x-kom hosting

Problem z usunięciem wirusa

szimin
utworzono
utworzono

Witam,

Mam następujący problem z wirusem. Wyskoczył mi po skanowaniu pendrive'a od kumpla. Zwie się Worm.Win32.AutoRun.dej. Jego lokalizacja to H:\AutoRun.inf (H jest "dyskiem" pendrive'a). Kiedy w Kaspersky'm nacisnąłem na neutralizowanie wszystkich zagrożeń, to nic się nie stało. Obecnie cały czas pokazuje mi aktywne zagrożenie, mimo, że przy drugim sprawdzaniu tego pendrive'a wyskoczyło 0 zagrożeń. Proszę o pomoc.

Nie podaję od razu logów (bo zapewne ktoś o nie poprosi), bo nie wiem z którego programu podawać, dlatego czekam na odpowiedź.

Pozdrawiam.

Tomek01
komentarz
komentarz

Zastosuj [b][color=#0000CD][url=http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe]Flash Disinfector[/url][/color][/b], najlepiej z podpiętym pendrive'm czy innymi pamięciami USB.

Wrzuć zestaw logów: OTL i RSIT wstawiając je w tagi. http://www.forumpc.pl/index.php?showtopic=104338

szimin
komentarz
komentarz (edytowane)

Użyłem Flash Disinfectora.

[log]Logfile of random's system information tool 1.08 (written by random/random)
Run by Szimin at 2010-11-15 21:49:59
Microsoft Windows XP Home Edition Dodatek Service Pack 3
System drive C: has 25 GB (51%) free of 50 GB
Total RAM: 3327 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:50:12, on 2010-11-15
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\AutoConnect\AutoConnect.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Szimin\Pulpit\RSIT.exe
C:\Program Files\trend micro\Szimin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Pomocnik rejestrowania za pomocą identyfikatora Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (file missing)
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Dane aplikacji\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Utwórz Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{7D22AE6A-AD7F-482F-9334-7DA25C0EB47D}: NameServer = 194.204.152.34 194.204.159.1
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Usługa Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 9235 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ca5c23806a9f84.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1ca5c2380a3d7f4.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1085031214-1801674531-1009Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1085031214-1801674531-1009UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll [2010-05-07 68280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2006-06-13 110652]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocnik rejestrowania za pomocą identyfikatora Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll [2010-05-25 191160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-15 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}]
IEPluginBHO Class - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2007-01-29 30248]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2007-01-29 46632]
"PPort11reminder"=C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-02-01 255528]
"BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-03-12 663552]
"ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2007-01-26 65536]
"DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2006-06-13 127036]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-05-07 344736]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-10-16 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-10-16 13851752]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-11-02 19580520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-15 15360]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"AutoConnect"=C:\Program Files\AutoConnect\AutoConnect.exe [2004-08-28 295424]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"aawservice"=2

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2010-05-07 228024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=0xFFFFFFFF

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=189
"NoDriveAutoRun"=67108855
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Java\jre1.5.0_15\launch4j-tmp\JDownloader.exe"="C:\Program Files\Java\jre1.5.0_15\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"E:\KONAMI\pes2010.exe"="E:\KONAMI\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Gadu-Gadu 10\gg.exe"="C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10"
"C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe:*:Enabled:umi"
"E:\KONAMI\Pro Evolution Soccer 2010\pes2010.exe"="E:\KONAMI\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2011\pes2011.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2011\pes2011.exe:*:Enabled:Pro Evolution Soccer 2011"
"C:\Documents and Settings\Szimin\Dane aplikacji\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\Szimin\Dane aplikacji\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"C:\Program Files\EA Sports\FIFA 11\Game\fifa.exe"="C:\Program Files\EA Sports\FIFA 11\Game\fifa.exe:*:Enabled:FIFA 11"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

======File associations======

.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"

======List of files/folders created in the last 1 months======

2010-11-15 21:48:27 ----D---- C:\Program Files\trend micro
2010-11-15 21:48:26 ----D---- C:\rsit
2010-11-15 21:46:53 ----RASHD---- C:\autorun.inf
2010-11-11 21:22:15 ----D---- C:\Documents and Settings\Szimin\Dane aplikacji\Foxit Software
2010-11-11 20:49:08 ----D---- C:\Program Files\Odkurzacz
2010-11-10 15:51:21 ----D---- C:\Program Files\Softronics
2010-11-09 19:07:47 ----ASH---- C:\Documents and Settings\Szimin\Dane aplikacji\Sys6925.Config Collection.sys
2010-11-09 19:07:35 ----D---- C:\Program Files\jv16 PowerTools 2010
2010-11-09 18:59:04 ----A---- C:\WINDOWS\system32\pgdfgsvc.exe
2010-11-09 13:19:16 ----A---- C:\WINDOWS\system32\drivers\DrvAgent32.sys
2010-11-05 11:34:24 ----A---- C:\WINDOWS\system32\drivers\cpuz134_x32.sys
2010-11-02 18:08:20 ----D---- C:\Documents and Settings\Szimin\Dane aplikacji\Winamp
2010-11-02 17:58:33 ----D---- C:\WINDOWS\system32\winrm
2010-11-02 17:58:33 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2010-10-26 13:41:13 ----A---- C:\WINDOWS\vncutil.exe
2010-10-26 13:41:12 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll
2010-10-26 13:41:11 ----A---- C:\WINDOWS\RtkAudioService.exe
2010-10-26 13:41:08 ----A---- C:\WINDOWS\system32\drivers\Monfilt.sys
2010-10-26 13:41:07 ----A---- C:\WINDOWS\system32\drivers\Ambfilt.sys
2010-10-26 13:01:48 ----D---- C:\Documents and Settings\Szimin\Dane aplikacji\Thunderbird
2010-10-24 21:56:49 ----A---- C:\WINDOWS\system32\drivers\klif.sys
2010-10-18 13:45:43 ----A---- C:\WINDOWS\system32\nvgenco32.dll
2010-10-18 13:45:43 ----A---- C:\WINDOWS\system32\nvdispco32.dll
2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvwddi.dll
2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrszht.dll
2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrstr.dll
2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrsth.dll
2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrssv.dll
2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrssl.dll
2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrssk.dll
2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrsru.dll
2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrsko.dll
2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrshu.dll
2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrshe.dll
2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrses.dll
2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrseng.dll
2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrsel.dll
2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrsde.dll
2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrsda.dll
2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrscs.dll
2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrsar.dll
2010-10-16 11:05:52 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2010-10-16 11:05:52 ----A---- C:\WINDOWS\system32\nvrspt.dll
2010-10-16 11:05:52 ----A---- C:\WINDOWS\system32\nvrspl.dll
2010-10-16 11:05:52 ----A---- C:\WINDOWS\system32\nvrsno.dll
2010-10-16 11:05:52 ----A---- C:\WINDOWS\system32\nvrsja.dll
2010-10-16 11:05:52 ----A---- C:\WINDOWS\system32\nvrsit.dll
2010-10-16 11:05:52 ----A---- C:\WINDOWS\system32\nvmctray.dll
2010-10-16 11:05:52 ----A---- C:\WINDOWS\system32\nvmccs.dll
2010-10-16 11:05:52 ----A---- C:\WINDOWS\system32\nvcpl.dll
2010-10-16 11:05:52 ----A---- C:\WINDOWS\system32\nvcolor.exe

======List of files/folders modified in the last 1 months======

2010-11-15 21:48:42 ----D---- C:\WINDOWS\Prefetch
2010-11-15 21:48:27 ----RD---- C:\Program Files
2010-11-15 21:34:44 ----D---- C:\WINDOWS\Temp
2010-11-15 21:34:43 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
2010-11-15 20:59:57 ----D---- C:\Program Files\AutoConnect
2010-11-15 20:59:15 ----D---- C:\WINDOWS
2010-11-15 20:58:25 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-11-15 20:36:44 ----HD---- C:\WINDOWS\inf
2010-11-15 14:27:27 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-12 17:55:21 ----D---- C:\WINDOWS\system32
2010-11-12 17:40:43 ----SHD---- C:\WINDOWS\Installer
2010-11-12 17:40:42 ----D---- C:\Config.Msi
2010-11-12 17:40:41 ----D---- C:\WINDOWS\WinSxS
2010-11-12 17:39:58 ----D---- C:\WINDOWS\system32\DirectX
2010-11-12 17:39:08 ----RSD---- C:\WINDOWS\assembly
2010-11-12 17:38:13 ----D---- C:\WINDOWS\Logs
2010-11-11 21:07:45 ----D---- C:\WINDOWS\system32\drivers\etc
2010-11-11 21:00:13 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2010-11-11 20:21:17 ----D---- C:\Program Files\MoorHunt
2010-11-10 15:51:21 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-10 13:27:10 ----D---- C:\WINDOWS\Debug
2010-11-10 13:27:07 ----A---- C:\WINDOWS\system32\MRT.exe
2010-11-09 20:06:44 ----A---- C:\WINDOWS\win.ini
2010-11-09 19:57:15 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\DSS
2010-11-09 19:33:56 ----RASH---- C:\boot.ini
2010-11-09 19:33:56 ----A---- C:\WINDOWS\system.ini
2010-11-09 19:26:35 ----D---- C:\WINDOWS\system32\config
2010-11-09 18:58:51 ----D---- C:\WINDOWS\system32\drivers
2010-11-09 18:32:01 ----D---- C:\WINDOWS\system32\LogFiles
2010-11-09 18:19:29 ----DC---- C:\WINDOWS\system32\dllcache
2010-11-05 16:34:58 ----D---- C:\WINDOWS\system32\RTCOM
2010-11-05 16:34:46 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-11-05 14:20:35 ----D---- C:\WINDOWS\Minidump
2010-11-05 13:14:59 ----SD---- C:\WINDOWS\Tasks
2010-11-05 13:02:05 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-03 16:34:40 ----D---- C:\WINDOWS\system32\CatRoot
2010-11-02 22:12:12 ----D---- C:\WINDOWS\security
2010-11-02 22:09:33 ----D---- C:\WINDOWS\ie8updates
2010-11-02 19:36:50 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2010-11-02 19:36:50 ----A---- C:\WINDOWS\SkyTel.exe
2010-11-02 19:36:38 ----A---- C:\WINDOWS\RtlUpd.exe
2010-11-02 19:36:26 ----A---- C:\WINDOWS\RTLCPL.EXE
2010-11-02 19:36:02 ----A---- C:\WINDOWS\RTHDCPL.EXE
2010-11-02 19:35:52 ----A---- C:\WINDOWS\MicCal.exe
2010-11-02 19:35:40 ----A---- C:\WINDOWS\ALCWZRD.EXE
2010-11-02 19:35:40 ----A---- C:\WINDOWS\ALCMTR.EXE
2010-11-02 18:08:29 ----D---- C:\Program Files\Winamp
2010-11-02 18:00:48 ----D---- C:\Program Files\Internet Explorer
2010-11-02 18:00:04 ----D---- C:\WINDOWS\Microsoft.NET
2010-11-02 17:58:43 ----D---- C:\WINDOWS\Help
2010-11-02 17:58:33 ----D---- C:\WINDOWS\system32\wbem
2010-10-30 17:00:06 ----A---- C:\WINDOWS\NeroDigital.ini
2010-10-29 20:42:47 ----D---- C:\Documents and Settings\Szimin\Dane aplikacji\Vso
2010-10-28 12:40:45 ----D---- C:\Program Files\Mozilla Firefox
2010-10-28 10:46:00 ----A---- C:\WINDOWS\RtlExUpd.dll
2010-10-26 13:41:07 ----D---- C:\Program Files\Realtek
2010-10-25 19:22:17 ----D---- C:\Program Files\NVIDIA Corporation
2010-10-24 21:57:05 ----D---- C:\Program Files\Kaspersky Lab
2010-10-24 21:54:58 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files
2010-10-22 17:54:40 ----A---- C:\WINDOWS\wincmd.ini
2010-10-22 17:53:29 ----A---- C:\WINDOWS\wcx_ftp.ini
2010-10-22 07:23:30 ----A---- C:\WINDOWS\system32\OpenCL.dll
2010-10-22 07:23:30 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2010-10-22 07:23:29 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2010-10-22 07:23:29 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2010-10-22 07:23:29 ----A---- C:\WINDOWS\system32\nvcuda.dll
2010-10-22 07:23:22 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2010-10-22 07:23:22 ----A---- C:\WINDOWS\system32\nvapi.dll
2010-10-22 07:23:22 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2010-10-19 21:18:34 ----D---- C:\Program Files\K-Lite Codec Pack
2010-10-17 14:40:35 ----D---- C:\Documents and Settings\Szimin\Dane aplikacji\Identities

