:58 | 000,000,174 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\My Documents
[2010/07/27 15:28:58 | 000,000,170 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Start Menu
[2010/07/27 15:28:58 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Templates
[2010/07/27 15:28:58 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\PrintHood
[2010/07/27 15:28:58 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Gadu-Gadu
[2010/07/27 15:28:58 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Favorites
[2010/07/27 15:28:58 | 000,000,166 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\UserData
[2010/07/27 15:28:58 | 000,000,164 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\WINDOWS
[2010/07/27 15:28:58 | 000,000,164 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\NetHood
[2010/07/27 15:28:58 | 000,000,164 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Desktop
[2010/07/27 15:28:58 | 000,000,164 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Cookies
[2010/07/27 15:28:58 | 000,000,162 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\SendTo
[2010/07/27 15:28:58 | 000,000,162 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Recent
[2010/07/27 15:28:58 | 000,000,162 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Citrix
[2010/07/27 15:28:58 | 000,000,158 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\temp
[2010/07/27 15:28:57 | 000,000,182 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Application Data
[2010/07/27 15:28:57 | 000,000,176 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\.housecall6.6
[2010/07/27 15:28:57 | 000,000,172 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\.thumbnails
[2010/07/27 15:28:57 | 000,000,170 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\New Folder.lnk
[2010/07/27 15:28:57 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Passwords.lnk
[2010/07/27 15:28:57 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Documents.lnk
[2010/07/27 15:28:57 | 000,000,166 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Pictures.lnk
[2010/07/27 15:28:57 | 000,000,160 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Video.lnk
[2010/07/27 15:28:57 | 000,000,160 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Music.lnk
[2010/07/27 15:28:57 | 000,000,154 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\..
[2010/07/27 15:28:57 | 000,000,152 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\.
[2010/07/27 00:50:02 | 000,003,758 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\FDC9456D-1E39-4363-850A-D67DFECC1351.txt
[2010/07/26 16:31:16 | 000,003,758 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Local Settings\Application Data\FDC9456D-1E39-4363-850A-D67DFECC1351.txt
[2010/07/24 02:15:35 | 006,297,520 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Desktop\091116_Leo_HTC_Russian_UM.pdf
[2010/07/12 09:52:01 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Desktop\Worker onb-transfer.xls
[2010/07/08 10:46:21 | 000,082,944 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\My Documents\Ocean going logo.doc
[2010/06/28 06:50:16 | 000,032,256 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\My Documents\Safety Template.doc
[2010/06/26 07:20:49 | 000,016,896 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Desktop\crew declaratn 2.xls
[2010/06/25 09:40:34 | 000,030,720 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Desktop\crew declaration.xls
[2010/06/21 19:03:15 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\My Documents\gms liferafts.doc
[2010/06/21 06:31:37 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\My Documents\Current color.doc
[2010/06/19 20:03:01 | 000,000,562 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Desktop\Lotus Notes.lnk
[2010/06/19 19:50:09 | 000,000,451 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\Desktop\Shortcut to Lotus on Viking Forcados (Forc).lnk
[2010/06/18 08:07:16 | 000,744,448 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\My Documents\femi.doc
[2010/06/14 15:30:26 | 001,446,565 | ---- | C] () -- C:\Documents and Settings\Bridge.EID90\My Documents\delivery paper.pdf
[2010/04/25 17:49:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\swsystem.dll
[2010/04/09 19:45:05 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/04/09 19:45:03 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/04/09 19:44:51 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010/04/09 19:44:51 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/04/09 19:44:51 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/01/25 15:51:57 | 000,000,091 | ---- | C] () -- C:\WINDOWS\hrconfig.ini
[2009/10/16 07:07:12 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/06/13 10:34:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\AutoRun.INI
[2009/02/02 16:57:17 | 000,000,025 | ---- | C] () -- C:\WINDOWS\USERTK.INI
[2008/12/19 17:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008/12/17 19:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008/12/17 19:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008/12/17 19:22:48 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/12/17 19:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008/12/17 18:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008/12/11 13:27:02 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008/11/04 08:30:27 | 000,000,291 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/08/06 18:03:54 | 000,073,216 | ---- | C] () -- C:\WINDOWS\System32\see32.dll
[2008/07/13 15:51:23 | 000,000,012 | ---- | C] () -- C:\WINDOWS\System32\winxdpr3.dll
[2008/07/03 17:05:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\geotrans2.INI
[2008/05/16 18:36:57 | 000,000,197 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/12/22 17:18:04 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\cmabout.dll
[2007/12/22 17:18:04 | 000,010,229 | ---- | C] () -- C:\WINDOWS\System32\cmdiag.ini
[2007/12/22 17:18:04 | 000,000,142 | ---- | C] () -- C:\WINDOWS\System32\cmabout.ini
[2007/12/01 17:52:18 | 000,000,391 | R--- | C] () -- C:\WINDOWS\hpw1000k.ini
[2007/12/01 17:49:16 | 000,016,954 | ---- | C] () -- C:\WINDOWS\hpbj1000.ini
[2007/10/07 20:31:52 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\adistres.dll
[2007/08/25 17:48:18 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\mchInjDrv.sys
[2007/08/22 15:24:25 | 000,000,222 | ---- | C] () -- C:\WINDOWS\VOGEL.INI
[2007/04/11 01:54:09 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2007/03/16 17:00:00 | 000,003,403 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2007/02/19 15:12:22 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\chksvrn.dll
[2006/11/11 08:31:44 | 000,000,099 | ---- | C] () -- C:\WINDOWS\notesnsd.ini
[2006/10/16 19:12:58 | 000,025,088 | ---- | C] () -- C:\WINDOWS\System32\HOTFLDR.DLL
[2006/10/11 09:05:00 | 000,000,023 | ---- | C] () -- C:\WINDOWS\ZDPLUSSEARCH.INI
[2006/07/29 17:14:28 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI
[2006/07/25 20:47:34 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A6W.INI
[2006/07/25 20:47:27 | 000,000,198 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2006/07/25 12:29:32 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\hlinkprx.dll
[2006/07/25 12:29:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[2006/05/26 01:57:16 | 000,000,096 | ---- | C] () -- C:\WINDOWS\VPPLAYS.INI
[2006/04/21 17:00:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2006/02/03 07:45:05 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/01/21 17:51:53 | 000,042,379 | ---- | C] () -- C:\WINDOWS\convfac.ini
[2006/01/21 17:51:53 | 000,014,775 | ---- | C] () -- C:\WINDOWS\convit.ini
[2006/01/02 15:18:58 | 000,000,928 | ---- | C] () -- C:\WINDOWS\tmmaster.INI
[2006/01/02 15:18:58 | 000,000,164 | ---- | C] () -- C:\WINDOWS\infotech.ini
