szimin utworzono 15 listopada 2010 utworzono 15 listopada 2010 Witam, Mam następujący problem z wirusem. Wyskoczył mi po skanowaniu pendrive'a od kumpla. Zwie się Worm.Win32.AutoRun.dej. Jego lokalizacja to H:\AutoRun.inf (H jest "dyskiem" pendrive'a). Kiedy w Kaspersky'm nacisnąłem na neutralizowanie wszystkich zagrożeń, to nic się nie stało. Obecnie cały czas pokazuje mi aktywne zagrożenie, mimo, że przy drugim sprawdzaniu tego pendrive'a wyskoczyło 0 zagrożeń. Proszę o pomoc. Nie podaję od razu logów (bo zapewne ktoś o nie poprosi), bo nie wiem z którego programu podawać, dlatego czekam na odpowiedź. Pozdrawiam.
Tomek01 komentarz 15 listopada 2010 komentarz 15 listopada 2010 Zastosuj [b][color=#0000CD][url=http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe]Flash Disinfector[/url][/color][/b], najlepiej z podpiętym pendrive'm czy innymi pamięciami USB. Wrzuć zestaw logów: OTL i RSIT wstawiając je w tagi. http://www.forumpc.pl/index.php?showtopic=104338
szimin komentarz 15 listopada 2010 Autor komentarz 15 listopada 2010 (edytowane) Użyłem Flash Disinfectora. [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Szimin at 2010-11-15 21:49:59 Microsoft Windows XP Home Edition Dodatek Service Pack 3 System drive C: has 25 GB (51%) free of 50 GB Total RAM: 3327 MB (79% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:50:12, on 2010-11-15 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\AutoConnect\AutoConnect.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Documents and Settings\Szimin\Pulpit\RSIT.exe C:\Program Files\trend micro\Szimin.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Pomocnik rejestrowania za pomocą identyfikatora Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (file missing) O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Dane aplikacji\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Utwórz Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O9 - Extra button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{7D22AE6A-AD7F-482F-9334-7DA25C0EB47D}: NameServer = 194.204.152.34 194.204.159.1 O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Usługa Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- End of file - 9235 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ca5c23806a9f84.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1ca5c2380a3d7f4.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1085031214-1801674531-1009Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1085031214-1801674531-1009UA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll [2010-05-07 68280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}] DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2006-06-13 110652] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Pomocnik rejestrowania za pomocą identyfikatora Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll [2010-05-25 191160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-15 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}] IEPluginBHO Class - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472] "PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2007-01-29 30248] "IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2007-01-29 46632] "PPort11reminder"=C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-02-01 255528] "BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-03-12 663552] "ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2007-01-26 65536] "DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2006-06-13 127036] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-05-07 344736] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-10-16 110696] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-10-16 13851752] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-11-02 19580520] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-15 15360] "H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696] "AutoConnect"=C:\Program Files\AutoConnect\AutoConnect.exe [2004-08-28 295424] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "aawservice"=2 C:\Documents and Settings\All Users\Menu Start\Programy\Autostart DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2010-05-07 228024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=36 "NoDriveAutoRun"=0xFFFFFFFF [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 "NoDriveTypeAutoRun"=189 "NoDriveAutoRun"=67108855 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows" "C:\Program Files\Java\jre1.5.0_15\launch4j-tmp\JDownloader.exe"="C:\Program Files\Java\jre1.5.0_15\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary" "C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "E:\KONAMI\pes2010.exe"="E:\KONAMI\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010" "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\Program Files\Gadu-Gadu 10\gg.exe"="C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10" "C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe:*:Enabled:Render Manager" "C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio" "C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe:*:Enabled:umi" "E:\KONAMI\Pro Evolution Soccer 2010\pes2010.exe"="E:\KONAMI\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010" "C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Program Files\KONAMI\Pro Evolution Soccer 2011\pes2011.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2011\pes2011.exe:*:Enabled:Pro Evolution Soccer 2011" "C:\Documents and Settings\Szimin\Dane aplikacji\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\Szimin\Dane aplikacji\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox" "C:\Program Files\EA Sports\FIFA 11\Game\fifa.exe"="C:\Program Files\EA Sports\FIFA 11\Game\fifa.exe:*:Enabled:FIFA 11" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" ======File associations====== .js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" ======List of files/folders created in the last 1 months====== 2010-11-15 21:48:27 ----D---- C:\Program Files\trend micro 2010-11-15 21:48:26 ----D---- C:\rsit 2010-11-15 21:46:53 ----RASHD---- C:\autorun.inf 2010-11-11 21:22:15 ----D---- C:\Documents and Settings\Szimin\Dane aplikacji\Foxit Software 2010-11-11 20:49:08 ----D---- C:\Program Files\Odkurzacz 2010-11-10 15:51:21 ----D---- C:\Program Files\Softronics 2010-11-09 19:07:47 ----ASH---- C:\Documents and Settings\Szimin\Dane aplikacji\Sys6925.Config Collection.sys 2010-11-09 19:07:35 ----D---- C:\Program Files\jv16 PowerTools 2010 2010-11-09 18:59:04 ----A---- C:\WINDOWS\system32\pgdfgsvc.exe 2010-11-09 13:19:16 ----A---- C:\WINDOWS\system32\drivers\DrvAgent32.sys 2010-11-05 11:34:24 ----A---- C:\WINDOWS\system32\drivers\cpuz134_x32.sys 2010-11-02 18:08:20 ----D---- C:\Documents and Settings\Szimin\Dane aplikacji\Winamp 2010-11-02 17:58:33 ----D---- C:\WINDOWS\system32\winrm 2010-11-02 17:58:33 ----D---- C:\WINDOWS\system32\WindowsPowerShell 2010-10-26 13:41:13 ----A---- C:\WINDOWS\vncutil.exe 2010-10-26 13:41:12 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll 2010-10-26 13:41:11 ----A---- C:\WINDOWS\RtkAudioService.exe 2010-10-26 13:41:08 ----A---- C:\WINDOWS\system32\drivers\Monfilt.sys 2010-10-26 13:41:07 ----A---- C:\WINDOWS\system32\drivers\Ambfilt.sys 2010-10-26 13:01:48 ----D---- C:\Documents and Settings\Szimin\Dane aplikacji\Thunderbird 2010-10-24 21:56:49 ----A---- C:\WINDOWS\system32\drivers\klif.sys 2010-10-18 13:45:43 ----A---- C:\WINDOWS\system32\nvgenco32.dll 2010-10-18 13:45:43 ----A---- C:\WINDOWS\system32\nvdispco32.dll 2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvwddi.dll 2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrszht.dll 2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrszhc.dll 2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrstr.dll 2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrsth.dll 2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrssv.dll 2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrssl.dll 2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrssk.dll 2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrsru.dll 2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrsptb.dll 2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrsnl.dll 2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrsko.dll 2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrshu.dll 2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrshe.dll 2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrsfr.dll 2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrsfi.dll 2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrsesm.dll 2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrses.dll 2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrseng.dll 2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrsel.dll 2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrsde.dll 2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrsda.dll 2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrscs.dll 2010-10-16 11:05:54 ----A---- C:\WINDOWS\system32\nvrsar.dll 2010-10-16 11:05:52 ----A---- C:\WINDOWS\system32\nvsvc32.exe 2010-10-16 11:05:52 ----A---- C:\WINDOWS\system32\nvrspt.dll 2010-10-16 11:05:52 ----A---- C:\WINDOWS\system32\nvrspl.dll 