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 DRVMCDB;DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [2006-06-12 89264]
R0 KL1;Kl1; C:\WINDOWS\system32\drivers\kl1.sys [2010-05-06 132184]
R0 ohci1394;Kontroler hosta IEEE 1394 VIA zgodny z OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-15 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-07-04 44944]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-04-24 691696]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2006-03-17 5660]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2006-03-17 22684]
R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-15 40448]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2010-10-24 477784]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-06-13 25724]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2006-06-13 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-06-13 86844]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-06-13 14716]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-06-13 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-06-13 88476]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-06-13 94460]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2006-03-17 40544]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2004-03-02 127065]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2007-03-15 38656]
R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-15 144384]
R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-15 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-11-02 6188648]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-09-14 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-11-02 19472]
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-15 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-10-22 9623680]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-05-14 47360]
R3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys []
S1 kl2;Kl2; \??\C:\WINDOWS\system32\drivers\kl2.sys []
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2004-03-02 50007]
S3 a0s0avj2;a0s0avj2; C:\WINDOWS\system32\drivers\a0s0avj2.sys []
S3 ac9pnjbj;ac9pnjbj; C:\WINDOWS\system32\drivers\ac9pnjbj.sys []
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-15 60800]
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-15 61824]
S3 RT73;D-Link USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\Dr71WU.sys [2005-11-03 245504]
S3 usb_rndisx;Karta USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-14 12800]
S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVP;Usługa Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-05-07 344736]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-15 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-10-16 156776]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-13 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-03-30 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Bezpieczeństwo rodzinne usługi Windows Live; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-15 14336]
S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-15 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------
[/log]

[log]OTL logfile created on: 2010-11-15 21:55:15 - Run 5
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Szimin\Pulpit
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 79,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 24,71 Gb Free Space | 50,60% Space Free | Partition Type: NTFS
Drive E: | 208,45 Gb Total Space | 42,26 Gb Free Space | 20,28% Space Free | Partition Type: NTFS
Drive F: | 208,48 Gb Total Space | 45,83 Gb Free Space | 21,98% Space Free | Partition Type: NTFS
Drive H: | 3,77 Gb Total Space | 3,15 Gb Free Space | 83,56% Space Free | Partition Type: FAT32

Computer Name: USER-2322F37874 | User Name: Szimin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-11-15 21:35:11 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Szimin\Pulpit\OTL.exe
PRC - [2010-11-02 19:36:02 | 019,580,520 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2010-10-28 12:40:28 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-10-16 11:05:52 | 000,156,776 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2010-09-15 03:50:54 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2010-05-07 11:39:36 | 000,344,736 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
PRC - [2010-05-07 11:37:14 | 000,129,720 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
PRC - [2009-03-30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009-03-30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-05-26 21:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2008-05-26 21:18:44 | 000,439,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\searchindexer.exe
PRC - [2008-04-15 13:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-15 13:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-15 13:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2008-04-15 13:00:00 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe
PRC - [2008-04-15 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-15 13:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2008-04-15 13:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-15 13:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-15 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-15 13:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 21:51:32 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2007-05-28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2007-03-12 13:51:26 | 000,663,552 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
PRC - [2007-03-06 18:20:00 | 000,536,576 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
PRC - [2007-03-02 15:48:00 | 000,098,304 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
PRC - [2007-01-29 20:12:14 | 000,030,248 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
PRC - [2006-11-13 15:57:16 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2006-11-13 15:57:06 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
PRC - [2006-06-13 05:20:00 | 000,127,036 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2004-08-28 19:27:04 | 000,295,424 | ---- | M] (http://autoconnect.prv.pl) -- C:\Program Files\AutoConnect\AutoConnect.exe
PRC - [2004-07-28 15:39:28 | 000,962,661 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-11-15 21:35:11 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Szimin\Pulpit\OTL.exe
MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010-08-16 09:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2010-07-27 07:30:33 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2010-07-16 13:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-27 05:58:02 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime
MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 11:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-04-15 13:00:00 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-15 13:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-15 13:00:00 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-15 13:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-15 13:00:00 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-15 13:00:00 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-15 13:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-15 13:00:00 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2008-04-15 13:00:00 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-15 13:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-15 13:00:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-15 13:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-15 13:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008-04-15 13:00:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-15 13:00:00 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-15 13:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-15 13:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-15 13:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010-05-07 11:39:36 | 000,344,736 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2010-03-30 14:18:43 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010-03-18 15:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010-03-18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-03-18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009-02-06 17:08:58 | 000,533,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2007-05-28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [File_System | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\NSDriver.sys -- (Ad-Watch Connect Filter)
DRV - [2010-11-09 13:19:16 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DrvAgent32.sys -- (DrvAgent32)
DRV - [2010-11-02 19:36:26 | 006,188,648 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010-10-24 21:56:49 | 000,477,784 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2010-10-22 07:23:22 | 009,623,680 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010-05-06 23:19:06 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2)
DRV - [2010-05-06 23:19:02 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (KL1)
DRV - [2010-04-24 14:06:40 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-11-18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009-11-18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009-11-02 19:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009-09-14 13:42:46 | 000,032,272 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2009-02-06 17:08:42 | 000,055,152 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008-04-15 13:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007-03-15 15:12:02 | 000,038,656 | ---- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001)
DRV - [2006-06-13 05:20:00 | 000,094,460 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006-06-13 05:20:00 | 000,088,476 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006-06-13 05:20:00 | 000,086,844 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006-06-13 05:20:00 | 000,025,724 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006-06-13 05:20:00 | 000,014,716 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006-06-13 05:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006-06-13 05:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2006-06-12 03:30:00 | 000,089,264 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2006-03-17 08:35:24 | 000,005,660 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006-03-17 08:34:46 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2006-03-17 05:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2005-11-03 20:39:02 | 000,245,504 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Dr71WU.sys -- (RT73)
DRV - [2004-10-15 11:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)
DRV - [2004-08-13 19:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004-03-02 08:26:58 | 000,050,007 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\adildr.sys -- (ADILOADER) General Purpose USB Driver (adildr.sys)
DRV - [2004-03-02 08:24:16 | 000,127,065 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\adiusbaw.sys -- (adiusbaw)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-823518204-1085031214-1801674531-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-823518204-1085031214-1801674531-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.google.pl"
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.7.0088
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.0.232
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}:5.0.17
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}:5.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.0.232

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-10-28 12:40:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-10-28 12:40:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\THBExt [2010-10-24 21:57:27 | 000,000,000 | ---D | M]