[2006/01/02 15:18:46 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2006/01/02 15:18:29 | 000,000,042 | ---- | C] () -- C:\WINDOWS\tmfull.ini
[2006/01/02 15:18:27 | 000,748,160 | ---- | C] () -- C:\WINDOWS\System32\Co2c40en.dll
[2005/12/12 14:05:42 | 000,026,784 | ---- | C] () -- C:\WINDOWS\uflfinra.dll
[2005/12/12 14:05:42 | 000,024,592 | ---- | C] () -- C:\WINDOWS\uflsamp1.dll
[2005/12/12 14:05:42 | 000,022,704 | ---- | C] () -- C:\WINDOWS\uflbar.dll
[2005/12/12 14:05:42 | 000,018,240 | ---- | C] () -- C:\WINDOWS\ufldts.dll
[2005/12/12 14:05:42 | 000,014,400 | ---- | C] () -- C:\WINDOWS\uf5dts.dll
[2005/12/12 14:05:35 | 000,000,069 | ---- | C] () -- C:\WINDOWS\RETSAMMT.DLL
[2005/12/08 15:21:10 | 000,000,043 | ---- | C] () -- C:\WINDOWS\hpfccopy.INI
[2005/12/06 22:41:17 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI
[2005/12/03 15:27:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2005/12/02 19:20:13 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\acdbres.dll
[2005/12/02 19:17:07 | 000,001,156 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/12/02 19:17:06 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2005/12/02 19:17:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2005/12/02 19:06:45 | 000,000,044 | ---- | C] () -- C:\WINDOWS\lotus.ini
[2005/11/28 12:32:53 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/11/28 08:40:00 | 000,157,184 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2005/11/25 16:02:39 | 000,014,336 | R--- | C] () -- C:\WINDOWS\SIVI64.sys
[2005/11/25 16:02:39 | 000,009,728 | R--- | C] () -- C:\WINDOWS\SIVX64.sys
[2005/11/25 16:02:39 | 000,008,576 | R--- | C] () -- C:\WINDOWS\SIVX32.sys
[2005/11/25 16:02:39 | 000,007,810 | R--- | C] () -- C:\WINDOWS\SIVNT4.sys
[2005/11/25 16:02:39 | 000,003,904 | R--- | C] () -- C:\WINDOWS\GWIOPM.SYS
[2005/11/25 16:02:30 | 000,008,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\SIVX32.SYS
[2005/11/25 16:00:24 | 000,000,750 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/10/21 15:05:33 | 000,000,029 | ---- | C] () -- C:\WINDOWS\hrdir.ini
[2005/04/12 15:53:10 | 000,372,736 | ---- | C] () -- C:\WINDOWS\System32\hpzidi01.dll
[2005/03/28 16:14:38 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2004/10/03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004/04/27 01:29:58 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010/07/29 09:59:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2007/08/23 01:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ArcaBit
[2009/03/27 13:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CherSoft
[2010/07/29 20:49:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2005/12/28 10:48:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2010/04/17 19:26:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2006/10/11 09:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2008/09/29 02:50:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2009/03/16 04:45:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2008/09/29 02:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/07/30 01:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2008/05/09 03:42:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/10/11 09:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\zeon
[2010/07/30 01:58:35 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2009/08/29 21:08:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Auslogics
[2008/04/17 12:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\CherSoft
[2010/07/29 21:05:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\DAEMON Tools Lite
[2007/11/09 04:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\EuroTalk
[2010/07/15 03:25:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Feedreader
[2009/01/29 18:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Gadu-Gadu
[2008/04/19 19:34:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\gtk-2.0
[2008/01/24 04:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\ICAClient
[2010/07/29 22:34:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\ImgBurn
[2007/10/07 20:29:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\InterTrust
[2007/08/25 03:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\KeySafe
[2010/04/28 22:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\MSA
[2007/02/22 11:58:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\MSNInstaller
[2008/05/19 18:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Opera
[2009/02/25 09:19:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Password Solutions
[2009/08/03 21:14:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\STA
[2008/03/10 11:12:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\TeamViewer
[2010/07/30 01:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\TuneUp Software
[2008/05/09 02:07:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Viewpoint
[2006/10/11 09:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bridge.EID90\Application Data\Zeon
[2009/07/12 10:21:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\STA
[2009/07/12 09:18:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\STA
[2010/08/06 09:00:01 | 000,000,496 | ---- | M] () -- C:\WINDOWS\Tasks\Automatyczna konserwacja.job
[2010/08/04 23:21:59 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\Defraggler Volume C Task.job
[2010/08/10 12:25:39 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2010/08/10 12:01:00 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2005/11/25 15:56:41 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/08/09 18:28:49 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2005/11/25 15:56:41 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2007/12/04 17:51:57 | 000,000,081 | ---- | M] () -- C:\CTX.DAT
[2000/12/13 10:28:42 | 000,030,068 | ---- | M] () -- C:\FIXKRIZ.EXE
[2007/04/11 01:54:14 | 000,001,119 | ---- | M] () -- C:\INSTALL.LOG
[2005/11/25 15:56:41 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/08/09 20:01:36 | 000,000,000 | ---- | M] () -- C:\Log.txt
[2009/05/05 02:34:26 | 000,007,572 | ---- | M] () -- C:\mksbasel.cpp.log
[2005/11/25 15:56:41 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/10/03 16:54:57 | 000,250,048 | -HS- | M] () -- C:\ntldr
[2010/08/10 12:24:34 | 1997,537,280 | -HS- | M] () -- C:\pagefile.sys
[2001/05/24 13:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004/08/04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2008/10/03 16:49:37 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2008/10/03 16:49:37 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004/08/04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/10/03 16:49:37 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/10/03 16:49:37 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2004/08/04 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2004/08/04 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004/08/04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008/10/03 16:49:37 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008/10/03 16:49:37 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004/08/04 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008/04/14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004/08/04 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004/08/04 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2010/05/29 19:28:13 | 000,038,400 | ---- | M] ()(C:\Documents and Settings\Bridge.EID90\My Documents\??????? SIA SB PLUSS.doc) -- C:\Documents and Settings\Bridge.EID90\My Documents\Магазин SIA SB PLUSS.doc
[2010/05/29 19:28:12 | 000,038,400 | ---- | C] ()(C:\Documents and Settings\Bridge.EID90\My Documents\??????? SIA SB PLUSS.doc) -- C:\Documents and Settings\Bridge.EID90\My Documents\Магазин SIA SB PLUSS.doc