2010-10-16 11:05:52 ----A---- C:\WINDOWS\system32\nvrsno.dll 2010-10-16 11:05:52 ----A---- C:\WINDOWS\system32\nvrsja.dll 2010-10-16 11:05:52 ----A---- C:\WINDOWS\system32\nvrsit.dll 2010-10-16 11:05:52 ----A---- C:\WINDOWS\system32\nvmctray.dll 2010-10-16 11:05:52 ----A---- C:\WINDOWS\system32\nvmccs.dll 2010-10-16 11:05:52 ----A---- C:\WINDOWS\system32\nvcpl.dll 2010-10-16 11:05:52 ----A---- C:\WINDOWS\system32\nvcolor.exe ======List of files/folders modified in the last 1 months====== 2010-11-15 21:48:42 ----D---- C:\WINDOWS\Prefetch 2010-11-15 21:48:27 ----RD---- C:\Program Files 2010-11-15 21:34:44 ----D---- C:\WINDOWS\Temp 2010-11-15 21:34:43 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab 2010-11-15 20:59:57 ----D---- C:\Program Files\AutoConnect 2010-11-15 20:59:15 ----D---- C:\WINDOWS 2010-11-15 20:58:25 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-11-15 20:36:44 ----HD---- C:\WINDOWS\inf 2010-11-15 14:27:27 ----D---- C:\WINDOWS\system32\CatRoot2 2010-11-12 17:55:21 ----D---- C:\WINDOWS\system32 2010-11-12 17:40:43 ----SHD---- C:\WINDOWS\Installer 2010-11-12 17:40:42 ----D---- C:\Config.Msi 2010-11-12 17:40:41 ----D---- C:\WINDOWS\WinSxS 2010-11-12 17:39:58 ----D---- C:\WINDOWS\system32\DirectX 2010-11-12 17:39:08 ----RSD---- C:\WINDOWS\assembly 2010-11-12 17:38:13 ----D---- C:\WINDOWS\Logs 2010-11-11 21:07:45 ----D---- C:\WINDOWS\system32\drivers\etc 2010-11-11 21:00:13 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy 2010-11-11 20:21:17 ----D---- C:\Program Files\MoorHunt 2010-11-10 15:51:21 ----HD---- C:\Program Files\InstallShield Installation Information 2010-11-10 13:27:10 ----D---- C:\WINDOWS\Debug 2010-11-10 13:27:07 ----A---- C:\WINDOWS\system32\MRT.exe 2010-11-09 20:06:44 ----A---- C:\WINDOWS\win.ini 2010-11-09 19:57:15 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\DSS 2010-11-09 19:33:56 ----RASH---- C:\boot.ini 2010-11-09 19:33:56 ----A---- C:\WINDOWS\system.ini 2010-11-09 19:26:35 ----D---- C:\WINDOWS\system32\config 2010-11-09 18:58:51 ----D---- C:\WINDOWS\system32\drivers 2010-11-09 18:32:01 ----D---- C:\WINDOWS\system32\LogFiles 2010-11-09 18:19:29 ----DC---- C:\WINDOWS\system32\dllcache 2010-11-05 16:34:58 ----D---- C:\WINDOWS\system32\RTCOM 2010-11-05 16:34:46 ----D---- C:\WINDOWS\system32\ReinstallBackups 2010-11-05 14:20:35 ----D---- C:\WINDOWS\Minidump 2010-11-05 13:14:59 ----SD---- C:\WINDOWS\Tasks 2010-11-05 13:02:05 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-11-03 16:34:40 ----D---- C:\WINDOWS\system32\CatRoot 2010-11-02 22:12:12 ----D---- C:\WINDOWS\security 2010-11-02 22:09:33 ----D---- C:\WINDOWS\ie8updates 2010-11-02 19:36:50 ----A---- C:\WINDOWS\SOUNDMAN.EXE 2010-11-02 19:36:50 ----A---- C:\WINDOWS\SkyTel.exe 2010-11-02 19:36:38 ----A---- C:\WINDOWS\RtlUpd.exe 2010-11-02 19:36:26 ----A---- C:\WINDOWS\RTLCPL.EXE 2010-11-02 19:36:02 ----A---- C:\WINDOWS\RTHDCPL.EXE 2010-11-02 19:35:52 ----A---- C:\WINDOWS\MicCal.exe 2010-11-02 19:35:40 ----A---- C:\WINDOWS\ALCWZRD.EXE 2010-11-02 19:35:40 ----A---- C:\WINDOWS\ALCMTR.EXE 2010-11-02 18:08:29 ----D---- C:\Program Files\Winamp 2010-11-02 18:00:48 ----D---- C:\Program Files\Internet Explorer 2010-11-02 18:00:04 ----D---- C:\WINDOWS\Microsoft.NET 2010-11-02 17:58:43 ----D---- C:\WINDOWS\Help 2010-11-02 17:58:33 ----D---- C:\WINDOWS\system32\wbem 2010-10-30 17:00:06 ----A---- C:\WINDOWS\NeroDigital.ini 2010-10-29 20:42:47 ----D---- C:\Documents and Settings\Szimin\Dane aplikacji\Vso 2010-10-28 12:40:45 ----D---- C:\Program Files\Mozilla Firefox 2010-10-28 10:46:00 ----A---- C:\WINDOWS\RtlExUpd.dll 2010-10-26 13:41:07 ----D---- C:\Program Files\Realtek 2010-10-25 19:22:17 ----D---- C:\Program Files\NVIDIA Corporation 2010-10-24 21:57:05 ----D---- C:\Program Files\Kaspersky Lab 2010-10-24 21:54:58 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files 2010-10-22 17:54:40 ----A---- C:\WINDOWS\wincmd.ini 2010-10-22 17:53:29 ----A---- C:\WINDOWS\wcx_ftp.ini 2010-10-22 07:23:30 ----A---- C:\WINDOWS\system32\OpenCL.dll 2010-10-22 07:23:30 ----A---- C:\WINDOWS\system32\nvoglnt.dll 2010-10-22 07:23:29 ----A---- C:\WINDOWS\system32\nvcuvid.dll 2010-10-22 07:23:29 ----A---- C:\WINDOWS\system32\nvcuvenc.dll 2010-10-22 07:23:29 ----A---- C:\WINDOWS\system32\nvcuda.dll 2010-10-22 07:23:22 ----A---- C:\WINDOWS\system32\nvcompiler.dll 2010-10-22 07:23:22 ----A---- C:\WINDOWS\system32\nvapi.dll 2010-10-22 07:23:22 ----A---- C:\WINDOWS\system32\nv4_disp.dll 2010-10-19 21:18:34 ----D---- C:\Program Files\K-Lite Codec Pack 2010-10-17 14:40:35 ----D---- C:\Documents and Settings\Szimin\Dane aplikacji\Identities ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 DRVMCDB;DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [2006-06-12 89264] R0 KL1;Kl1; C:\WINDOWS\system32\drivers\kl1.sys [2010-05-06 132184] R0 ohci1394;Kontroler hosta IEEE 1394 VIA zgodny z OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-15 61696] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-07-04 44944] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-04-24 691696] R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2006-03-17 5660] R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2006-03-17 22684] R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-15 40448] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2010-10-24 477784] R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-06-13 25724] R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2006-06-13 2496] R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-06-13 86844] R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-06-13 14716] R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-06-13 6364] R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-06-13 88476] R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-06-13 94460] R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2006-03-17 40544] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152] R3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2004-03-02 127065] R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2007-03-15 38656] R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-15 144384] R3 hidusb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-15 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-11-02 6188648] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-09-14 32272] R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-11-02 19472] R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-15 12160] R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-10-22 9623680] R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-05-14 47360] R3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [] S1 kl2;Kl2; \??\C:\WINDOWS\system32\drivers\kl2.sys [] S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2004-03-02 50007] S3 a0s0avj2;a0s0avj2; C:\WINDOWS\system32\drivers\a0s0avj2.sys [] S3 ac9pnjbj;ac9pnjbj; C:\WINDOWS\system32\drivers\ac9pnjbj.sys [] S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys [] S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480] S3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-15 60800] S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys [] S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys [] S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800] S3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-15 61824] S3 RT73;D-Link USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\Dr71WU.sys [2005-11-03 245504] S3 usb_rndisx;Karta USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-14 12800] S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Klasa PRINTER USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AVP;Usługa Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-05-07 344736] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-15 153376] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-10-16 156776] R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808] R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-13 133104] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-03-30 654848] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 fsssvc;Bezpieczeństwo rodzinne usługi Windows Live; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-15 14336] S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-15 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] -----------------EOF----------------- [/log] [log]OTL logfile created on: 2010-11-15 21:55:15 - Run 5 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Szimin\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 79,00% Memory free 5,00 Gb Paging File | 5,00 Gb Available in Paging File | 89,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 24,71 Gb Free Space | 50,60% Space Free | Partition Type: NTFS Drive E: | 208,45 Gb Total Space | 42,26 Gb Free Space | 20,28% Space Free | Partition Type: NTFS Drive F: | 208,48 Gb Total Space | 45,83 Gb Free Space | 21,98% Space Free | Partition Type: NTFS Drive H: | 3,77 Gb Total Space | 3,15 Gb Free Space | 83,56% Space Free | Partition Type: FAT32 Computer Name: USER-2322F37874 | User Name: Szimin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-11-15 21:35:11 