[2010-10-26 13:02:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\Mozilla\Extensions
[2010-10-26 13:02:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Szimin\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010-11-15 21:03:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\Mozilla\Firefox\Profiles\s00cxtmy.default\extensions
[2010-05-15 16:07:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Szimin\Dane aplikacji\Mozilla\Firefox\Profiles\s00cxtmy.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-11-15 21:03:10 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-01-27 17:28:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}
[2009-12-21 15:53:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}
[2010-10-11 13:18:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-10-12 20:57:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010-10-24 21:58:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
[2010-10-24 21:58:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010-09-15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-09-29 13:08:48 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2009-04-01 16:12:28 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll
[2010-01-25 20:15:51 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-01-25 20:15:51 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-01-25 20:15:51 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-01-25 20:15:51 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-01-25 20:15:51 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-01-25 20:15:51 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-11-11 21:07:45 | 000,424,694 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14658 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll File not found
O3 - HKU\S-1-5-21-823518204-1085031214-1801674531-1009\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKU\S-1-5-21-823518204-1085031214-1801674531-1009..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exe (http://autoconnect.prv.pl)
O4 - HKU\S-1-5-21-823518204-1085031214-1801674531-1009..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-823518204-1085031214-1801674531-1009..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-823518204-1085031214-1801674531-1009..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 189
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108855
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-823518204-1085031214-1801674531-1009\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-823518204-1085031214-1801674531-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-823518204-1085031214-1801674531-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O9 - Extra Button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Utwórz Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_17-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_22-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2008-10-03 20:54:11 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-11-15 21:46:53 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-11-15 21:46:54 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-11-15 21:46:54 | 000,000,000 | RHSD | M] - F:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010-11-15 20:38:20 | 000,000,033 | RHS- | M] () - H:\AutoRun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - Services: "aawservice"
MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 1
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-11-15 21:48:27 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010-11-15 21:48:26 | 000,000,000 | ---D | C] -- C:\rsit
[2010-11-15 21:46:53 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010-11-15 21:35:08 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Szimin\Pulpit\OTL.exe
[2010-11-12 17:42:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Szimin\Ustawienia lokalne\Dane aplikacji\Activision
[2010-11-12 13:07:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Szimin\Ustawienia lokalne\Dane aplikacji\Scansoft
[2010-11-11 21:22:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Szimin\Dane aplikacji\Foxit Software
[2010-11-11 20:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\Odkurzacz
[2010-11-11 20:28:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Szimin\Pulpit\Ygoow
[2010-11-10 15:51:21 | 000,000,000 | ---D | C] -- C:\Program Files\Softronics
[2010-11-09 19:07:35 | 000,000,000 | ---D | C] -- C:\Program Files\jv16 PowerTools 2010
[2010-11-09 18:59:04 | 000,025,992 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe
[2010-11-09 18:55:59 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Szimin\Recent
[2010-11-09 13:19:16 | 000,023,456 | ---- | C] (Phoenix Technologies) -- C:\WINDOWS\System32\drivers\DrvAgent32.sys
[2010-11-09 13:19:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Szimin\Ustawienia lokalne\Dane aplikacji\eSupport.com
[2010-11-05 11:34:24 | 000,020,328 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\System32\drivers\cpuz134_x32.sys
[2010-11-02 18:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Szimin\Dane aplikacji\Winamp
[2010-11-02 17:58:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2010-11-02 17:58:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2010-10-26 13:41:13 | 000,359,016 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2010-10-26 13:41:11 | 000,129,640 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe
[2010-10-26 13:41:07 | 001,691,480 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys
[2010-10-26 13:35:18 | 001,656,832 | ---- | C] (NoPremium.pl) -- C:\Documents and Settings\Szimin\Pulpit\nopremium.exe
[2010-10-26 13:01:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Szimin\Ustawienia lokalne\Dane aplikacji\Thunderbird
[2010-10-26 13:01:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Szimin\Dane aplikacji\Thunderbird
[2010-10-24 21:56:49 | 000,477,784 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010-10-15 21:10:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DSS
[2010-10-15 13:05:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Szimin\Dane aplikacji\QuickScan
[2010-10-11 12:43:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Szimin\Dane aplikacji\Dropbox
[2010-10-03 20:09:52 | 000,000,000 | ---D | C] -- C:\Program Files\KONAMI
[2010-09-30 16:07:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Szimin\Dane aplikacji\Leadertech
[2010-09-27 13:50:38 | 000,000,000 | ---D | C] -- C:\Program Files\WinSCP
[2010-09-22 12:53:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Szimin\Dane aplikacji\Fonts
[2010-09-22 09:51:56 | 000,000,000 | ---D | C] -- C:\Program Files\Yildun Scanner
[2010-05-14 11:41:57 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Szimin\Dane aplikacji\pcouffin.sys
[2008-10-27 09:38:54 | 000,095,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll
[2008-10-27 09:37:34 | 001,692,496 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll
[2008-10-27 09:36:58 | 000,526,160 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DXSETUP.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-11-15 21:47:46 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Szimin\Pulpit\RSIT.exe
[2010-11-15 21:45:49 | 000,132,597 | ---- | M] () -- C:\Documents and Settings\Szimin\Pulpit\Flash_Disinfector.exe
[2010-11-15 21:45:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1ca5c2380a3d7f4.job
[2010-11-15 21:35:11 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Szimin\Pulpit\OTL.exe
[2010-11-15 21:19:00 | 000,001,136 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1085031214-1801674531-1009UA.job
[2010-11-15 20:59:29 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ca5c23806a9f84.job
[2010-11-15 20:59:25 | 000,013,764 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-11-15 20:59:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-11-14 13:19:00 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1085031214-1801674531-1009Core.job
[2010-11-12 21:20:49 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\Szimin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-11-12 18:26:43 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Szimin\Dane aplikacji\winscp.rnd
[2010-11-12 18:24:38 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Szimin\Ustawienia lokalne\Dane aplikacji\PUTTY.RND
[2010-11-12 17:38:05 | 000,000,745 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Call of Duty - Black Ops.lnk
[2010-11-11 22:02:41 | 000,039,894 | ---- | M] () -- C:\Documents and Settings\Szimin\Moje dokumenty\NoPremium.pl.dotpayimg.bmp
[2010-11-11 21:07:45 | 000,424,694 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010-11-11 20:49:25 | 000,000,856 | ---- | M] () -- C:\Documents and Settings\Szimin\Pulpit\Szybkie Czyszczenie Dysku.lnk
[2010-11-11 20:49:25 | 000,000,760 | ---- | M] () -- C:\Documents and Settings\Szimin\Pulpit\Odkurzacz.lnk
[2010-11-11 19:09:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010-11-11 13:53:27 | 001,656,832 | ---- | M] (NoPremium.pl) -- C:\Documents and Settings\Szimin\Pulpit\nopremium.exe
[2010-11-10 16:04:46 | 000,142,311 | -H-- | M] () -- C:\Documents and Settings\Szimin\Moje dokumenty\PP11Thumbs.ptn
[2010-11-10 16:04:46 | 000,000,059 | -H-- | M] () -- C:\Documents and Settings\Szimin\Moje dokumenty\maxdesk.ini2
[2010-11-10 16:04:46 | 000,000,043 | -H-- | M] () -- C:\Documents and Settings\Szimin\Moje dokumenty\PP11Thumbs.ptn2
[2010-11-10 15:51:21 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mulimedia Logic.lnk
[2010-11-09 19:33:56 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010-11-09 19:07:47 | 000,000,022 | -HS- | M] () -- C:\Documents and Settings\Szimin\Dane aplikacji\Sys6925.Config Collection.sys
[2010-11-09 19:07:47 | 000,000,022 | -HS- | M] () -- C:\WINDOWS\Sys3390 SettingsCollection.bin
[2010-11-09 18:59:04 | 000,025,992 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe
[2010-11-09 13:19:16 | 000,023,456 | ---- | M] (Phoenix Technologies) -- C:\WINDOWS\System32\drivers\DrvAgent32.sys
[2010-11-05 13:16:51 | 000,002,311 | ---- | M] () -- C:\Documents and Settings\Szimin\Pulpit\Google Chrome.lnk
[2010-11-05 13:02:05 | 000,587,244 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2010-11-05 13:02:05 | 000,501,832 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-11-05 13:02:05 | 000,118,940 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2010-11-05 13:02:05 | 000,087,738 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-11-02 19:36:50 | 000,359,016 | ---- | M] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2010-11-02 19:36:04 | 000,129,640 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe
[2010-11-02 19:35:40 | 002,815,592 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
[2010-11-02 18:08:24 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk
[2010-10-30 17:00:06 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-10-29 20:43:05 | 000,001,747 | ---- | M] () -- C:\Documents and Settings\Szimin\Pulpit\ConvertXtoDVD 4.lnk
[2010-10-29 20:42:58 | 000,001,057 | ---- | M] () -- C:\Documents and Settings\Szimin\Dane aplikacji\vso_ts_preview.xml
[2010-10-25 19:22:34 | 000,240,592 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010-10-25 19:22:34 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010-10-25 19:22:30 | 000,240,592 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010-10-25 13:56:09 | 000,422,512 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101111-210745.backup
[2010-10-24 22:07:01 | 000,113,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010-10-24 22:07:00 | 000,097,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010-10-24 21:56:49 | 000,477,784 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010-10-22 17:54:40 | 000,003,644 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010-10-22 17:53:29 | 000,000,299 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2010-10-22 07:23:30 | 000,061,440 | ---- | M] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010-10-22 07:23:29 | 002,293,194 | ---- | M] () -- C:\WINDOWS\System32\nvdata.bin
[2010-10-22 07:23:29 | 000,003,739 | ---- | M] () -- C:\WINDOWS\System32\nvinfo.pb
[2010-10-17 14:53:08 | 000,000,334 | ---- | M] () -- C:\Documents and Settings\Szimin\Pulpit\Skrót do WSInf.lnk
[2010-10-17 14:46:53 | 000,000,606 | ---- | M] () -- C:\Documents and Settings\Szimin\Pulpit\WinSCP.lnk
[2010-10-17 14:38:02 | 000,406,310 | ---- | M] () -- C:\Documents and Settings\Szimin\Pulpit\FTPiEMAIL.pdf
[2010-10-14 14:17:18 | 002,285,568 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-10-13 13:43:57 | 000,421,702 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101025-145609.backup
[2010-10-07 22:38:42 | 000,420,902 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101013-144357.backup
[2010-10-02 12:43:39 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\Szimin\Pulpit\MoorHunt.lnk
[2010-10-01 21:46:13 | 000,419,868 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101007-233842.backup
[2010-09-30 16:06:39 | 000,001,926 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\FIFA 11.lnk
[2010-09-29 13:09:05 | 000,000,883 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Foxit Reader.lnk
[2010-09-27 12:36:30 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Szimin\PUTTY.RND
[2010-09-23 17:29:08 | 000,108,032 | ---- | M] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010-09-17 23:14:21 | 000,418,632 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101001-224613.backup
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-11-15 21:47:40 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Szimin\Pulpit\RSIT.exe
[2010-11-15 21:45:49 | 000,132,597 | ---- | C] () -- C:\Documents and Settings\Szimin\Pulpit\Flash_Disinfector.exe
[2010-11-12 17:38:05 | 000,000,745 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Call of Duty - Black Ops.lnk
[2010-11-11 20:49:25 | 000,000,856 | ---- | C] () -- C:\Documents and Settings\Szimin\Pulpit\Szybkie Czyszczenie Dysku.lnk
[2010-11-11 20:49:25 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Szimin\Pulpit\Odkurzacz.lnk
[2010-11-11 13:54:22 | 000,039,894 | ---- | C] () -- C:\Documents and Settings\Szimin\Moje dokumenty\NoPremium.pl.dotpayimg.bmp
[2010-11-10 15:59:50 | 000,000,059 | -H-- | C] () -- C:\Documents and Settings\Szimin\Moje dokumenty\maxdesk.ini2
[2010-11-10 15:57:42 | 000,000,043 | -H-- | C] () -- C:\Documents and Settings\Szimin\Moje dokumenty\PP11Thumbs.ptn2
[2010-11-10 15:56:35 | 000,142,311 | -H-- | C] () -- C:\Documents and Settings\Szimin\Moje dokumenty\PP11Thumbs.ptn
[2010-11-10 15:51:21 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mulimedia Logic.lnk
[2010-11-09 19:07:47 | 000,000,022 | -HS- | C] () -- C:\Documents and Settings\Szimin\Dane aplikacji\Sys6925.Config Collection.sys
[2010-11-09 19:07:47 | 000,000,022 | -HS- | C] () -- C:\WINDOWS\Sys3390 SettingsCollection.bin
[2010-11-05 13:16:51 | 000,002,311 | ---- | C] () -- C:\Documents and Settings\Szimin\Pulpit\Google Chrome.lnk
[2010-11-05 13:14:59 | 000,001,136 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1085031214-1801674531-1009UA.job
[2010-11-05 13:14:58 | 000,001,084 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1085031214-1801674531-1009Core.job
[2010-11-02 18:08:24 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk