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0F8F5844
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Bridge.EID90\Desktop\tmMaster.exe:SummaryInformation
@Alternate Data Stream - 5157 bytes -> C:\Documents and Settings\Bridge.EID90\(l:§'dn€
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5BB923A2
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:44DAF2F1
< End of report >
[/log]

Sohei
komentarz
komentarz

czy komputer działa już sprawnie?

klimek1313
komentarz
komentarz

tak, wydaje się, że wsio w porządku. zostaje tylko mały szczegół. ponieważ dzieje się to w robocie, kompy są spięte w siec, a na serwerze (tak nam się wydaje , bo nigdzie nie możemy znaleźć, a to byłoby najlogiczniejsze) jest sieciowy, wspólny dysk Common. tam nie widać żadnych folderów, tylko pliki. przed całą operacją te foldery były widziane jako Ukryte, lekko przezroczyste, ale można było wejść. teraz nic. nie widać folderów. opcja Pokaż ukryte pliki jest zaznaczona, również nie można było wcześniej zmienić atrybutów na Nie-ukryte (było szare podświetlenie). teraz widać tylko pliki, bez folderów... jak to ugryźć? wchodzimy na serwer, żeby stamtąd zmienić - nic, tam nie możemy znaleźć tego dysku Common, ani w Wyszukaj żadnych plików z Common... tak jakby to nie był dysk na serwerze... nie mam pojęcia o topologii sieci z serwerem, amba totalna.. od czego zacząć? odpada pomoc ITfirmy - nie ma takowej. (co gorsza ta sama sytuacja jest teraz u mnie na zewnętrznym twardzielu - 100GB zajęte, a nic nie widać)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.