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Szimin\Pulpit\OTL.exe PRC - [2010-11-02 19:36:02 | 019,580,520 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE PRC - [2010-10-28 12:40:28 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-10-16 11:05:52 | 000,156,776 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2010-09-15 03:50:54 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2010-05-07 11:39:36 | 000,344,736 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe PRC - [2010-05-07 11:37:14 | 000,129,720 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe PRC - [2009-03-30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE PRC - [2009-03-30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE PRC - [2009-02-09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-05-26 21:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe PRC - [2008-05-26 21:18:44 | 000,439,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\searchindexer.exe PRC - [2008-04-15 13:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-15 13:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-15 13:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2008-04-15 13:00:00 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe PRC - [2008-04-15 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-15 13:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2008-04-15 13:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe PRC - [2008-04-15 13:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-15 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-15 13:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 21:51:32 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe PRC - [2007-05-28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2007-03-12 13:51:26 | 000,663,552 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe PRC - [2007-03-06 18:20:00 | 000,536,576 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe PRC - [2007-03-02 15:48:00 | 000,098,304 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe PRC - [2007-01-29 20:12:14 | 000,030,248 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe PRC - [2006-11-13 15:57:16 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe PRC - [2006-11-13 15:57:06 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe PRC - [2006-06-13 05:20:00 | 000,127,036 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE PRC - [2004-08-28 19:27:04 | 000,295,424 | ---- | M] (http://autoconnect.prv.pl) -- C:\Program Files\AutoConnect\AutoConnect.exe PRC - [2004-07-28 15:39:28 | 000,962,661 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-11-15 21:35:11 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Szimin\Pulpit\OTL.exe MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2010-08-16 09:45:09 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2010-07-27 07:30:33 | 008,491,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2010-07-16 13:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 09:27:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-03-21 15:08:59 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-27 05:58:02 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime MOD - [2009-02-09 11:53:44 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2009-02-09 11:53:43 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-10-23 13:42:41 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-04-15 13:00:00 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-15 13:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-15 13:00:00 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2008-04-15 13:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-15 13:00:00 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-15 13:00:00 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-15 13:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-15 13:00:00 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll MOD - [2008-04-15 13:00:00 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-15 13:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-15 13:00:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-15 13:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-15 13:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2008-04-15 13:00:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2008-04-15 13:00:00 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-15 13:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-15 13:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-15 13:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - [2010-05-07 11:39:36 | 000,344,736 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP) SRV - [2010-03-30 14:18:43 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010-03-18 15:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state) SRV - [2010-03-18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-03-18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2009-02-06 17:08:58 | 000,533,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2007-05-28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [File_System | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\Lbd.sys -- (Lbd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\NSDriver.sys -- (Ad-Watch Connect Filter) DRV - [2010-11-09 13:19:16 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DrvAgent32.sys -- (DrvAgent32) DRV - [2010-11-02 19:36:26 | 006,188,648 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2010-10-24 21:56:49 | 000,477,784 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF) DRV - [2010-10-22 07:23:22 | 009,623,680 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2010-05-06 23:19:06 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2) DRV - [2010-05-06 23:19:02 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (KL1) DRV - [2010-04-24 14:06:40 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-11-18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009-11-18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009-11-02 19:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009-09-14 13:42:46 | 000,032,272 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5) DRV - [2009-02-06 17:08:42 | 000,055,152 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr) DRV - [2008-04-15 13:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007-03-15 15:12:02 | 000,038,656 | ---- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001) DRV - [2006-06-13 05:20:00 | 000,094,460 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM) DRV - [2006-06-13 05:20:00 | 000,088,476 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M) DRV - [2006-06-13 05:20:00 | 000,086,844 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M) DRV - [2006-06-13 05:20:00 | 000,025,724 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM) DRV - [2006-06-13 05:20:00 | 000,014,716 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM) DRV - [2006-06-13 05:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM) DRV - [2006-06-13 05:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN) DRV - [2006-06-12 03:30:00 | 000,089,264 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB) DRV - [2006-03-17 08:35:24 | 000,005,660 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM) DRV - [2006-03-17 08:34:46 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N) DRV - [2006-03-17 05:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM) DRV - [2005-11-03 20:39:02 | 000,245,504 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Dr71WU.sys -- (RT73) DRV - [2004-10-15 11:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb) DRV - [2004-08-13 19:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004-03-02 08:26:58 | 000,050,007 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\adildr.sys -- (ADILOADER) General Purpose USB Driver (adildr.sys) DRV - [2004-03-02 08:24:16 | 000,127,065 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\adiusbaw.sys -- (adiusbaw) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-823518204-1085031214-1801674531-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-823518204-1085031214-1801674531-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.google.pl" FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.7.0088 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.0.232 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}:5.0.17 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}:5.0.22 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.0.232 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-10-28 12:40:31 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-10-28 12:40:31 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\THBExt [2010-10-24 21:57:27 | 000,000,000 | ---D | M] [2010-10-26 13:02:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\Mozilla\Extensions [2010-10-26 13:02:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Szimin\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010-11-15 21:03:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\Mozilla\Firefox\Profiles\s00cxtmy.default\extensions [2010-05-15 16:07:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Szimin\Dane aplikacji\Mozilla\Firefox\Profiles\s00cxtmy.