[2010-10-24 21:58:01 | 000,113,933 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010-10-24 21:58:01 | 000,097,549 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010-10-17 14:53:08 | 000,000,334 | ---- | C] () -- C:\Documents and Settings\Szimin\Pulpit\Skrót do WSInf.lnk
[2010-10-17 14:46:53 | 000,000,606 | ---- | C] () -- C:\Documents and Settings\Szimin\Pulpit\WinSCP.lnk
[2010-10-17 14:38:12 | 000,406,310 | ---- | C] () -- C:\Documents and Settings\Szimin\Pulpit\FTPiEMAIL.pdf
[2010-09-30 16:06:39 | 000,001,926 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\FIFA 11.lnk
[2010-09-29 13:09:05 | 000,000,883 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Foxit Reader.lnk
[2010-09-27 12:38:15 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Szimin\Dane aplikacji\winscp.rnd
[2010-09-24 14:54:58 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Szimin\PUTTY.RND
[2010-09-21 20:29:28 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Szimin\Ustawienia lokalne\Dane aplikacji\PUTTY.RND
[2010-07-17 01:12:57 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-07-17 01:12:57 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010-07-17 01:12:56 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-06-18 08:01:19 | 000,000,288 | ---- | C] () -- C:\WINDOWS\d.ini
[2010-06-01 12:55:55 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010-05-14 11:43:56 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\Szimin\Dane aplikacji\vso_ts_preview.xml
[2010-05-14 11:41:57 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Szimin\Dane aplikacji\inst.exe
[2010-05-14 11:41:57 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Szimin\Dane aplikacji\pcouffin.cat
[2010-05-14 11:41:57 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Szimin\Dane aplikacji\pcouffin.inf
[2010-04-18 19:45:59 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-04-03 19:44:39 | 000,077,824 | ---- | C] () -- C:\Documents and Settings\Szimin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-04-02 23:26:41 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Szimin\Dane aplikacji\$_hpcst$.hpc
[2010-04-02 17:17:34 | 000,179,091 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2010-03-21 21:55:29 | 000,001,965 | ---- | C] () -- C:\Program Files\mbMojoppro.log
[2010-03-21 21:16:05 | 000,002,070 | ---- | C] () -- C:\Program Files\mbccppro.log
[2010-03-21 19:39:45 | 000,022,689 | ---- | C] () -- C:\Program Files\mblooks3ppro.log
[2010-03-09 18:10:49 | 000,000,179 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009-07-01 20:27:45 | 000,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini
[2009-07-01 20:27:45 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini
[2009-07-01 20:27:38 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll
[2009-07-01 20:27:38 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll
[2009-07-01 20:27:01 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\adinst32.dll
[2008-12-22 23:33:46 | 000,000,998 | ---- | C] () -- C:\WINDOWS\adiras.ini
[2008-10-27 10:40:15 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008-10-27 09:38:20 | 013,265,184 | ---- | C] () -- C:\Program Files\dxnt.cab
[2008-10-27 09:38:20 | 004,163,646 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86_Archive.cab
[2008-10-27 09:38:20 | 001,907,944 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x64.cab
[2008-10-27 09:38:20 | 001,803,074 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x64.cab
[2008-10-27 09:38:18 | 001,801,176 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x64.cab
[2008-10-27 09:38:18 | 001,795,100 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x64.cab
[2008-10-27 09:38:18 | 001,793,624 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x64.cab
[2008-10-27 09:38:18 | 001,770,878 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x64.cab
[2008-10-27 09:38:18 | 001,710,376 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x86.cab
[2008-10-27 09:38:18 | 001,709,168 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x86.cab
[2008-10-27 09:38:18 | 001,608,374 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x64.cab
[2008-10-27 09:38:16 | 001,608,790 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x64.cab
[2008-10-27 09:38:16 | 001,608,302 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x86.cab
[2008-10-27 09:38:16 | 001,607,055 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x86.cab
[2008-10-27 09:38:16 | 001,575,392 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x86.cab
[2008-10-27 09:38:16 | 001,572,170 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x64.cab
[2008-10-27 09:38:14 | 001,551,228 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x86.cab
[2008-10-27 09:38:14 | 001,465,688 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x86.cab
[2008-10-27 09:38:14 | 001,464,894 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x86.cab
[2008-10-27 09:38:14 | 001,413,918 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x64.cab
[2008-10-27 09:38:14 | 001,363,812 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x64.cab
[2008-10-27 09:38:14 | 001,358,992 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab
[2008-10-27 09:38:12 | 001,444,298 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x86.cab
[2008-10-27 09:38:12 | 001,398,846 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x64.cab
[2008-10-27 09:38:12 | 001,351,558 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab
[2008-10-27 09:38:10 | 001,348,370 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab
[2008-10-27 09:38:10 | 001,337,018 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab
[2008-10-27 09:38:10 | 001,248,515 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab
[2008-10-27 09:38:10 | 001,156,507 | ---- | C] () -- C:\Program Files\BDANT.cab
[2008-10-27 09:38:10 | 001,128,233 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x86.cab
[2008-10-27 09:38:10 | 001,116,237 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x86.cab
[2008-10-27 09:38:10 | 001,080,472 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab
[2008-10-27 09:38:08 | 001,085,736 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x86.cab
[2008-10-27 09:38:08 | 001,079,978 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab
[2008-10-27 09:38:08 | 001,078,660 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab
[2008-10-27 09:38:08 | 001,065,941 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab
[2008-10-27 09:38:08 | 001,014,241 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab
[2008-10-27 09:38:08 | 000,995,154 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x64.cab
[2008-10-27 09:38:08 | 000,122,810 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x64.cab
[2008-10-27 09:38:08 | 000,097,833 | ---- | C] () -- C:\Program Files\APR2007_xinput_x64.cab
[2008-10-27 09:38:08 | 000,094,750 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x86.cab
[2008-10-27 09:38:04 | 000,976,164 | ---- | C] () -- C:\Program Files\BDAXP.cab
[2008-10-27 09:38:04 | 000,966,445 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x86.cab
[2008-10-27 09:38:04 | 000,917,446 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86.cab
[2008-10-27 09:38:04 | 000,868,844 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x64.cab
[2008-10-27 09:38:04 | 000,868,628 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x64.cab
[2008-10-27 09:38:04 | 000,865,616 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x64.cab
[2008-10-27 09:38:04 | 000,853,302 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x64.cab
[2008-10-27 09:38:04 | 000,850,935 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x86.cab
[2008-10-27 09:38:04 | 000,096,053 | ---- | C] () -- C:\Program Files\dxupdate.cab
[2008-10-27 09:38:04 | 000,094,144 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x86.cab
[2008-10-27 09:38:04 | 000,055,538 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x64.cab
[2008-10-27 09:38:04 | 000,045,464 | ---- | C] () -- C:\Program Files\dxdllreg_x86.cab
[2008-10-27 09:38:02 | 000,850,183 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x86.cab
[2008-10-27 09:38:02 | 000,845,900 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x64.cab
[2008-10-27 09:38:02 | 000,819,276 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x86.cab
[2008-10-27 09:38:02 | 000,094,028 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x86.cab
[2008-10-27 09:38:02 | 000,093,700 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x86.cab
[2008-10-27 09:38:02 | 000,088,158 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x64.cab
[2008-10-27 09:38:02 | 000,088,117 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x64.cab
[2008-10-27 09:38:02 | 000,087,053 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x64.cab
[2008-10-27 09:38:02 | 000,056,170 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x64.cab
[2008-10-27 09:38:02 | 000,056,074 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x64.cab
[2008-10-27 09:38:02 | 000,054,318 | ---- | C] () -- C:\Program Files\APR2007_xinput_x86.cab
[2008-10-27 09:38:02 | 000,047,160 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x64.cab
[2008-10-27 09:38:02 | 000,047,074 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x86.cab
[2008-10-27 09:38:02 | 000,046,375 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x86.cab
[2008-10-27 09:38:02 | 000,022,921 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x86.cab
[2008-10-27 09:38:02 | 000,022,867 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x86.cab
[2008-10-27 09:38:02 | 000,019,512 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x86.cab
[2008-10-27 09:38:00 | 000,804,900 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x86.cab
[2008-10-27 09:38:00 | 000,797,883 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x86.cab
[2008-10-27 09:38:00 | 000,700,060 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x64.cab
[2008-10-27 09:38:00 | 000,699,628 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x64.cab
[2008-10-27 09:38:00 | 000,047,026 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x86.cab
[2008-10-27 09:38:00 | 000,022,883 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x86.cab
[2008-10-27 09:37:58 | 000,699,488 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x86.cab
[2008-10-27 09:37:58 | 000,696,881 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x86.cab
[2008-10-27 09:37:58 | 000,272,384 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x64.cab
[2008-10-27 09:37:58 | 000,270,858 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x86.cab
[2008-10-27 09:37:58 | 000,270,644 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x64.cab
[2008-10-27 09:37:54 | 000,274,976 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x64.cab
[2008-10-27 09:37:54 | 000,273,627 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x86.cab
[2008-10-27 09:37:52 | 000,270,040 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x86.cab
[2008-10-27 09:37:52 | 000,252,210 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x64.cab
[2008-10-27 09:37:52 | 000,227,266 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x86.cab
[2008-10-27 09:37:52 | 000,199,112 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x64.cab
[2008-10-27 09:37:50 | 000,213,823 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x64.cab
[2008-10-27 09:37:50 | 000,198,138 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x64.cab
[2008-10-27 09:37:50 | 000,193,491 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x64.cab
[2008-10-27 09:37:48 | 000,197,778 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x64.cab
[2008-10-27 09:37:48 | 000,196,782 | ---- | C] () -- C:\Program Files\APR2007_XACT_x64.cab
[2008-10-27 09:37:48 | 000,195,691 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x64.cab
[2008-10-27 09:37:48 | 000,192,736 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x86.cab
[2008-10-27 09:37:48 | 000,183,919 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x64.cab
[2008-10-27 09:37:48 | 000,183,377 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x64.cab
[2008-10-27 09:37:46 | 000,181,801 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x64.cab
[2008-10-27 09:37:46 | 000,180,149 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x64.cab
[2008-10-27 09:37:46 | 000,179,375 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x64.cab
[2008-10-27 09:37:46 | 000,154,028 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x86.cab
[2008-10-27 09:37:44 | 000,153,925 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x86.cab
[2008-10-27 09:37:44 | 000,152,241 | ---- | C] () -- C:\Program Files\APR2007_XACT_x86.cab
[2008-10-27 09:37:42 | 000,149,280 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x86.cab
[2008-10-27 09:37:42 | 000,148,999 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x86.cab
[2008-10-27 09:37:42 | 000,146,615 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x86.cab
[2008-10-27 09:37:42 | 000,139,033 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x86.cab
[2008-10-27 09:37:42 | 000,138,251 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x86.cab
[2008-10-27 09:37:40 | 000,134,687 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x86.cab
[2008-10-27 09:37:40 | 000,133,425 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x86.cab
[2008-10-27 09:37:40 | 000,123,352 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x64.cab
[2008-10-27 09:37:40 | 000,122,840 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x64.cab
[2008-10-27 09:37:40 | 000,122,070 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x64.cab
[2008-10-27 09:37:38 | 000,134,119 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x86.cab
[2008-10-06 22:36:07 | 000,000,299 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2008-10-06 22:31:33 | 000,003,644 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008-10-05 19:19:16 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008-10-05 18:35:07 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008-10-05 14:30:47 | 000,000,404 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2008-10-05 14:30:47 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2008-10-05 14:25:15 | 000,031,567 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2008-10-04 20:45:34 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008-10-03 22:39:09 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008-10-03 21:54:41 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2008-10-03 21:04:05 | 000,014,383 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2008-10-03 21:03:56 | 000,014,139 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008-10-03 21:03:54 | 000,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008-10-03 21:03:43 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008-09-17 08:55:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008-05-26 21:22:36 | 000,016,222 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008-05-26 21:22:34 | 000,021,728 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008-05-26 21:22:32 | 000,016,164 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008-02-08 17:13:44 | 000,319,488 | ---- | C] () -- C:\WINDOWS\System32\LS3Renderer.dll
[2008-02-08 17:03:43 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\RegisterDialog.dll
[1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

[color=#E56717]========== LOP Check ==========[/color]

[2008-10-06 21:49:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Azureus
[2009-11-03 12:15:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-11-09 19:57:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DSS
[2010-02-22 23:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2009-12-30 19:21:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2008-10-05 14:25:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ScanSoft
[2010-03-23 19:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony
[2008-12-30 23:08:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\vsosdk
[2009-10-15 12:27:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gość\Dane aplikacji\Windows Desktop Search
[2010-04-30 16:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\DAEMON Tools Lite
[2010-10-11 18:00:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\Dropbox
[2010-09-22 12:53:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\Fonts
[2010-11-11 21:22:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\Foxit Software
[2010-07-24 13:20:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\Gadu-Gadu 10
[2010-09-30 16:07:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\Leadertech
[2010-10-15 13:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\QuickScan
[2010-05-23 20:57:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\ScanSoft
[2010-04-02 22:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\Sony
[2010-10-26 13:01:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\Thunderbird
[2010-10-29 20:42:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\Vso
[2010-04-02 22:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\Windows Desktop Search
[2010-06-01 13:47:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\Windows Search

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009-09-11 22:40:20 | 000,050,620 | ---- | M] () -- C:\aaw7boot.log
[2009-11-29 23:02:50 | 000,406,901 | ---- | M] () -- C:\AnalysisLog.sr0
[2010-06-02 04:21:16 | 001,347,354 | ---- | M] () -- C:\Apr2005_d3dx9_25_x64.cab
[2010-06-02 04:21:16 | 001,078,962 | ---- | M] () -- C:\Apr2005_d3dx9_25_x86.cab
[2010-06-02 04:21:16 | 001,397,830 | ---- | M] () -- C:\Apr2006_d3dx9_30_x64.cab
[2010-06-02 04:21:16 | 001,115,221 | ---- | M] () -- C:\Apr2006_d3dx9_30_x86.cab
[2010-06-02 04:21:18 | 000,916,430 | ---- | M] () -- C:\Apr2006_MDX1_x86.cab
[2010-06-02 04:21:18 | 004,162,630 | ---- | M] () -- C:\Apr2006_MDX1_x86_Archive.cab
[2010-06-02 04:21:18 | 000,179,133 | ---- | M] () -- C:\Apr2006_XACT_x64.cab
[2010-06-02 04:21:18 | 000,133,103 | ---- | M] () -- C:\Apr2006_XACT_x86.cab
[2010-06-02 04:21:20 | 000,087,101 | ---- | M] () -- C:\Apr2006_xinput_x64.cab
[2010-06-02 04:21:34 | 000,046,010 | ---- | M] () -- C:\Apr2006_xinput_x86.cab
[2010-06-02 04:21:36 | 000,698,612 | ---- | M] () -- C:\APR2007_d3dx10_33_x64.cab
[2010-06-02 04:21:36 | 000,695,865 | ---- | M] () -- C:\APR2007_d3dx10_33_x86.cab
[2010-06-02 04:21:36 | 001,607,358 | ---- | M] () -- C:\APR2007_d3dx9_33_x64.cab
[2010-06-02 04:21:38 | 001,606,039 | ---- | M] () -- C:\APR2007_d3dx9_33_x86.cab
[2010-06-02 04:21:38 | 000,195,766 | ---- | M] () -- C:\APR2007_XACT_x64.cab
[2010-06-02 04:21:38 | 000,151,225 | ---- | M] () -- C:\APR2007_XACT_x86.cab
[2010-06-02 04:21:38 | 000,096,817 | ---- | M] () -- C:\APR2007_xinput_x64.cab
[2010-06-02 04:21:40 | 000,053,302 | ---- | M] () -- C:\APR2007_xinput_x86.cab
[2009-12-24 23:41:59 | 000,030,052 | ---- | M] () -- C:\ASLog.txt
[2010-06-02 04:21:40 | 001,350,542 | ---- | M] () -- C:\Aug2005_d3dx9_27_x64.cab
[2010-06-02 04:21:40 | 001,077,644 | ---- | M] () -- C:\Aug2005_d3dx9_27_x86.cab
[2010-06-02 04:21:40 | 000,182,903 | ---- | M] () -- C:\AUG2006_XACT_x64.cab
[2010-06-02 04:21:40 | 000,137,235 | ---- | M] () -- C:\AUG2006_XACT_x86.cab
[2010-06-02 04:21:40 | 000,087,142 | ---- | M] () -- C:\AUG2006_xinput_x64.cab
[2010-06-02 04:21:40 | 000,046,058 | ---- | M] () -- C:\AUG2006_xinput_x86.cab
[2010-06-02 04:21:42 | 000,852,286 | ---- | M] () -- C:\AUG2007_d3dx10_35_x64.cab
[2010-06-02 04:21:42 | 000,796,867 | ---- | M] () -- C:\AUG2007_d3dx10_35_x86.cab
[2010-06-02 04:21:42 | 001,800,160 | ---- | M] () -- C:\AUG2007_d3dx9_35_x64.cab
[2010-06-02 04:21:42 | 001,708,152 | ---- | M] () -- C:\AUG2007_d3dx9_35_x86.cab
[2010-06-02 04:21:44 | 000,198,096 | ---- | M] () -- C:\AUG2007_XACT_x64.cab
[2010-06-02 04:21:44 | 000,153,012 | ---- | M] () -- C:\AUG2007_XACT_x86.cab
[2010-06-02 04:21:42 | 000,867,612 | ---- | M] () -- C:\Aug2008_d3dx10_39_x64.cab
[2010-06-02 04:21:44 | 000,849,167 | ---- | M] () -- C:\Aug2008_d3dx10_39_x86.cab
[2010-06-02 04:21:44 | 001,794,084 | ---- | M] () -- C:\Aug2008_d3dx9_39_x64.cab
[2010-06-02 04:21:44 | 001,464,672 | ---- | M] () -- C:\Aug2008_d3dx9_39_x86.cab
[2010-06-02 04:21:44 | 000,121,772 | ---- | M] () -- C:\Aug2008_XACT_x64.cab
[2010-06-02 04:21:44 | 000,092,996 | ---- | M] () -- C:\Aug2008_XACT_x86.cab
[2010-06-02 04:21:46 | 000,271,412 | ---- | M] () -- C:\Aug2008_XAudio_x64.cab
[2010-06-02 04:21:46 | 000,271,038 | ---- | M] () -- C:\Aug2008_XAudio_x86.cab
[2010-06-02 04:21:46 | 000,919,044 | ---- | M] () -- C:\Aug2009_D3DCompiler_42_x64.cab
[2010-06-02 04:21:56 | 000,900,598 | ---- | M] () -- C:\Aug2009_D3DCompiler_42_x86.cab
[2010-06-02 04:21:56 | 003,112,111 | ---- | M] () -- C:\Aug2009_d3dcsx_42_x64.cab
[2010-06-02 04:21:56 | 003,319,740 | ---- | M] () -- C:\Aug2009_d3dcsx_42_x86.cab
[2010-06-02 04:21:58 | 000,232,635 | ---- | M] () -- C:\Aug2009_d3dx10_42_x64.cab
[2010-06-02 04:21:58 | 000,192,131 | ---- | M] () -- C:\Aug2009_d3dx10_42_x86.cab
[2010-06-02 04:21:58 | 000,136,301 | ---- | M] () -- C:\Aug2009_d3dx11_42_x64.cab
[2010-06-02 04:21:58 | 000,105,044 | ---- | M] () -- C:\Aug2009_d3dx11_42_x86.cab
[2010-06-02 04:21:58 | 000,930,116 | ---- | M] () -- C:\Aug2009_d3dx9_42_x64.cab
[2010-06-02 04:21:58 | 000,728,456 | ---- | M] () -- C:\Aug2009_d3dx9_42_x86.cab
[2010-06-02 04:22:00 | 000,122,408 | ---- | M] () -- C:\Aug2009_XACT_x64.cab
[2010-06-02 04:22:00 | 000,093,106 | ---- | M] () -- C:\Aug2009_XACT_x86.cab
[2010-06-02 04:22:00 | 000,273,264 | ---- | M] () -- C:\Aug2009_XAudio_x64.cab
[2010-06-02 04:22:00 | 000,272,642 | ---- | M] () -- C:\Aug2009_XAudio_x86.cab
[2008-10-03 20:54:11 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-02-04 10:21:32 | 001,155,491 | ---- | M] () -- C:\BDANT.cab
[2010-02-04 10:21:32 | 000,975,148 | ---- | M] () -- C:\BDAXP.cab
[2009-03-12 17:30:01 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010-11-09 19:33:56 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2008-04-15 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2004-08-03 23:00:14 | 000,262,400 | ---- | M] () -- C:\cmldr
[2010-03-18 23:15:40 | 000,151,716 | ---- | M] () -- C:\ComboFix.txt
[2008-10-03 20:54:11 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-06-02 04:22:00 | 001,357,976 | ---- | M] () -- C:\Dec2005_d3dx9_28_x64.cab
[2010-06-02 04:22:00 | 001,079,456 | ---- | M] () -- C:\Dec2005_d3dx9_28_x86.cab
[2010-06-02 04:22:00 | 000,212,807 | ---- | M] () -- C:\DEC2006_d3dx10_00_x64.cab
[2010-06-02 04:22:00 | 000,191,720 | ---- | M] () -- C:\DEC2006_d3dx10_00_x86.cab
[2010-06-02 04:22:00 | 001,571,154 | ---- | M] () -- C:\DEC2006_d3dx9_32_x64.cab
[2010-06-02 04:22:02 | 001,574,376 | ---- | M] () -- C:\DEC2006_d3dx9_32_x86.cab
[2010-06-02 04:22:02 | 000,192,475 | ---- | M] () -- C:\DEC2006_XACT_x64.cab
[2010-06-02 04:22:02 | 000,145,599 | ---- | M] () -- C:\DEC2006_XACT_x86.cab
[2010-06-02 04:22:02 | 000,089,944 | ---- | M] (Microsoft Corporation) -- C:\DSETUP.dll
[2010-06-02 04:22:02 | 001,801,048 | ---- | M] () -- C:\dsetup32.dll
[2010-06-02 04:22:02 | 000,042,410 | ---- | M] () -- C:\dxdllreg_x86.cab
[2010-02-04 10:21:34 | 013,264,168 | ---- | M] () -- C:\dxnt.cab
[2010-06-02 04:22:02 | 000,537,432 | ---- | M] () -- C:\DXSETUP.exe
[2010-06-02 04:22:02 | 000,094,011 | ---- | M] () -- C:\dxupdate.cab
[2010-06-02 04:22:02 | 001,247,499 | ---- | M] () -- C:\Feb2005_d3dx9_24_x64.cab
[2010-06-02 04:22:02 | 001,013,225 | ---- | M] () -- C:\Feb2005_d3dx9_24_x86.cab
[2010-06-02 04:22:02 | 001,362,796 | ---- | M] () -- C:\Feb2006_d3dx9_29_x64.cab
[2010-06-02 04:22:04 | 001,084,720 | ---- | M] () -- C:\Feb2006_d3dx9_29_x86.cab
[2010-06-02 04:22:10 | 000,178,359 | ---- | M] () -- C:\Feb2006_XACT_x64.cab
[2010-06-02 04:22:10 | 000,132,409 | ---- | M] () -- C:\Feb2006_XACT_x86.cab
[2010-06-02 04:22:12 | 000,194,675 | ---- | M] () -- C:\FEB2007_XACT_x64.cab
[2010-06-02 04:22:12 | 000,147,983 | ---- | M] () -- C:\FEB2007_XACT_x86.cab
[2010-06-02 04:22:12 | 000,054,678 | ---- | M] () -- C:\Feb2010_X3DAudio_x64.cab
[2010-06-02 04:22:12 | 000,020,713 | ---- | M] () -- C:\Feb2010_X3DAudio_x86.cab
[2010-06-02 04:22:14 | 000,122,446 | ---- | M] () -- C:\Feb2010_XACT_x64.cab
[2010-06-02 04:22:14 | 000,093,180 | ---- | M] () -- C:\Feb2010_XACT_x86.cab
[2010-06-02 04:22:14 | 000,276,960 | ---- | M] () -- C:\Feb2010_XAudio_x64.cab
[2010-06-02 04:22:14 | 000,277,191 | ---- | M] () -- C:\Feb2010_XAudio_x86.cab
[2008-10-03 20:54:11 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-06-02 04:22:14 | 001,336,002 | ---- | M] () -- C:\Jun2005_d3dx9_26_x64.cab
[2010-06-02 04:22:16 | 001,064,925 | ---- | M] () -- C:\Jun2005_d3dx9_26_x86.cab
[2010-06-02 04:22:16 | 000,180,785 | ---- | M] () -- C:\JUN2006_XACT_x64.cab
[2010-06-02 04:22:16 | 000,133,671 | ---- | M] () -- C:\JUN2006_XACT_x86.cab
[2010-06-02 04:22:16 | 000,699,044 | ---- | M] () -- C:\JUN2007_d3dx10_34_x64.cab
[2010-06-02 04:22:16 | 000,698,472 | ---- | M] () -- C:\JUN2007_d3dx10_34_x86.cab
[2010-06-02 04:22:16 | 001,607,774 | ---- | M] () -- C:\JUN2007_d3dx9_34_x64.cab
[2010-06-02 04:22:16 | 001,607,286 | ---- | M] () -- C:\JUN2007_d3dx9_34_x86.cab
[2010-06-02 04:22:16 | 000,197,122 | ---- | M] () -- C:\JUN2007_XACT_x64.cab
[2010-06-02 04:22:18 | 000,152,909 | ---- | M] () -- C:\JUN2007_XACT_x86.cab
[2010-06-02 04:22:18 | 000,867,828 | ---- | M] () -- C:\JUN2008_d3dx10_38_x64.cab
[2010-06-02 04:22:18 | 000,849,919 | ---- | M] () -- C:\JUN2008_d3dx10_38_x86.cab
[2010-06-02 04:22:18 | 001,792,608 | ---- | M] () -- C:\JUN2008_d3dx9_38_x64.cab
[2010-06-02 04:22:18 | 001,463,878 | ---- | M] () -- C:\JUN2008_d3dx9_38_x86.cab
[2010-06-02 04:22:18 | 000,055,154 | ---- | M] () -- C:\JUN2008_X3DAudio_x64.cab
[2010-06-02 04:22:18 | 000,021,905 | ---- | M] () -- C:\JUN2008_X3DAudio_x86.cab
[2010-06-02 04:22:18 | 000,121,054 | ---- | M] () -- C:\JUN2008_XACT_x64.cab
[2010-06-02 04:22:18 | 000,093,128 | ---- | M] () -- C:\JUN2008_XACT_x86.cab
[2010-06-02 04:22:18 | 000,269,628 | ---- | M] () -- C:\JUN2008_XAudio_x64.cab
[2010-06-02 04:22:20 | 000,269,024 | ---- | M] () -- C:\JUN2008_XAudio_x86.cab
[2010-06-02 04:22:28 | 000,944,460 | ---- | M] () -- C:\Jun2010_D3DCompiler_43_x64.cab
[2010-06-02 04:22:28 | 000,931,471 | ---- | M] () -- C:\Jun2010_D3DCompiler_43_x86.cab
[2010-06-02 04:22:28 | 000,752,783 | ---- | M] () -- C:\Jun2010_d3dcsx_43_x64.cab
[2010-06-02 04:22:30 | 000,762,188 | ---- | M] () -- C:\Jun2010_d3dcsx_43_x86.cab
[2010-06-02 04:22:30 | 000,235,955 | ---- | M] () -- C:\Jun2010_d3dx10_43_x64.cab
[2010-06-02 04:22:30 | 000,197,283 | ---- | M] () -- C:\Jun2010_d3dx10_43_x86.cab
[2010-06-02 04:22:30 | 000,138,205 | ---- | M] () -- C:\Jun2010_d3dx11_43_x64.cab
[2010-06-02 04:22:30 | 000,109,445 | ---- | M] () -- C:\Jun2010_d3dx11_43_x86.cab
[2010-06-02 04:22:32 | 000,937,246 | ---- | M] () -- C:\Jun2010_d3dx9_43_x64.cab
[2010-06-02 04:22:32 | 000,768,036 | ---- | M] () -- C:\Jun2010_d3dx9_43_x86.cab
[2010-06-02 04:22:32 | 000,124,596 | ---- | M] () -- C:\Jun2010_XACT_x64.cab
[2010-06-02 04:22:32 | 000,093,686 | ---- | M] () -- C:\Jun2010_XACT_x86.cab
[2010-06-02 04:22:32 | 000,277,338 | ---- | M] () -- C:\Jun2010_XAudio_x64.cab
[2010-06-02 04:22:32 | 000,278,060 | ---- | M] () -- C:\Jun2010_XAudio_x86.cab
[2010-06-02 04:22:32 | 000,844,884 | ---- | M] () -- C:\Mar2008_d3dx10_37_x64.cab
[2010-06-02 04:22:34 | 000,818,260 | ---- | M] () -- C:\Mar2008_d3dx10_37_x86.cab
[2010-06-02 04:22:34 | 001,769,862 | ---- | M] () -- C:\Mar2008_d3dx9_37_x64.cab
[2010-06-02 04:22:34 | 001,443,282 | ---- | M] () -- C:\Mar2008_d3dx9_37_x86.cab
[2010-06-02 04:22:34 | 000,055,058 | ---- | M] () -- C:\Mar2008_X3DAudio_x64.cab
[2010-06-02 04:22:34 | 000,021,867 | ---- | M] () -- C:\Mar2008_X3DAudio_x86.cab
[2010-06-02 04:22:36 | 000,122,336 | ---- | M] () -- C:\Mar2008_XACT_x64.cab
[2010-06-02 04:22:36 | 000,093,734 | ---- | M] () -- C:\Mar2008_XACT_x86.cab
[2010-06-02 04:22:36 | 000,251,194 | ---- | M] () -- C:\Mar2008_XAudio_x64.cab
[2010-06-02 04:22:36 | 000,226,250 | ---- | M] () -- C:\Mar2008_XAudio_x86.cab
[2010-06-02 04:22:36 | 001,067,160 | ---- | M] () -- C:\Mar2009_d3dx10_41_x64.cab
[2010-06-02 04:22:36 | 001,040,745 | ---- | M] () -- C:\Mar2009_d3dx10_41_x86.cab
[2010-06-02 04:22:36 | 001,973,702 | ---- | M] () -- C:\Mar2009_d3dx9_41_x64.cab
[2010-06-02 04:22:36 | 001,612,446 | ---- | M] () -- C:\Mar2009_d3dx9_41_x86.cab
[2010-06-02 04:22:38 | 000,054,600 | ---- | M] () -- C:\Mar2009_X3DAudio_x64.cab
[2010-06-02 04:22:38 | 000,021,298 | ---- | M] () -- C:\Mar2009_X3DAudio_x86.cab
[2010-06-02 04:22:46 | 000,121,506 | ---- | M] () -- C:\Mar2009_XACT_x64.cab
[2010-06-02 04:22:46 | 000,092,740 | ---- | M] () -- C:\Mar2009_XACT_x86.cab
[2010-06-02 04:22:46 | 000,275,044 | ---- | M] () -- C:\Mar2009_XAudio_x64.cab
[2010-06-02 04:22:48 | 000,273,018 | ---- | M] () -- C:\Mar2009_XAudio_x86.cab
[2008-10-03 20:54:11 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010-06-02 04:22:48 | 000,864,600 | ---- | M] () -- C:\Nov2007_d3dx10_36_x64.cab
[2010-06-02 04:22:48 | 000,803,884 | ---- | M] () -- C:\Nov2007_d3dx10_36_x86.cab
[2010-06-02 04:22:48 | 001,802,058 | ---- | M] () -- C:\Nov2007_d3dx9_36_x64.cab
[2010-06-02 04:22:48 | 001,709,360 | ---- | M] () -- C:\Nov2007_d3dx9_36_x86.cab
[2010-06-02 04:22:50 | 000,046,144 | ---- | M] () -- C:\NOV2007_X3DAudio_x64.cab
[2010-06-02 04:22:50 | 000,018,496 | ---- | M] () -- C:\NOV2007_X3DAudio_x86.cab
[2010-06-02 04:22:50 | 000,196,762 | ---- | M] () -- C:\NOV2007_XACT_x64.cab
[2010-06-02 04:22:50 | 000,148,264 | ---- | M] () -- C:\NOV2007_XACT_x86.cab
[2010-06-02 04:22:50 | 000,994,154 | ---- | M] () -- C:\Nov2008_d3dx10_40_x64.cab
[2010-06-02 04:22:52 | 000,965,421 | ---- | M] () -- C:\Nov2008_d3dx10_40_x86.cab
[2010-06-02 04:22:52 | 001,906,878 | ---- | M] () -- C:\Nov2008_d3dx9_40_x64.cab
[2010-06-02 04:22:52 | 001,550,796 | ---- | M] () -- C:\Nov2008_d3dx9_40_x86.cab
[2010-06-02 04:22:52 | 000,054,522 | ---- | M] () -- C:\Nov2008_X3DAudio_x64.cab
[2010-06-02 04:22:52 | 000,021,851 | ---- | M] () -- C:\Nov2008_X3DAudio_x86.cab
[2010-06-02 04:22:52 | 000,121,794 | ---- | M] () -- C:\Nov2008_XACT_x64.cab
[2010-06-02 04:22:52 | 000,092,684 | ---- | M] () -- C:\Nov2008_XACT_x86.cab
[2010-06-02 04:22:54 | 000,273,960 | ---- | M] () -- C:\Nov2008_XAudio_x64.cab
[2010-06-02 04:22:54 | 000,272,611 | ---- | M] () -- C:\Nov2008_XAudio_x86.cab
[2008-04-15 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-04-15 13:00:00 | 000,251,152 | RHS- | M] () -- C:\ntldr
[2010-06-02 04:22:54 | 000,086,037 | ---- | M] () -- C:\Oct2005_xinput_x64.cab
[2010-06-02 04:22:54 | 000,045,359 | ---- | M] () -- C:\Oct2005_xinput_x86.cab
[2010-06-02 04:22:54 | 001,412,902 | ---- | M] () -- C:\OCT2006_d3dx9_31_x64.cab
[2010-06-02 04:22:54 | 001,127,217 | ---- | M] () -- C:\OCT2006_d3dx9_31_x86.cab
[2010-06-02 04:22:54 | 000,182,361 | ---- | M] () -- C:\OCT2006_XACT_x64.cab
[2010-06-02 04:22:54 | 000,138,017 | ---- | M] () -- C:\OCT2006_XACT_x86.cab
[2010-11-15 20:59:19 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2010-08-09 19:07:15 | 000,052,457 | -H-- | M] () -- C:\treeinfo.wc