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-11-15 21:03:10 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009-01-27 17:28:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} [2009-12-21 15:53:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA} [2010-10-11 13:18:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-10-12 20:57:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-10-24 21:58:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru [2010-10-24 21:58:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2010-09-15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-09-29 13:08:48 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll [2009-04-01 16:12:28 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll [2010-01-25 20:15:51 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-01-25 20:15:51 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-01-25 20:15:51 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-01-25 20:15:51 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-01-25 20:15:51 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-01-25 20:15:51 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-11-11 21:07:45 | 000,424,694 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 14658 more lines... O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll File not found O3 - HKU\S-1-5-21-823518204-1085031214-1801674531-1009\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions) O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.) O4 - HKU\S-1-5-21-823518204-1085031214-1801674531-1009..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exe (http://autoconnect.prv.pl) O4 - HKU\S-1-5-21-823518204-1085031214-1801674531-1009..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-823518204-1085031214-1801674531-1009..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-823518204-1085031214-1801674531-1009..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 189 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108855 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-823518204-1085031214-1801674531-1009\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-823518204-1085031214-1801674531-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O7 - HKU\S-1-5-21-823518204-1085031214-1801674531-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm () O9 - Extra Button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Utwórz Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_17-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_22-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2008-10-03 20:54:11 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-11-15 21:46:53 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-11-15 21:46:54 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-11-15 21:46:54 | 000,000,000 | RHSD | M] - F:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-11-15 20:38:20 | 000,000,033 | RHS- | M] () - H:\AutoRun.inf -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - Services: "aawservice" MsConfig - StartUpReg: [b]MSMSGS[/b] - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 1 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PEVSystemStart - Service SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: procexp90.Sys - Driver SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PEVSystemStart - Service SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: procexp90.Sys - Driver SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2010-11-15 21:48:27 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2010-11-15 21:48:26 | 000,000,000 | ---D | C] -- C:\rsit [2010-11-15 21:46:53 | 000,000,000 | RHSD | C] -- C:\autorun.inf [2010-11-15 21:35:08 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Szimin\Pulpit\OTL.exe [2010-11-12 17:42:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Szimin\Ustawienia lokalne\Dane aplikacji\Activision [2010-11-12 13:07:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Szimin\Ustawienia lokalne\Dane aplikacji\Scansoft [2010-11-11 21:22:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Szimin\Dane aplikacji\Foxit Software [2010-11-11 20:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\Odkurzacz [2010-11-11 20:28:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Szimin\Pulpit\Ygoow [2010-11-10 15:51:21 | 000,000,000 | ---D | C] -- C:\Program Files\Softronics [2010-11-09 19:07:35 | 000,000,000 | ---D | C] -- C:\Program Files\jv16 PowerTools 2010 [2010-11-09 18:59:04 | 000,025,992 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe [2010-11-09 18:55:59 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Szimin\Recent [2010-11-09 13:19:16 | 000,023,456 | ---- | C] (Phoenix Technologies) -- C:\WINDOWS\System32\drivers\DrvAgent32.sys [2010-11-09 13:19:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Szimin\Ustawienia lokalne\Dane aplikacji\eSupport.com [2010-11-05 11:34:24 | 000,020,328 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\System32\drivers\cpuz134_x32.sys [2010-11-02 18:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Szimin\Dane aplikacji\Winamp [2010-11-02 17:58:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm [2010-11-02 17:58:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell [2010-10-26 13:41:13 | 000,359,016 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe [2010-10-26 13:41:11 | 000,129,640 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe [2010-10-26 13:41:07 | 001,691,480 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys [2010-10-26 13:35:18 | 001,656,832 | ---- | C] (NoPremium.pl) -- C:\Documents and Settings\Szimin\Pulpit\nopremium.exe [2010-10-26 13:01:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Szimin\Ustawienia lokalne\Dane aplikacji\Thunderbird [2010-10-26 13:01:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Szimin\Dane aplikacji\Thunderbird [2010-10-24 21:56:49 | 000,477,784 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2010-10-15 21:10:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DSS [2010-10-15 13:05:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Szimin\Dane aplikacji\QuickScan [2010-10-11 12:43:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Szimin\Dane aplikacji\Dropbox [2010-10-03 20:09:52 | 000,000,000 | ---D | C] -- C:\Program Files\KONAMI [2010-09-30 16:07:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Szimin\Dane aplikacji\Leadertech [2010-09-27 13:50:38 | 000,000,000 | ---D | C] -- C:\Program Files\WinSCP [2010-09-22 12:53:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Szimin\Dane aplikacji\Fonts [2010-09-22 09:51:56 | 000,000,000 | ---D | C] -- C:\Program Files\Yildun Scanner [2010-05-14 11:41:57 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Szimin\Dane aplikacji\pcouffin.sys [2008-10-27 09:38:54 | 000,095,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll [2008-10-27 09:37:34 | 001,692,496 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll [2008-10-27 09:36:58 | 000,526,160 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DXSETUP.exe [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2010-11-15 21:47:46 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Szimin\Pulpit\RSIT.exe [2010-11-15 21:45:49 | 000,132,597 | ---- | M] () -- C:\Documents and Settings\Szimin\Pulpit\Flash_Disinfector.exe [2010-11-15 21:45:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1ca5c2380a3d7f4.job [2010-11-15 21:35:11 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Szimin\Pulpit\OTL.exe [2010-11-15 21:19:00 | 000,001,136 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1085031214-1801674531-1009UA.job [2010-11-15 20:59:29 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ca5c23806a9f84.job [2010-11-15 20:59:25 | 000,013,764 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-11-15 20:59:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-11-14 13:19:00 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1085031214-1801674531-1009Core.job [2010-11-12 21:20:49 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\Szimin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-11-12 18:26:43 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Szimin\Dane aplikacji\winscp.rnd [2010-11-12 18:24:38 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Szimin\Ustawienia lokalne\Dane aplikacji\PUTTY.RND [2010-11-12 17:38:05 | 000,000,745 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Call of Duty - Black Ops.lnk [2010-11-11 22:02:41 | 000,039,894 | ---- | M] () -- C:\Documents and Settings\Szimin\Moje dokumenty\NoPremium.pl.dotpayimg.bmp [2010-11-11 21:07:45 | 000,424,694 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010-11-11 20:49:25 | 000,000,856 | ---- | M] () -- C:\Documents and Settings\Szimin\Pulpit\Szybkie Czyszczenie Dysku.lnk [2010-11-11 20:49:25 | 000,000,760 | ---- | M] () -- C:\Documents and Settings\Szimin\Pulpit\Odkurzacz.lnk [2010-11-11 19:09:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010-11-11 13:53:27 | 001,656,832 | ---- | M] (NoPremium.pl) -- C:\Documents and Settings\Szimin\Pulpit\nopremium.exe [2010-11-10 16:04:46 | 000,142,311 | -H-- | M] () -- C:\Documents and Settings\Szimin\Moje