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-15 13:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-04-15 13:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008-04-15 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\system32\DRIVERS\atapi.sys
[2008-04-15 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2008-04-15 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys
[2008-04-15 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-04-15 13:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008-04-15 13:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008-04-15 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008-04-15 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-15 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008-04-15 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2008-04-15 13:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008-04-15 13:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe

< End of report >
[/log]

przy okazji proszę o sprawdzenie, czy tak poza tym te logi są w porządku...

Tomek01
komentarz
komentarz

Odinstaluj Deamon Tools Toolbar.


Otwierasz notatnik, wklepujesz C:\windows\System32\drivers\etc\Hosts - enter.
Usuwasz wszystko poza prawidłowym wpisem 127.0.0.1 localhost. Zapisujesz zmiany.
Pamiętaj aby nie skojarzyć go na stałe z Notatnikiem !

Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i wyniki pokaż na forum.

szimin
komentarz
komentarz (edytowane)

Odinstalowałem, tak myślę, Daemon Tools Toolbar. Niestety w Dodaj/Usuń programy go nie było. Usuąłem go poprzez Firefox (domyślna przeglądarka) -> Narzędzia -> Dodatki i tam "odinstaluj". Jeszcze użyłem programu Final Uninstaller.

Jeżeli chodzi o Hosts. To wklepałem to w okno adresu np. w Moich dokumentach. Następnie otworzyłem poprzez Notatnik i usunąłem wszystko oprócz pierwszego wpisu - 127.0.0.1 localhost. Przy próbie zapisuj wyskakuje komunikat: "Nie można utworzyć pliku C:\WINDOWS\system32\drivers\etc\hosts. Upewnij się, czy ścieżka i nazwa pliku są poprawne." Jednak za moment wyskakuje okienko zapisu i się zapisuje ale nie wiem czy to jest dobrze. Zresztą program Dr.Web pyta o przywrócenie domyślnego pliku Hosts i kliknąłem na "Tak". Natomiast gdy znowu wpiszę w adres tą ścieżkę, co napisałeś i otworzę w Notatniku to cały czas jest więcej wpisów niż ten 127.0.0.1 localhost. Także nie wiem...

Dokonałem też skanu systemu [b]Malwarebytes Anti-Malware[/b] i oto wynik.

[log]Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Wersja bazy: 5121

Windows 5.1.2600 Dodatek Service Pack 3
Internet Explorer 8.0.6001.18702

2010-11-16 00:50:22
mbam-log-2010-11-16 (00-50-22).txt

Typ skanowania: Pełne skanowanie (A:\|C:\|D:\|E:\|F:\|G:\|H:\|)
Przeskanowano obiektów: 246335
Upłynęło: 39 minut(y), 40 sekund(y)

Zainfekowanych procesów w pamięci: 0
Zainfekowanych modułów w pamięci: 0
Zainfekowanych kluczy rejestru: 0
Zainfekowanych wartości rejestru: 0
Zainfekowane informacje rejestru systemowego: 0
Zainfekowanych folderów: 0
Zainfekowanych plików: 2

Zainfekowanych procesów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych modułów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych kluczy rejestru:
(Nie znaleziono zagrożeń)

Zainfekowanych wartości rejestru:
(Nie znaleziono zagrożeń)

Zainfekowane informacje rejestru systemowego:
(Nie znaleziono zagrożeń)

Zainfekowanych folderów:
(Nie znaleziono zagrożeń)

Zainfekowanych plików:
C:\Documents and Settings\Szymon2\Pulpit\Ygoow\MailClients\VoilaClient.dll (Trojan.Dropper) -> Quarantined and deleted successfully.
E:\Instalki programów\Sony Vegas\SonyVegas\Patch\patch.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
[/log]

Z kolei Dr.Web przy szybkim skanowaniu nic nie wykrył, ale przy pełnym wykrył i screen niżej.
[b]
Kaspersky wciąż wyświetla mi wirusa jako aktywne zagrożenie, mimo że nic nie mogę zrobić. Klik na "neutralizuj wszystkie" nie wywołuje żadnej reakcji, tak samo jak "przetwórz" czy "wylecz wszystkie" (z podpiętym czy nie pendrivem). Zmienia się tylko data zagrożenia na aktualną przy tych operacjach. Miałem wcześniej podobny problem, kiedy na płycie DVD Kaspersky wykrył wirusa i w związku z tym a nie innym nośnikiem nie mógł nic z nim zrobić i też wyświetlał się taki ciągły komunikat o zagrożeniu...[/b]

Tomek01
komentarz
komentarz

Trzy pierwsze są fałszywym alarmem, u mnie też wykrywa bo używałem Flash Disinfector.


Pozostałe pliki są wykrywane w System Volume Information więc wystarczy jak wyłączysz a następnie włączysz przywracanie systemu na wszystkich partycjach.

szimin
komentarz
komentarz

Rozumiem, że dokonuję tego poprzez PPM na Mój komputer -> zakładka Przywracanie systemu -> zaznaczyć ptaszka przy "Wyłącz Przywracanie systemu na wszystkich dyskach" (Zastosuj/OK) -> a potem przy tym samym odznaczyć ptaszka (Zastosuj/OK). A więc zrobiłem tak, dodatkowo jeszcze uruchomiłem ponownie komputer jednak alert o zagrożeniu z Kaspersky'ego nie zniknął...

Tomek01
komentarz
komentarz

Czy FlashDisinfector użyłeś z podpiętym pen'em ?

szimin
komentarz
komentarz

Tak.

Tomek01
komentarz
komentarz

Pobierz [url="http://www.przeklej.pl/plik/usbfix-exe-00220gb4m1dc"]USBFix[/url]

Podepnij wszystkie pamięci USB jakie posiadasz i uruchom w USBFix opcję REASERACH.
Wrzuć raport. Po użyciu odinstalowujesz.

szimin
komentarz
komentarz

USBFix

[log]############################## | UsbFix 7.022 | [Research]

User: Szimin (Administrator) # USER-2322F37874 [ ]
Updated 29/08/10 by El Desaparecido / C_XX
Started at 23:55:04 | 16/11/2010
Website: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: Intel(R) Core(TM)2 Quad CPU Q9550 @ 2.83GHz
CPU 2: Intel(R) Core(TM)2 Quad CPU Q9550 @ 2.83GHz
Microsoft Windows XP Home Edition (5.1.2600 32-Bit) # Dodatek Service Pack 3
Internet Explorer 8.0.6001.18702

Windows Firewall: Disabled /!\
Antivirus: Kaspersky Internet Security 11.0.0.232 [Enabled | Updated]
Firewall: Kaspersky Internet Security 11.0.0.232 [Enabled]
RAM -> 3327 Mb
C:\ (%systemdrive%) -> Fixed drive # 49 Gb (25 Mb free - 51%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Fixed drive # 208 Gb (42 Mb free - 20%) [] # NTFS
F:\ -> Fixed drive # 208 Gb (46 Mb free - 22%) [] # NTFS
G:\ -> CD-ROM
H:\ -> Removable drive # 7 Gb (6 Mb free - 83%) [PATRIOT] # FAT32
I:\ -> Removable drive # 4 Gb (3 Mb free - 84%) [] # FAT32

################## | Files # Infected Folders |

Found ! I:\Autorun.inf

################## | Registry |

Found ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives

################## | Mountpoints2 |


################## | Vaccin |

C:\autorun.inf -> Folder created by Flash_Disinfector (sUBs)
E:\autorun.inf -> Folder created by Flash_Disinfector (sUBs)
F:\autorun.inf -> Folder created by Flash_Disinfector (sUBs)
H:\autorun.inf -> Folder created by Flash_Disinfector (sUBs)

################## | E.O.F |
[/log]

Tomek01
komentarz
komentarz

Więc użyj go jeszcze raz ale z opcją DELETION, z podpiętym oczywiście pen'em.

szimin
komentarz
komentarz

[log]
############################## | UsbFix 7.022 | [Deletion]

User: Szimin (Administrator) # USER-2322F37874 [ ]
Updated 29/08/10 by El Desaparecido / C_XX
Started at 19:21:18 | 17/11/2010
Website: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: Intel(R) Core(TM)2 Quad CPU Q9550 @ 2.83GHz
CPU 2: Intel(R) Core(TM)2 Quad CPU Q9550 @ 2.83GHz
Microsoft Windows XP Home Edition (5.1.2600 32-Bit) # Dodatek Service Pack 3
Internet Explorer 8.0.6001.18702

Windows Firewall: Disabled /!\
Antivirus: Kaspersky Internet Security 11.0.0.232 [Enabled | Updated]
Firewall: Kaspersky Internet Security 11.0.0.232 [Enabled]
RAM -> 3327 Mb
C:\ (%systemdrive%) -> Fixed drive # 49 Gb (25 Mb free - 51%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Fixed drive # 208 Gb (42 Mb free - 20%) [] # NTFS
F:\ -> Fixed drive # 208 Gb (46 Mb free - 22%) [] # NTFS
G:\ -> CD-ROM
H:\ -> Removable drive # 7 Gb (6 Mb free - 83%) [PATRIOT] # FAT32
I:\ -> Removable drive # 4 Gb (3 Mb free - 84%) [] # FAT32