dokumenty\PP11Thumbs.ptn [2010-11-10 16:04:46 | 000,000,059 | -H-- | M] () -- C:\Documents and Settings\Szimin\Moje dokumenty\maxdesk.ini2 [2010-11-10 16:04:46 | 000,000,043 | -H-- | M] () -- C:\Documents and Settings\Szimin\Moje dokumenty\PP11Thumbs.ptn2 [2010-11-10 15:51:21 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mulimedia Logic.lnk [2010-11-09 19:33:56 | 000,000,281 | RHS- | M] () -- C:\boot.ini [2010-11-09 19:07:47 | 000,000,022 | -HS- | M] () -- C:\Documents and Settings\Szimin\Dane aplikacji\Sys6925.Config Collection.sys [2010-11-09 19:07:47 | 000,000,022 | -HS- | M] () -- C:\WINDOWS\Sys3390 SettingsCollection.bin [2010-11-09 18:59:04 | 000,025,992 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe [2010-11-09 13:19:16 | 000,023,456 | ---- | M] (Phoenix Technologies) -- C:\WINDOWS\System32\drivers\DrvAgent32.sys [2010-11-05 13:16:51 | 000,002,311 | ---- | M] () -- C:\Documents and Settings\Szimin\Pulpit\Google Chrome.lnk [2010-11-05 13:02:05 | 000,587,244 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-11-05 13:02:05 | 000,501,832 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-11-05 13:02:05 | 000,118,940 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-11-05 13:02:05 | 000,087,738 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-11-02 19:36:50 | 000,359,016 | ---- | M] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe [2010-11-02 19:36:04 | 000,129,640 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe [2010-11-02 19:35:40 | 002,815,592 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE [2010-11-02 18:08:24 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk [2010-10-30 17:00:06 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-10-29 20:43:05 | 000,001,747 | ---- | M] () -- C:\Documents and Settings\Szimin\Pulpit\ConvertXtoDVD 4.lnk [2010-10-29 20:42:58 | 000,001,057 | ---- | M] () -- C:\Documents and Settings\Szimin\Dane aplikacji\vso_ts_preview.xml [2010-10-25 19:22:34 | 000,240,592 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2010-10-25 19:22:34 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin [2010-10-25 19:22:30 | 000,240,592 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2010-10-25 13:56:09 | 000,422,512 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101111-210745.backup [2010-10-24 22:07:01 | 000,113,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat [2010-10-24 22:07:00 | 000,097,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat [2010-10-24 21:56:49 | 000,477,784 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys [2010-10-22 17:54:40 | 000,003,644 | ---- | M] () -- C:\WINDOWS\wincmd.ini [2010-10-22 17:53:29 | 000,000,299 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini [2010-10-22 07:23:30 | 000,061,440 | ---- | M] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll [2010-10-22 07:23:29 | 002,293,194 | ---- | M] () -- C:\WINDOWS\System32\nvdata.bin [2010-10-22 07:23:29 | 000,003,739 | ---- | M] () -- C:\WINDOWS\System32\nvinfo.pb [2010-10-17 14:53:08 | 000,000,334 | ---- | M] () -- C:\Documents and Settings\Szimin\Pulpit\Skrót do WSInf.lnk [2010-10-17 14:46:53 | 000,000,606 | ---- | M] () -- C:\Documents and Settings\Szimin\Pulpit\WinSCP.lnk [2010-10-17 14:38:02 | 000,406,310 | ---- | M] () -- C:\Documents and Settings\Szimin\Pulpit\FTPiEMAIL.pdf [2010-10-14 14:17:18 | 002,285,568 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-10-13 13:43:57 | 000,421,702 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101025-145609.backup [2010-10-07 22:38:42 | 000,420,902 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101013-144357.backup [2010-10-02 12:43:39 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\Szimin\Pulpit\MoorHunt.lnk [2010-10-01 21:46:13 | 000,419,868 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101007-233842.backup [2010-09-30 16:06:39 | 000,001,926 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\FIFA 11.lnk [2010-09-29 13:09:05 | 000,000,883 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Foxit Reader.lnk [2010-09-27 12:36:30 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Szimin\PUTTY.RND [2010-09-23 17:29:08 | 000,108,032 | ---- | M] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-09-17 23:14:21 | 000,418,632 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101001-224613.backup [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-11-15 21:47:40 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Szimin\Pulpit\RSIT.exe [2010-11-15 21:45:49 | 000,132,597 | ---- | C] () -- C:\Documents and Settings\Szimin\Pulpit\Flash_Disinfector.exe [2010-11-12 17:38:05 | 000,000,745 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Call of Duty - Black Ops.lnk [2010-11-11 20:49:25 | 000,000,856 | ---- | C] () -- C:\Documents and Settings\Szimin\Pulpit\Szybkie Czyszczenie Dysku.lnk [2010-11-11 20:49:25 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Szimin\Pulpit\Odkurzacz.lnk [2010-11-11 13:54:22 | 000,039,894 | ---- | C] () -- C:\Documents and Settings\Szimin\Moje dokumenty\NoPremium.pl.dotpayimg.bmp [2010-11-10 15:59:50 | 000,000,059 | -H-- | C] () -- C:\Documents and Settings\Szimin\Moje dokumenty\maxdesk.ini2 [2010-11-10 15:57:42 | 000,000,043 | -H-- | C] () -- C:\Documents and Settings\Szimin\Moje dokumenty\PP11Thumbs.ptn2 [2010-11-10 15:56:35 | 000,142,311 | -H-- | C] () -- C:\Documents and Settings\Szimin\Moje dokumenty\PP11Thumbs.ptn [2010-11-10 15:51:21 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mulimedia Logic.lnk [2010-11-09 19:07:47 | 000,000,022 | -HS- | C] () -- C:\Documents and Settings\Szimin\Dane aplikacji\Sys6925.Config Collection.sys [2010-11-09 19:07:47 | 000,000,022 | -HS- | C] () -- C:\WINDOWS\Sys3390 SettingsCollection.bin [2010-11-05 13:16:51 | 000,002,311 | ---- | C] () -- C:\Documents and Settings\Szimin\Pulpit\Google Chrome.lnk [2010-11-05 13:14:59 | 000,001,136 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1085031214-1801674531-1009UA.job [2010-11-05 13:14:58 | 000,001,084 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1085031214-1801674531-1009Core.job [2010-11-02 18:08:24 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Winamp.lnk [2010-10-24 21:58:01 | 000,113,933 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat [2010-10-24 21:58:01 | 000,097,549 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat [2010-10-17 14:53:08 | 000,000,334 | ---- | C] () -- C:\Documents and Settings\Szimin\Pulpit\Skrót do WSInf.lnk [2010-10-17 14:46:53 | 000,000,606 | ---- | C] () -- C:\Documents and Settings\Szimin\Pulpit\WinSCP.lnk [2010-10-17 14:38:12 | 000,406,310 | ---- | C] () -- C:\Documents and Settings\Szimin\Pulpit\FTPiEMAIL.pdf [2010-09-30 16:06:39 | 000,001,926 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\FIFA 11.lnk [2010-09-29 13:09:05 | 000,000,883 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Foxit Reader.lnk [2010-09-27 12:38:15 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Szimin\Dane aplikacji\winscp.rnd [2010-09-24 14:54:58 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Szimin\PUTTY.RND [2010-09-21 20:29:28 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Szimin\Ustawienia lokalne\Dane aplikacji\PUTTY.RND [2010-07-17 01:12:57 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-07-17 01:12:57 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010-07-17 01:12:56 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-06-18 08:01:19 | 000,000,288 | ---- | C] () -- C:\WINDOWS\d.ini [2010-06-01 12:55:55 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-05-14 11:43:56 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\Szimin\Dane aplikacji\vso_ts_preview.xml [2010-05-14 11:41:57 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Szimin\Dane aplikacji\inst.exe [2010-05-14 11:41:57 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Szimin\Dane aplikacji\pcouffin.cat [2010-05-14 11:41:57 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Szimin\Dane aplikacji\pcouffin.inf [2010-04-18 19:45:59 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-04-03 19:44:39 | 000,077,824 | ---- | C] () -- C:\Documents and Settings\Szimin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-04-02 23:26:41 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Szimin\Dane aplikacji\$_hpcst$.hpc [2010-04-02 17:17:34 | 000,179,091 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2010-03-21 21:55:29 | 000,001,965 | ---- | C] () -- C:\Program Files\mbMojoppro.log [2010-03-21 21:16:05 | 000,002,070 | ---- | C] () -- C:\Program Files\mbccppro.log [2010-03-21 19:39:45 | 000,022,689 | ---- | C] () -- C:\Program Files\mblooks3ppro.log [2010-03-09 18:10:49 | 000,000,179 | ---- | C] () -- C:\WINDOWS\wininit.ini [2009-07-01 20:27:45 | 000,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini [2009-07-01 20:27:45 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini [2009-07-01 20:27:38 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll [2009-07-01 20:27:38 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll [2009-07-01 20:27:01 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\adinst32.dll [2008-12-22 23:33:46 | 000,000,998 | ---- | C] () -- C:\WINDOWS\adiras.ini [2008-10-27 10:40:15 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008-10-27 09:38:20 | 013,265,184 | ---- | C] () -- C:\Program Files\dxnt.cab [2008-10-27 09:38:20 | 004,163,646 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86_Archive.cab [2008-10-27 09:38:20 | 001,907,944 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x64.cab [2008-10-27 09:38:20 | 001,803,074 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x64.cab [2008-10-27 09:38:18 | 001,801,176 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x64.cab [2008-10-27 09:38:18 | 001,795,100 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x64.cab [2008-10-27 09:38:18 | 001,793,624 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x64.cab [2008-10-27 09:38:18 | 001,770,878 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x64.cab [2008-10-27 09:38:18 | 001,710,376 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x86.cab [2008-10-27 09:38:18 | 001,709,168 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x86.cab [2008-10-27 09:38:18 | 001,608,374 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x64.cab [2008-10-27 09:38:16 | 001,608,790 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x64.cab [2008-10-27 09:38:16 | 001,608,302 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x86.cab [2008-10-27 09:38:16 | 001,607,055 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x86.cab [2008-10-27 09:38:16 | 001,575,392 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x86.cab [2008-10-27 09:38:16 | 001,572,170 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x64.cab [2008-10-27 09:38:14 | 001,551,228 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x86.cab [2008-10-27 09:38:14 | 001,465,688 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x86.cab [2008-10-27 09:38:14 | 001,464,894 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x86.cab [2008-10-27 09:38:14 | 001,413,918 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x64.cab [2008-10-27 09:38:14 | 001,363,812 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x64.cab [2008-10-27 09:38:14 | 001,358,992 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab [2008-10-27 09:38:12 | 001,444,298 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x86.cab [2008-10-27 09:38:12 | 001,398,846 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x64.cab [2008-10-27 09:38:12 | 001,351,558 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab [2008-10-27 09:38:10 | 001,348,370 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab [2008-10-27 09:38:10 | 001,337,018 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab [2008-10-27 09:38:10 | 001,248,515 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab [2008-10-27 09:38:10 | 001,156,507 | ---- | C] () -- C:\Program Files\BDANT.cab [2008-10-27 09:38:10 | 001,128,233 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x86.cab [2008-10-27 09:38:10 | 001,116,237 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x86.cab [2008-10-27 09:38:10 | 001,080,472 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab [2008-10-27 09:38:08 | 001,085,736 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x86.cab [2008-10-27 09:38:08 | 001,079,978 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab [2008-10-27 09:38:08 | 001,078,660 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab [2008-10-27 09:38:08 | 001,065,941 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab [2008-10-27 09:38:08 | 001,014,241 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab [2008-10-27 09:38:08 | 000,995,154 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x64.cab [2008-10-27 09:38:08 | 000,122,810 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x64.cab [2008-10-27 09:38:08 | 000,097,833 | ---- | C] () -- C:\Program Files\APR2007_xinput_x64.cab [2008-10-27 09:38:08 | 000,094,750 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x86.cab [2008-10-27 09:38:04 | 000,976,164 | ---- | C] () -- C:\Program Files\BDAXP.cab [2008-10-27 09:38:04 | 000,966,445 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x86.cab [2008-10-27 09:38:04 | 000,917,446 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86.cab [2008-10-27 09:38:04 | 000,868,844 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x64.cab [2008-10-27 09:38:04 | 000,868,628 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x64.cab [2008-10-27 09:38:04 | 000,865,616 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x64.cab [2008-10-27 09:38:04 | 000,853,302 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x64.cab [2008-10-27 09:38:04 | 000,850,935 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x86.cab [2008-10-27 09:38:04 | 000,096,053 | ---- | C] () -- C:\Program Files\dxupdate.cab [2008-10-27 09:38:04 | 000,094,144 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x86.cab [2008-10-27 09:38:04 | 000,055,538 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x64.cab [2008-10-27 09:38:04 | 000,045,464 | ---- | C] () -- C:\Program Files\dxdllreg_x86.cab [2008-10-27 09:38:02 | 000,850,183 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x86.cab [2008-10-27 09:38:02 | 000,845,900 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x64.cab [2008-10-27 09:38:02 | 000,819,276 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x86.cab [2008-10-27 09:38:02 | 000,094,028 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x86.cab [2008-10-27 09:38:02 | 000,093,700 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x86.cab [2008-10-27 09:38:02 | 000,088,158 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x64.cab [2008-10-27 09:38:02 | 000,088,117 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x64.cab [2008-10-27 09:38:02 | 000,087,053 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x64.cab [2008-10-27 09:38:02 | 000,056,170 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x64.cab [2008-10-27 09:38:02 | 000,056,074 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x64.cab [2008-10-27 09:38:02 | 000,054,318 | ---- | C] () -- C:\Program Files\APR2007_xinput_x86.cab [2008-10-27 09:38:02 | 000,047,160 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x64.cab [2008-10-27 09:38:02 | 000,047,074 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x86.cab [2008-10-27 09:38:02 | 000,046,375 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x86.cab [2008-10-27 09:38:02 | 000,022,921 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x86.cab [2008-10-27 09:38:02 | 000,022,867 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x86.cab [2008-10-27 09:38:02 | 000,019,512 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x86.cab [2008-10-27 09:38:00 | 000,804,900 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x86.cab [2008-10-27 09:38:00 | 000,797,883 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x86.cab [2008-10-27 09:38:00 | 000,700,060 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x64.cab [2008-10-27 09:38:00 | 000,699,628 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x64.cab [2008-10-27 09:38:00 | 000,047,026 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x86.cab [2008-10-27 09:38:00 | 000,022,883 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x86.cab [2008-10-27 09:37:58 | 000,699,488 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x86.cab [2008-10-27 09:37:58 | 000,696,881 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x86.cab [2008-10-27 09:37:58 | 000,272,384 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x64.cab [2008-10-27 09:37:58 | 000,270,858 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x86.cab [2008-10-27 09:37:58 | 000,270,644 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x64.cab [2008-10-27 09:37:54 | 000,274,976 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x64.cab [2008-10-27 09:37:54 | 000,273,627 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x86.cab [2008-10-27 09:37:52 | 000,270,040 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x86.cab [2008-10-27 09:37:52 | 000,252,210 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x64.cab [2008-10-27 09:37:52 | 000,227,266 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x86.cab [2008-10-27 09:37:52 | 000,199,112 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x64.cab [2008-10-27 09:37:50 | 000,213,823 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x64.cab [2008-10-27 09:37:50 | 000,198,138 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x64.cab [2008-10-27 09:37:50 | 000,193,491 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x64.cab [2008-10-27 09:37:48 | 000,197,778 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x64.cab [2008-10-27 09:37:48 | 000,196,782 | ---- | C] () -- C:\Program Files\APR2007_XACT_x64.cab [2008-10-27 09:37:48 | 000,195,691 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x64.cab [2008-10-27 09:37:48 | 000,192,736 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x86.cab [2008-10-27 09:37:48 | 000,183,919 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x64.cab [2008-10-27 09:37:48 | 000,183,377 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x64.cab [2008-10-27 09:37:46 | 000,181,801 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x64.cab [2008-10-27 09:37:46 | 000,180,149 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x64.cab [2008-10-27 09:37:46 | 000,179,375 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x64.cab [2008-10-27 09:37:46 | 000,154,028 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x86.cab [2008-10-27 09:37:44 | 000,153,925 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x86.cab [2008-10-27 09:37:44 | 000,152,241 | ---- | C] () -- C:\Program Files\APR2007_XACT_x86.cab [2008-10-27 09:37:42 | 000,149,280 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x86.cab [2008-10-27 09:37:42 | 000,148,999 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x86.cab [2008-10-27 09:37:42 | 000,146,615 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x86.cab [2008-10-27 09:37:42 | 000,139,033 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x86.cab [2008-10-27 09:37:42 | 000,138,251 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x86.cab [2008-10-27 09:37:40 | 000,134,687 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x86.cab [2008-10-27 09:37:40 | 000,133,425 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x86.cab [2008-10-27 09:37:40 | 000,123,352 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x64.cab [2008-10-27 09:37:40 | 000,122,840 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x64.cab [2008-10-27 09:37:40 | 000,122,070 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x64.cab [2008-10-27 09:37:38 | 000,134,119 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x86.cab [2008-10-06 22:36:07 | 000,000,299 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini [2008-10-06 22:31:33 | 000,003,644 | ---- | C] () -- C:\WINDOWS\wincmd.ini [2008-10-05 19:19:16 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2008-10-05 18:35:07 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2008-10-05 14:30:47 | 000,000,404 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2008-10-05 14:30:47 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI [2008-10-05 14:25:15 | 000,031,567 | ---- | C] () -- C:\WINDOWS\maxlink.ini [2008-10-04 20:45:34 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008-10-03 22:39:09 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2008-10-03 21:54:41 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys [2008-10-03 21:04:05 | 000,014,383 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2008-10-03 21:03:56 | 000,014,139 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2008-10-03 21:03:54 | 000,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2008-10-03 21:03:43 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2008-09-17 08:55:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2008-05-26 21:22:36 | 000,016,222 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini [2008-05-26 21:22:34 | 000,021,728 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini [2008-05-26 21:22:32 | 000,016,164 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini [2008-02-08 17:13:44 | 000,319,488 | ---- | C] () -- C:\WINDOWS\System32\LS3Renderer.dll [2008-02-08 17:03:43 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\RegisterDialog.dll [1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys [color=#E56717]========== LOP Check ==========[/color] [2008-10-06 21:49:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Azureus [2009-11-03 12:15:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-11-09 19:57:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DSS [2010-02-22 23:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2009-12-30 19:21:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2008-10-05 14:25:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ScanSoft [2010-03-23 19:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony [2008-12-30 23:08:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\vsosdk [2009-10-15 12:27:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gość\Dane aplikacji\Windows Desktop Search [2010-04-30 16:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\DAEMON Tools Lite [2010-10-11 18:00:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\Dropbox [2010-09-22 12:53:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\Fonts [2010-11-11 21:22:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\Foxit Software [2010-07-24 13:20:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\Gadu-Gadu 10 [2010-09-30 16:07:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\Leadertech [2010-10-15 13:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\QuickScan [2010-05-23 20:57:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\ScanSoft [2010-04-02 22:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\Sony [2010-10-26 13:01:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\Thunderbird [2010-10-29 20:42:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\Vso [2010-04-02 22:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\Windows Desktop Search [2010-06-01 13:47:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Szimin\Dane aplikacji\Windows Search [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-09-11 22:40:20 | 000,050,620 | ---- | M] () -- C:\aaw7boot.log [2009-11-29 23:02:50 | 000,406,901 | ---- | M] () -- C:\AnalysisLog.sr0 [2010-06-02 04:21:16 | 001,347,354 | ---- | M] () -- C:\Apr2005_d3dx9_25_x64.cab [2010-06-02 04:21:16 | 001,078,962 | ---- | M] () -- C:\Apr2005_d3dx9_25_x86.cab [2010-06-02 04:21:16 | 001,397,830 | ---- | M] () -- C:\Apr2006_d3dx9_30_x64.cab [2010-06-02 04:21:16 | 001,115,221 | ---- | M] () -- C:\Apr2006_d3dx9_30_x86.cab [2010-06-02 04:21:18 | 000,916,430 | ---- | M] () -- C:\Apr2006_MDX1_x86.cab [2010-06-02 04:21:18 | 004,162,630 | ---- | M] () -- C:\Apr2006_MDX1_x86_Archive.cab [2010-06-02 04:21:18 | 000,179,133 | ---- | M] () -- C:\Apr2006_XACT_x64.cab [2010-06-02 04:21:18 | 000,133,103 | ---- | M] () -- C:\Apr2006_XACT_x86.cab [2010-06-02 04:21:20 | 000,087,101 | ---- | M] () -- C:\Apr2006_xinput_x64.cab [2010-06-02 04:21:34 | 000,046,010 | ---- | M] () -- C:\Apr2006_xinput_x86.cab [2010-06-02 04:21:36 | 000,698,612 | ---- | M] () -- C:\APR2007_d3dx10_33_x64.cab [2010-06-02 04:21:36 | 000,695,865 | ---- | M] () -- C:\APR2007_d3dx10_33_x86.cab [2010-06-02 04:21:36 | 001,607,358 | ---- | M] () -- C:\APR2007_d3dx9_33_x64.cab [2010-06-02 04:21:38 | 001,606,039 | ---- | M] () -- C:\APR2007_d3dx9_33_x86.cab [2010-06-02 04:21:38 | 000,195,766 | ---- | M] () -- C:\APR2007_XACT_x64.cab [2010-06-02 04:21:38 | 000,151,225 | ---- | M] () -- C:\APR2007_XACT_x86.cab [2010-06-02 04:21:38 | 000,096,817 | ---- | M] () -- C:\APR2007_xinput_x64.cab [2010-06-02 04:21:40 | 000,053,302 | ---- | M] () -- C:\APR2007_xinput_x86.cab [2009-12-24 23:41:59 | 000,030,052 | ---- | M] () -- C:\ASLog.txt [2010-06-02 04:21:40 | 001,350,542 | ---- | M] () -- C:\Aug2005_d3dx9_27_x64.cab [2010-06-02 04:21:40 | 001,077,644 | ---- | M] () -- C:\Aug2005_d3dx9_27_x86.cab [2010-06-02 04:21:40 | 000,182,903 | ---- | M] () -- C:\AUG2006_XACT_x64.cab [2010-06-02 04:21:40 | 000,137,235 | ---- | M] () -- C:\AUG2006_XACT_x86.cab [2010-06-02 04:21:40 | 000,087,142 | ---- | M] () -- C:\AUG2006_xinput_x64.cab [2010-06-02 04:21:40 | 000,046,058 | ---- | M] () -- C:\AUG2006_xinput_x86.cab [2010-06-02 04:21:42 | 000,852,286 | ---- | M] () -- C:\AUG2007_d3dx10_35_x64.cab [2010-06-02 04:21:42 | 000,796,867 | ---- | M] () -- C:\AUG2007_d3dx10_35_x86.cab [2010-06-02 04:21:42 | 001,800,160 | ---- | M] () -- C:\AUG2007_d3dx9_35_x64.cab [2010-06-02 04:21:42 | 001,708,152 | ---- | M] () -- C:\AUG2007_d3dx9_35_x86.cab [2010-06-02 04:21:44 | 000,198,096 | ---- | M] () -- C:\AUG2007_XACT_x64.cab [2010-06-02 04:21:44 | 000,153,012 | ---- | M] () -- C:\AUG2007_XACT_x86.cab [2010-06-02 04:21:42 | 000,867,612 | ---- | M] () -- C:\Aug2008_d3dx10_39_x64.cab [2010-06-02 04:21:44 | 000,849,167 | ---- | M] () -- C:\Aug2008_d3dx10_39_x86.cab [2010-06-02 04:21:44 | 001,794,084 | ---- | M] () -- C:\Aug2008_d3dx9_39_x64.cab [2010-06-02 04:21:44 | 001,464,672 | ---- | M] () -- C:\Aug2008_d3dx9_39_x86.cab [2010-06-02 04:21:44 | 000,121,772 | ---- | M] () -- C:\Aug2008_XACT_x64.cab [2010-06-02 04:21:44 | 000,092,996 | ---- | M] () -- C:\Aug2008_XACT_x86.cab [2010-06-02 04:21:46 | 000,271,412 | ---- | M] () -- C:\Aug2008_XAudio_x64.cab [2010-06-02 04:21:46 | 000,271,038 | ---- | M] () -- C:\Aug2008_XAudio_x86.cab [2010-06-02 04:21:46 | 000,919,044 | ---- | M] () -- C:\Aug2009_D3DCompiler_42_x64.cab [2010-06-02 04:21:56 | 000,900,598 | ---- | M] () -- C:\Aug2009_D3DCompiler_42_x86.cab [2010-06-02 04:21:56 | 003,112,111 | ---- | M] () -- C:\Aug2009_d3dcsx_42_x64.cab [2010-06-02 04:21:56 | 003,319,740 | ---- | M] () -- C:\Aug2009_d3dcsx_42_x86.cab [2010-06-02 04:21:58 | 000,232,635 | ---- | M] () -- C:\Aug2009_d3dx10_42_x64.cab [2010-06-02 04:21:58 | 000,192,131 | ---- | M] () -- C:\Aug2009_d3dx10_42_x86.cab [2010-06-02 04:21:58 | 000,136,301 | ---- | M] () -- C:\Aug2009_d3dx11_42_x64.cab [2010-06-02 04:21:58 | 000,105,044 | ---- | M] () -- C:\Aug2009_d3dx11_42_x86.cab [2010-06-02 04:21:58 | 000,930,116 | ---- | M] () -- C:\Aug2009_d3dx9_42_x64.cab [2010-06-02 04:21:58 | 000,728,456 | ---- | M] () -- C:\Aug2009_d3dx9_42_x86.cab [2010-06-02 04:22:00 | 