################## | Files # Infected Folders |

Deleted ! I:\Autorun.inf

################## | Registry |

Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives

################## | Mountpoints2 |


################## | Listing |

[11/09/2009 - 22:40:20 | A | 50620] C:\aaw7boot.log
[29/11/2009 - 23:02:50 | A | 406901] C:\AnalysisLog.sr0
[02/06/2010 - 04:21:16 | A | 1347354] C:\Apr2005_d3dx9_25_x64.cab
[02/06/2010 - 04:21:16 | A | 1078962] C:\Apr2005_d3dx9_25_x86.cab
[02/06/2010 - 04:21:16 | A | 1397830] C:\Apr2006_d3dx9_30_x64.cab
[02/06/2010 - 04:21:16 | A | 1115221] C:\Apr2006_d3dx9_30_x86.cab
[02/06/2010 - 04:21:18 | A | 916430] C:\Apr2006_MDX1_x86.cab
[02/06/2010 - 04:21:18 | A | 4162630] C:\Apr2006_MDX1_x86_Archive.cab
[02/06/2010 - 04:21:18 | A | 179133] C:\Apr2006_XACT_x64.cab
[02/06/2010 - 04:21:18 | A | 133103] C:\Apr2006_XACT_x86.cab
[02/06/2010 - 04:21:20 | A | 87101] C:\Apr2006_xinput_x64.cab
[02/06/2010 - 04:21:34 | A | 46010] C:\Apr2006_xinput_x86.cab
[02/06/2010 - 04:21:36 | A | 698612] C:\APR2007_d3dx10_33_x64.cab
[02/06/2010 - 04:21:36 | A | 695865] C:\APR2007_d3dx10_33_x86.cab
[02/06/2010 - 04:21:36 | A | 1607358] C:\APR2007_d3dx9_33_x64.cab
[02/06/2010 - 04:21:38 | A | 1606039] C:\APR2007_d3dx9_33_x86.cab
[02/06/2010 - 04:21:38 | A | 195766] C:\APR2007_XACT_x64.cab
[02/06/2010 - 04:21:38 | A | 151225] C:\APR2007_XACT_x86.cab
[02/06/2010 - 04:21:38 | A | 96817] C:\APR2007_xinput_x64.cab
[02/06/2010 - 04:21:40 | A | 53302] C:\APR2007_xinput_x86.cab
[24/12/2009 - 23:41:59 | A | 30052] C:\ASLog.txt
[02/06/2010 - 04:21:40 | A | 1350542] C:\Aug2005_d3dx9_27_x64.cab
[02/06/2010 - 04:21:40 | A | 1077644] C:\Aug2005_d3dx9_27_x86.cab
[02/06/2010 - 04:21:40 | A | 182903] C:\AUG2006_XACT_x64.cab
[02/06/2010 - 04:21:40 | A | 137235] C:\AUG2006_XACT_x86.cab
[02/06/2010 - 04:21:40 | A | 87142] C:\AUG2006_xinput_x64.cab
[02/06/2010 - 04:21:40 | A | 46058] C:\AUG2006_xinput_x86.cab
[02/06/2010 - 04:21:42 | A | 852286] C:\AUG2007_d3dx10_35_x64.cab
[02/06/2010 - 04:21:42 | A | 796867] C:\AUG2007_d3dx10_35_x86.cab
[02/06/2010 - 04:21:42 | A | 1800160] C:\AUG2007_d3dx9_35_x64.cab
[02/06/2010 - 04:21:42 | A | 1708152] C:\AUG2007_d3dx9_35_x86.cab
[02/06/2010 - 04:21:44 | A | 198096] C:\AUG2007_XACT_x64.cab
[02/06/2010 - 04:21:44 | A | 153012] C:\AUG2007_XACT_x86.cab
[02/06/2010 - 04:21:42 | A | 867612] C:\Aug2008_d3dx10_39_x64.cab
[02/06/2010 - 04:21:44 | A | 849167] C:\Aug2008_d3dx10_39_x86.cab
[02/06/2010 - 04:21:44 | A | 1794084] C:\Aug2008_d3dx9_39_x64.cab
[02/06/2010 - 04:21:44 | A | 1464672] C:\Aug2008_d3dx9_39_x86.cab
[02/06/2010 - 04:21:44 | A | 121772] C:\Aug2008_XACT_x64.cab
[02/06/2010 - 04:21:44 | A | 92996] C:\Aug2008_XACT_x86.cab
[02/06/2010 - 04:21:46 | A | 271412] C:\Aug2008_XAudio_x64.cab
[02/06/2010 - 04:21:46 | A | 271038] C:\Aug2008_XAudio_x86.cab
[02/06/2010 - 04:21:46 | A | 919044] C:\Aug2009_D3DCompiler_42_x64.cab
[02/06/2010 - 04:21:56 | A | 900598] C:\Aug2009_D3DCompiler_42_x86.cab
[02/06/2010 - 04:21:56 | A | 3112111] C:\Aug2009_d3dcsx_42_x64.cab
[02/06/2010 - 04:21:56 | A | 3319740] C:\Aug2009_d3dcsx_42_x86.cab
[02/06/2010 - 04:21:58 | A | 232635] C:\Aug2009_d3dx10_42_x64.cab
[02/06/2010 - 04:21:58 | A | 192131] C:\Aug2009_d3dx10_42_x86.cab
[02/06/2010 - 04:21:58 | A | 136301] C:\Aug2009_d3dx11_42_x64.cab
[02/06/2010 - 04:21:58 | A | 105044] C:\Aug2009_d3dx11_42_x86.cab
[02/06/2010 - 04:21:58 | A | 930116] C:\Aug2009_d3dx9_42_x64.cab
[02/06/2010 - 04:21:58 | A | 728456] C:\Aug2009_d3dx9_42_x86.cab
[02/06/2010 - 04:22:00 | A | 122408] C:\Aug2009_XACT_x64.cab
[02/06/2010 - 04:22:00 | A | 93106] C:\Aug2009_XACT_x86.cab
[02/06/2010 - 04:22:00 | A | 273264] C:\Aug2009_XAudio_x64.cab
[02/06/2010 - 04:22:00 | A | 272642] C:\Aug2009_XAudio_x86.cab
[03/10/2008 - 20:54:11 | A | 0] C:\AUTOEXEC.BAT
[15/11/2010 - 21:46:53 | RASHD ] C:\autorun.inf
[04/02/2010 - 10:21:32 | A | 1155491] C:\BDANT.cab
[04/02/2010 - 10:21:32 | A | 975148] C:\BDAXP.cab
[12/03/2009 - 17:30:01 | A | 211] C:\Boot.bak
[09/11/2010 - 19:33:56 | RASH | 281] C:\boot.ini
[15/04/2008 - 13:00:00 | RASH | 4952] C:\Bootfont.bin
[08/11/2009 - 21:43:43 | RASHD ] C:\cmdcons
[03/08/2004 - 23:00:14 | A | 262400] C:\cmldr
[18/03/2010 - 23:15:40 | A | 151716] C:\ComboFix.txt
[16/11/2010 - 22:11:21 | D ] C:\Config.Msi
[03/10/2008 - 20:54:11 | A | 0] C:\CONFIG.SYS
[02/06/2010 - 04:22:00 | A | 1357976] C:\Dec2005_d3dx9_28_x64.cab
[02/06/2010 - 04:22:00 | A | 1079456] C:\Dec2005_d3dx9_28_x86.cab
[02/06/2010 - 04:22:00 | A | 212807] C:\DEC2006_d3dx10_00_x64.cab
[02/06/2010 - 04:22:00 | A | 191720] C:\DEC2006_d3dx10_00_x86.cab
[02/06/2010 - 04:22:00 | A | 1571154] C:\DEC2006_d3dx9_32_x64.cab
[02/06/2010 - 04:22:02 | A | 1574376] C:\DEC2006_d3dx9_32_x86.cab
[02/06/2010 - 04:22:02 | A | 192475] C:\DEC2006_XACT_x64.cab
[02/06/2010 - 04:22:02 | A | 145599] C:\DEC2006_XACT_x86.cab
[23/04/2010 - 22:03:06 | D ] C:\Documents and Settings
[15/09/2010 - 13:51:41 | D ] C:\Downloads
[02/06/2010 - 04:22:02 | A | 89944] C:\DSETUP.dll
[02/06/2010 - 04:22:02 | A | 1801048] C:\dsetup32.dll
[02/06/2010 - 04:22:02 | A | 42410] C:\dxdllreg_x86.cab
[04/02/2010 - 10:21:34 | A | 13264168] C:\dxnt.cab
[02/06/2010 - 04:22:02 | A | 537432] C:\DXSETUP.exe
[02/06/2010 - 04:22:02 | A | 94011] C:\dxupdate.cab
[02/06/2010 - 04:22:02 | A | 1247499] C:\Feb2005_d3dx9_24_x64.cab
[02/06/2010 - 04:22:02 | A | 1013225] C:\Feb2005_d3dx9_24_x86.cab
[02/06/2010 - 04:22:02 | A | 1362796] C:\Feb2006_d3dx9_29_x64.cab
[02/06/2010 - 04:22:04 | A | 1084720] C:\Feb2006_d3dx9_29_x86.cab
[02/06/2010 - 04:22:10 | A | 178359] C:\Feb2006_XACT_x64.cab
[02/06/2010 - 04:22:10 | A | 132409] C:\Feb2006_XACT_x86.cab
[02/06/2010 - 04:22:12 | A | 194675] C:\FEB2007_XACT_x64.cab
[02/06/2010 - 04:22:12 | A | 147983] C:\FEB2007_XACT_x86.cab
[02/06/2010 - 04:22:12 | A | 54678] C:\Feb2010_X3DAudio_x64.cab
[02/06/2010 - 04:22:12 | A | 20713] C:\Feb2010_X3DAudio_x86.cab
[02/06/2010 - 04:22:14 | A | 122446] C:\Feb2010_XACT_x64.cab
[02/06/2010 - 04:22:14 | A | 93180] C:\Feb2010_XACT_x86.cab
[02/06/2010 - 04:22:14 | A | 276960] C:\Feb2010_XAudio_x64.cab
[02/06/2010 - 04:22:14 | A | 277191] C:\Feb2010_XAudio_x86.cab
[03/10/2008 - 21:04:34 | D ] C:\Intel
[03/10/2008 - 20:54:11 | RASH | 0] C:\IO.SYS
[02/06/2010 - 04:22:14 | A | 1336002] C:\Jun2005_d3dx9_26_x64.cab
[02/06/2010 - 04:22:16 | A | 1064925] C:\Jun2005_d3dx9_26_x86.cab
[02/06/2010 - 04:22:16 | A | 180785] C:\JUN2006_XACT_x64.cab
[02/06/2010 - 04:22:16 | A | 133671] C:\JUN2006_XACT_x86.cab
[02/06/2010 - 04:22:16 | A | 699044] C:\JUN2007_d3dx10_34_x64.cab
[02/06/2010 - 04:22:16 | A | 698472] C:\JUN2007_d3dx10_34_x86.cab
[02/06/2010 - 04:22:16 | A | 1607774] C:\JUN2007_d3dx9_34_x64.cab
[02/06/2010 - 04:22:16 | A | 1607286] C:\JUN2007_d3dx9_34_x86.cab
[02/06/2010 - 04:22:16 | A | 197122] C:\JUN2007_XACT_x64.cab
[02/06/2010 - 04:22:18 | A | 152909] C:\JUN2007_XACT_x86.cab
[02/06/2010 - 04:22:18 | A | 867828] C:\JUN2008_d3dx10_38_x64.cab
[02/06/2010 - 04:22:18 | A | 849919] C:\JUN2008_d3dx10_38_x86.cab
[02/06/2010 - 04:22:18 | A | 1792608] C:\JUN2008_d3dx9_38_x64.cab
[02/06/2010 - 04:22:18 | A | 1463878] C:\JUN2008_d3dx9_38_x86.cab
[02/06/2010 - 04:22:18 | A | 55154] C:\JUN2008_X3DAudio_x64.cab
[02/06/2010 - 04:22:18 | A | 21905] C:\JUN2008_X3DAudio_x86.cab
[02/06/2010 - 04:22:18 | A | 121054] C:\JUN2008_XACT_x64.cab
[02/06/2010 - 04:22:18 | A | 93128] C:\JUN2008_XACT_x86.cab
[02/06/2010 - 04:22:18 | A | 269628] C:\JUN2008_XAudio_x64.cab
[02/06/2010 - 04:22:20 | A | 269024] C:\JUN2008_XAudio_x86.cab
[02/06/2010 - 04:22:28 | A | 944460] C:\Jun2010_D3DCompiler_43_x64.cab
[02/06/2010 - 04:22:28 | A | 931471] C:\Jun2010_D3DCompiler_43_x86.cab
[02/06/2010 - 04:22:28 | A | 752783] C:\Jun2010_d3dcsx_43_x64.cab
[02/06/2010 - 04:22:30 | A | 762188] C:\Jun2010_d3dcsx_43_x86.cab
[02/06/2010 - 04:22:30 | A | 235955] C:\Jun2010_d3dx10_43_x64.cab
[02/06/2010 - 04:22:30 | A | 197283] C:\Jun2010_d3dx10_43_x86.cab
[02/06/2010 - 04:22:30 | A | 138205] C:\Jun2010_d3dx11_43_x64.cab
[02/06/2010 - 04:22:30 | A | 109445] C:\Jun2010_d3dx11_43_x86.cab
[02/06/2010 - 04:22:32 | A | 937246] C:\Jun2010_d3dx9_43_x64.cab
[02/06/2010 - 04:22:32 | A | 768036] C:\Jun2010_d3dx9_43_x86.cab
[02/06/2010 - 04:22:32 | A | 124596] C:\Jun2010_XACT_x64.cab
[02/06/2010 - 04:22:32 | A | 93686] C:\Jun2010_XACT_x86.cab
[02/06/2010 - 04:22:32 | A | 277338] C:\Jun2010_XAudio_x64.cab
[02/06/2010 - 04:22:32 | A | 278060] C:\Jun2010_XAudio_x86.cab
[02/06/2010 - 04:22:32 | A | 844884] C:\Mar2008_d3dx10_37_x64.cab
[02/06/2010 - 04:22:34 | A | 818260] C:\Mar2008_d3dx10_37_x86.cab
[02/06/2010 - 04:22:34 | A | 1769862] C:\Mar2008_d3dx9_37_x64.cab
[02/06/2010 - 04:22:34 | A | 1443282] C:\Mar2008_d3dx9_37_x86.cab
[02/06/2010 - 04:22:34 | A | 55058] C:\Mar2008_X3DAudio_x64.cab
[02/06/2010 - 04:22:34 | A | 21867] C:\Mar2008_X3DAudio_x86.cab
[02/06/2010 - 04:22:36 | A | 122336] C:\Mar2008_XACT_x64.cab
[02/06/2010 - 04:22:36 | A | 93734] C:\Mar2008_XACT_x86.cab
[02/06/2010 - 04:22:36 | A | 251194] C:\Mar2008_XAudio_x64.cab
[02/06/2010 - 04:22:36 | A | 226250] C:\Mar2008_XAudio_x86.cab
[02/06/2010 - 04:22:36 | A | 1067160] C:\Mar2009_d3dx10_41_x64.cab
[02/06/2010 - 04:22:36 | A | 1040745] C:\Mar2009_d3dx10_41_x86.cab
[02/06/2010 - 04:22:36 | A | 1973702] C:\Mar2009_d3dx9_41_x64.cab
[02/06/2010 - 04:22:36 | A | 1612446] C:\Mar2009_d3dx9_41_x86.cab
[02/06/2010 - 04:22:38 | A | 54600] C:\Mar2009_X3DAudio_x64.cab
[02/06/2010 - 04:22:38 | A | 21298] C:\Mar2009_X3DAudio_x86.cab
[02/06/2010 - 04:22:46 | A | 121506] C:\Mar2009_XACT_x64.cab
[02/06/2010 - 04:22:46 | A | 92740] C:\Mar2009_XACT_x86.cab
[02/06/2010 - 04:22:46 | A | 275044] C:\Mar2009_XAudio_x64.cab
[02/06/2010 - 04:22:48 | A | 273018] C:\Mar2009_XAudio_x86.cab
[03/10/2008 - 20:54:11 | RASH | 0] C:\MSDOS.SYS
[02/06/2010 - 04:22:48 | A | 864600] C:\Nov2007_d3dx10_36_x64.cab
[02/06/2010 - 04:22:48 | A | 803884] C:\Nov2007_d3dx10_36_x86.cab
[02/06/2010 - 04:22:48 | A | 1802058] C:\Nov2007_d3dx9_36_x64.cab
[02/06/2010 - 04:22:48 | A | 1709360] C:\Nov2007_d3dx9_36_x86.cab
[02/06/2010 - 04:22:50 | A | 46144] C:\NOV2007_X3DAudio_x64.cab
[02/06/2010 - 04:22:50 | A | 18496] C:\NOV2007_X3DAudio_x86.cab
[02/06/2010 - 04:22:50 | A | 196762] C:\NOV2007_XACT_x64.cab
[02/06/2010 - 04:22:50 | A | 148264] C:\NOV2007_XACT_x86.cab
[02/06/2010 - 04:22:50 | A | 994154] C:\Nov2008_d3dx10_40_x64.cab
[02/06/2010 - 04:22:52 | A | 965421] C:\Nov2008_d3dx10_40_x86.cab
[02/06/2010 - 04:22:52 | A | 1906878] C:\Nov2008_d3dx9_40_x64.cab
[02/06/2010 - 04:22:52 | A | 1550796] C:\Nov2008_d3dx9_40_x86.cab
[02/06/2010 - 04:22:52 | A | 54522] C:\Nov2008_X3DAudio_x64.cab
[02/06/2010 - 04:22:52 | A | 21851] C:\Nov2008_X3DAudio_x86.cab
[02/06/2010 - 04:22:52 | A | 121794] C:\Nov2008_XACT_x64.cab
[02/06/2010 - 04:22:52 | A | 92684] C:\Nov2008_XACT_x86.cab
[02/06/2010 - 04:22:54 | A | 273960] C:\Nov2008_XAudio_x64.cab
[02/06/2010 - 04:22:54 | A | 272611] C:\Nov2008_XAudio_x86.cab
[15/04/2008 - 13:00:00 | RASH | 47564] C:\NTDETECT.COM
[15/04/2008 - 13:00:00 | RASH | 251152] C:\ntldr
[26/07/2009 - 20:44:28 | D ] C:\NVIDIA
[02/06/2010 - 04:22:54 | A | 86037] C:\Oct2005_xinput_x64.cab
[02/06/2010 - 04:22:54 | A | 45359] C:\Oct2005_xinput_x86.cab
[02/06/2010 - 04:22:54 | A | 1412902] C:\OCT2006_d3dx9_31_x64.cab
[02/06/2010 - 04:22:54 | A | 1127217] C:\OCT2006_d3dx9_31_x86.cab
[02/06/2010 - 04:22:54 | A | 182361] C:\OCT2006_XACT_x64.cab
[02/06/2010 - 04:22:54 | A | 138017] C:\OCT2006_XACT_x86.cab
[17/11/2010 - 13:17:26 | ASH | 2145386496] C:\pagefile.sys
[16/11/2010 - 22:52:41 | RD ] C:\Program Files
[17/11/2010 - 19:22:36 | SHD ] C:\RECYCLER
[15/11/2010 - 21:49:08 | D ] C:\rsit
[16/11/2010 - 21:23:19 | SHD ] C:\System Volume Information
[18/06/2010 - 08:01:20 | D ] C:\totalcmd
[09/08/2010 - 19:07:15 | H | 52457] C:\treeinfo.wc
[17/11/2010 - 19:22:36 | D ] C:\UsbFix
[17/11/2010 - 19:22:39 | A | 13235] C:\UsbFix.txt
[16/11/2010 - 22:25:49 | D ] C:\WINDOWS
[12/11/2010 - 17:30:30 | D ] E:\Activision
[30/03/2010 - 14:36:27 | D ] E:\Adobe
[15/11/2010 - 21:46:54 | RASHD ] E:\autorun.inf
[05/11/2010 - 12:39:22 | D ] E:\f7eb8690fdd3b02d84d12738a7e32692
[17/11/2010 - 19:13:13 | RD ] E:\Filmy
[12/11/2010 - 17:21:51 | RD ] E:\Instalki gier
[16/11/2010 - 17:58:09 | RD ] E:\Instalki programów
[03/11/2010 - 18:46:41 | RD ] E:\Kamera
[26/06/2010 - 18:39:18 | D ] E:\msdownld.tmp
[15/11/2010 - 16:58:41 | D ] E:\NoPremium.pl
[17/11/2010 - 19:22:36 | SHD ] E:\RECYCLER
[09/03/2010 - 18:12:00 | D ] E:\Sony
[16/11/2010 - 21:45:39 | SHD ] E:\System Volume Information
[15/11/2010 - 21:46:54 | RASHD ] F:\autorun.inf
[29/10/2010 - 19:09:24 | RD ] F:\Filmy obejrzane
[16/11/2010 - 20:06:57 | D ] F:\FU_Backup
[15/10/2010 - 20:37:33 | RD ] F:\Instalki gier
[14/10/2010 - 13:32:22 | HD ] F:\msdownld.tmp
[17/11/2010 - 19:22:36 | SHD ] F:\RECYCLER
[16/11/2010 - 21:45:39 | SHD ] F:\System Volume Information
[15/11/2010 - 21:21:13 | D ] F:\WSInf
[25/10/2010 - 15:46:36 | D ] H:\informacje
[16/11/2010 - 18:54:48 | RASHD ] H:\autorun.inf
[16/11/2010 - 23:09:36 | D ] H:\!PI - ZALEGŁE DO ZALICZENIA
[16/11/2010 - 23:09:54 | RD ] H:\MATERIAŁY - od studentów
[16/11/2010 - 23:10:28 | D ] H:\moje pliki
[16/11/2010 - 23:10:54 | D ] H:\programy
[25/10/2010 - 15:47:46 | RD ] H:\nagrane WYKŁADY
[25/10/2010 - 15:48:16 | D ] H:\plan z nazwiskami
[25/10/2010 - 15:48:20 | RD ] H:\podręczniki
[25/10/2010 - 15:52:16 | D ] H:\MATERIAŁY - wsinf.bydgoszcz.pl
[04/11/2010 - 22:19:34 | RD ] H:\MATERIAŁY - od wykładowców
[26/09/2010 - 15:42:04 | D ] I:\Nowy folder
[26/09/2010 - 07:39:06 | D ] I:\pi 25-09
[13/11/2010 - 07:17:52 | D ] I:\utp - ti smieci
[13/11/2010 - 07:18:22 | D ] I:\WSInf
[13/11/2010 - 16:45:32 | A | 38912] I:\fyff.doc
[13/11/2010 - 16:45:50 | A | 5408936] I:\fyff.pdf
[13/11/2010 - 19:39:46 | D ] I:\wsinf 2010-11-13
[14/11/2010 - 16:32:36 | A | 43008] I:\Zeszyt1 - gotowe.xls

################## | Vaccin |

C:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
E:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
F:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
H:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
I:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_USER-2322F37874.zip
http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution.

################## | E.O.F |
[/log]

jest ok? bo wcześniej odinstalowałem i zainstalowałem ponownie Kaspersky'ego żeby mi nie pokazywał komunikatu..

Tomek01
komentarz
komentarz

Teraz powinno być ok.

szimin
komentarz
komentarz (edytowane)

Wpisałem jeszcze w rejestr HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, w kluczu NoDriveTypeAutorun wartość ff (bo 0xff nie mozna wpisać?) zeby zablokować autoruny. Mam nadzieje, że dobrze...

Tomek01
komentarz
komentarz

Czytaj: http://support.microsoft.com/kb/967715/pl ;)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.