000,122,408 | ---- | M] () -- C:\Aug2009_XACT_x64.cab [2010-06-02 04:22:00 | 000,093,106 | ---- | M] () -- C:\Aug2009_XACT_x86.cab [2010-06-02 04:22:00 | 000,273,264 | ---- | M] () -- C:\Aug2009_XAudio_x64.cab [2010-06-02 04:22:00 | 000,272,642 | ---- | M] () -- C:\Aug2009_XAudio_x86.cab [2008-10-03 20:54:11 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010-02-04 10:21:32 | 001,155,491 | ---- | M] () -- C:\BDANT.cab [2010-02-04 10:21:32 | 000,975,148 | ---- | M] () -- C:\BDAXP.cab [2009-03-12 17:30:01 | 000,000,211 | ---- | M] () -- C:\Boot.bak [2010-11-09 19:33:56 | 000,000,281 | RHS- | M] () -- C:\boot.ini [2008-04-15 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2004-08-03 23:00:14 | 000,262,400 | ---- | M] () -- C:\cmldr [2010-03-18 23:15:40 | 000,151,716 | ---- | M] () -- C:\ComboFix.txt [2008-10-03 20:54:11 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2010-06-02 04:22:00 | 001,357,976 | ---- | M] () -- C:\Dec2005_d3dx9_28_x64.cab [2010-06-02 04:22:00 | 001,079,456 | ---- | M] () -- C:\Dec2005_d3dx9_28_x86.cab [2010-06-02 04:22:00 | 000,212,807 | ---- | M] () -- C:\DEC2006_d3dx10_00_x64.cab [2010-06-02 04:22:00 | 000,191,720 | ---- | M] () -- C:\DEC2006_d3dx10_00_x86.cab [2010-06-02 04:22:00 | 001,571,154 | ---- | M] () -- C:\DEC2006_d3dx9_32_x64.cab [2010-06-02 04:22:02 | 001,574,376 | ---- | M] () -- C:\DEC2006_d3dx9_32_x86.cab [2010-06-02 04:22:02 | 000,192,475 | ---- | M] () -- C:\DEC2006_XACT_x64.cab [2010-06-02 04:22:02 | 000,145,599 | ---- | M] () -- C:\DEC2006_XACT_x86.cab [2010-06-02 04:22:02 | 000,089,944 | ---- | M] (Microsoft Corporation) -- C:\DSETUP.dll [2010-06-02 04:22:02 | 001,801,048 | ---- | M] () -- C:\dsetup32.dll [2010-06-02 04:22:02 | 000,042,410 | ---- | M] () -- C:\dxdllreg_x86.cab [2010-02-04 10:21:34 | 013,264,168 | ---- | M] () -- C:\dxnt.cab [2010-06-02 04:22:02 | 000,537,432 | ---- | M] () -- C:\DXSETUP.exe [2010-06-02 04:22:02 | 000,094,011 | ---- | M] () -- C:\dxupdate.cab [2010-06-02 04:22:02 | 001,247,499 | ---- | M] () -- C:\Feb2005_d3dx9_24_x64.cab [2010-06-02 04:22:02 | 001,013,225 | ---- | M] () -- C:\Feb2005_d3dx9_24_x86.cab [2010-06-02 04:22:02 | 001,362,796 | ---- | M] () -- C:\Feb2006_d3dx9_29_x64.cab [2010-06-02 04:22:04 | 001,084,720 | ---- | M] () -- C:\Feb2006_d3dx9_29_x86.cab [2010-06-02 04:22:10 | 000,178,359 | ---- | M] () -- C:\Feb2006_XACT_x64.cab [2010-06-02 04:22:10 | 000,132,409 | ---- | M] () -- C:\Feb2006_XACT_x86.cab [2010-06-02 04:22:12 | 000,194,675 | ---- | M] () -- C:\FEB2007_XACT_x64.cab [2010-06-02 04:22:12 | 000,147,983 | ---- | M] () -- C:\FEB2007_XACT_x86.cab [2010-06-02 04:22:12 | 000,054,678 | ---- | M] () -- C:\Feb2010_X3DAudio_x64.cab [2010-06-02 04:22:12 | 000,020,713 | ---- | M] () -- C:\Feb2010_X3DAudio_x86.cab [2010-06-02 04:22:14 | 000,122,446 | ---- | M] () -- C:\Feb2010_XACT_x64.cab [2010-06-02 04:22:14 | 000,093,180 | ---- | M] () -- C:\Feb2010_XACT_x86.cab [2010-06-02 04:22:14 | 000,276,960 | ---- | M] () -- C:\Feb2010_XAudio_x64.cab [2010-06-02 04:22:14 | 000,277,191 | ---- | M] () -- C:\Feb2010_XAudio_x86.cab [2008-10-03 20:54:11 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-06-02 04:22:14 | 001,336,002 | ---- | M] () -- C:\Jun2005_d3dx9_26_x64.cab [2010-06-02 04:22:16 | 001,064,925 | ---- | M] () -- C:\Jun2005_d3dx9_26_x86.cab [2010-06-02 04:22:16 | 000,180,785 | ---- | M] () -- C:\JUN2006_XACT_x64.cab [2010-06-02 04:22:16 | 000,133,671 | ---- | M] () -- C:\JUN2006_XACT_x86.cab [2010-06-02 04:22:16 | 000,699,044 | ---- | M] () -- C:\JUN2007_d3dx10_34_x64.cab [2010-06-02 04:22:16 | 000,698,472 | ---- | M] () -- C:\JUN2007_d3dx10_34_x86.cab [2010-06-02 04:22:16 | 001,607,774 | ---- | M] () -- C:\JUN2007_d3dx9_34_x64.cab [2010-06-02 04:22:16 | 001,607,286 | ---- | M] () -- C:\JUN2007_d3dx9_34_x86.cab [2010-06-02 04:22:16 | 000,197,122 | ---- | M] () -- C:\JUN2007_XACT_x64.cab [2010-06-02 04:22:18 | 000,152,909 | ---- | M] () -- C:\JUN2007_XACT_x86.cab [2010-06-02 04:22:18 | 000,867,828 | ---- | M] () -- C:\JUN2008_d3dx10_38_x64.cab [2010-06-02 04:22:18 | 000,849,919 | ---- | M] () -- C:\JUN2008_d3dx10_38_x86.cab [2010-06-02 04:22:18 | 001,792,608 | ---- | M] () -- C:\JUN2008_d3dx9_38_x64.cab [2010-06-02 04:22:18 | 001,463,878 | ---- | M] () -- C:\JUN2008_d3dx9_38_x86.cab [2010-06-02 04:22:18 | 000,055,154 | ---- | M] () -- C:\JUN2008_X3DAudio_x64.cab [2010-06-02 04:22:18 | 000,021,905 | ---- | M] () -- C:\JUN2008_X3DAudio_x86.cab [2010-06-02 04:22:18 | 000,121,054 | ---- | M] () -- C:\JUN2008_XACT_x64.cab [2010-06-02 04:22:18 | 000,093,128 | ---- | M] () -- C:\JUN2008_XACT_x86.cab [2010-06-02 04:22:18 | 000,269,628 | ---- | M] () -- C:\JUN2008_XAudio_x64.cab [2010-06-02 04:22:20 | 000,269,024 | ---- | M] () -- C:\JUN2008_XAudio_x86.cab [2010-06-02 04:22:28 | 000,944,460 | ---- | M] () -- C:\Jun2010_D3DCompiler_43_x64.cab [2010-06-02 04:22:28 | 000,931,471 | ---- | M] () -- C:\Jun2010_D3DCompiler_43_x86.cab [2010-06-02 04:22:28 | 000,752,783 | ---- | M] () -- C:\Jun2010_d3dcsx_43_x64.cab [2010-06-02 04:22:30 | 000,762,188 | ---- | M] () -- C:\Jun2010_d3dcsx_43_x86.cab [2010-06-02 04:22:30 | 000,235,955 | ---- | M] () -- C:\Jun2010_d3dx10_43_x64.cab [2010-06-02 04:22:30 | 000,197,283 | ---- | M] () -- C:\Jun2010_d3dx10_43_x86.cab [2010-06-02 04:22:30 | 000,138,205 | ---- | M] () -- C:\Jun2010_d3dx11_43_x64.cab [2010-06-02 04:22:30 | 000,109,445 | ---- | M] () -- C:\Jun2010_d3dx11_43_x86.cab [2010-06-02 04:22:32 | 000,937,246 | ---- | M] () -- C:\Jun2010_d3dx9_43_x64.cab [2010-06-02 04:22:32 | 000,768,036 | ---- | M] () -- C:\Jun2010_d3dx9_43_x86.cab [2010-06-02 04:22:32 | 000,124,596 | ---- | M] () -- C:\Jun2010_XACT_x64.cab [2010-06-02 04:22:32 | 000,093,686 | ---- | M] () -- C:\Jun2010_XACT_x86.cab [2010-06-02 04:22:32 | 000,277,338 | ---- | M] () -- C:\Jun2010_XAudio_x64.cab [2010-06-02 04:22:32 | 000,278,060 | ---- | M] () -- C:\Jun2010_XAudio_x86.cab [2010-06-02 04:22:32 | 000,844,884 | ---- | M] () -- C:\Mar2008_d3dx10_37_x64.cab [2010-06-02 04:22:34 | 000,818,260 | ---- | M] () -- C:\Mar2008_d3dx10_37_x86.cab [2010-06-02 04:22:34 | 001,769,862 | ---- | M] () -- C:\Mar2008_d3dx9_37_x64.cab [2010-06-02 04:22:34 | 001,443,282 | ---- | M] () -- C:\Mar2008_d3dx9_37_x86.cab [2010-06-02 04:22:34 | 000,055,058 | ---- | M] () -- C:\Mar2008_X3DAudio_x64.cab [2010-06-02 04:22:34 | 000,021,867 | ---- | M] () -- C:\Mar2008_X3DAudio_x86.cab [2010-06-02 04:22:36 | 000,122,336 | ---- | M] () -- C:\Mar2008_XACT_x64.cab [2010-06-02 04:22:36 | 000,093,734 | ---- | M] () -- C:\Mar2008_XACT_x86.cab [2010-06-02 04:22:36 | 000,251,194 | ---- | M] () -- C:\Mar2008_XAudio_x64.cab [2010-06-02 04:22:36 | 000,226,250 | ---- | M] () -- C:\Mar2008_XAudio_x86.cab [2010-06-02 04:22:36 | 001,067,160 | ---- | M] () -- C:\Mar2009_d3dx10_41_x64.cab [2010-06-02 04:22:36 | 001,040,745 | ---- | M] () -- C:\Mar2009_d3dx10_41_x86.cab [2010-06-02 04:22:36 | 001,973,702 | ---- | M] () -- C:\Mar2009_d3dx9_41_x64.cab [2010-06-02 04:22:36 | 001,612,446 | ---- | M] () -- C:\Mar2009_d3dx9_41_x86.cab [2010-06-02 04:22:38 | 000,054,600 | ---- | M] () -- C:\Mar2009_X3DAudio_x64.cab [2010-06-02 04:22:38 | 000,021,298 | ---- | M] () -- C:\Mar2009_X3DAudio_x86.cab [2010-06-02 04:22:46 | 000,121,506 | ---- | M] () -- C:\Mar2009_XACT_x64.cab [2010-06-02 04:22:46 | 000,092,740 | ---- | M] () -- C:\Mar2009_XACT_x86.cab [2010-06-02 04:22:46 | 000,275,044 | ---- | M] () -- C:\Mar2009_XAudio_x64.cab [2010-06-02 04:22:48 | 000,273,018 | ---- | M] () -- C:\Mar2009_XAudio_x86.cab [2008-10-03 20:54:11 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010-06-02 04:22:48 | 000,864,600 | ---- | M] () -- C:\Nov2007_d3dx10_36_x64.cab [2010-06-02 04:22:48 | 000,803,884 | ---- | M] () -- C:\Nov2007_d3dx10_36_x86.cab [2010-06-02 04:22:48 | 001,802,058 | ---- | M] () -- C:\Nov2007_d3dx9_36_x64.cab [2010-06-02 04:22:48 | 001,709,360 | ---- | M] () -- C:\Nov2007_d3dx9_36_x86.cab [2010-06-02 04:22:50 | 000,046,144 | ---- | M] () -- C:\NOV2007_X3DAudio_x64.cab [2010-06-02 04:22:50 | 000,018,496 | ---- | M] () -- C:\NOV2007_X3DAudio_x86.cab [2010-06-02 04:22:50 | 000,196,762 | ---- | M] () -- C:\NOV2007_XACT_x64.cab [2010-06-02 04:22:50 | 000,148,264 | ---- | M] () -- C:\NOV2007_XACT_x86.cab [2010-06-02 04:22:50 | 000,994,154 | ---- | M] () -- C:\Nov2008_d3dx10_40_x64.cab [2010-06-02 04:22:52 | 000,965,421 | ---- | M] () -- C:\Nov2008_d3dx10_40_x86.cab [2010-06-02 04:22:52 | 001,906,878 | ---- | M] () -- C:\Nov2008_d3dx9_40_x64.cab [2010-06-02 04:22:52 | 001,550,796 | ---- | M] () -- C:\Nov2008_d3dx9_40_x86.cab [2010-06-02 04:22:52 | 000,054,522 | ---- | M] () -- C:\Nov2008_X3DAudio_x64.cab [2010-06-02 04:22:52 | 000,021,851 | ---- | M] () -- C:\Nov2008_X3DAudio_x86.cab [2010-06-02 04:22:52 | 000,121,794 | ---- | M] () -- C:\Nov2008_XACT_x64.cab [2010-06-02 04:22:52 | 000,092,684 | ---- | M] () -- C:\Nov2008_XACT_x86.cab [2010-06-02 04:22:54 | 000,273,960 | ---- | M] () -- C:\Nov2008_XAudio_x64.cab [2010-06-02 04:22:54 | 000,272,611 | ---- | M] () -- C:\Nov2008_XAudio_x86.cab [2008-04-15 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008-04-15 13:00:00 | 000,251,152 | RHS- | M] () -- C:\ntldr [2010-06-02 04:22:54 | 000,086,037 | ---- | M] () -- C:\Oct2005_xinput_x64.cab [2010-06-02 04:22:54 | 000,045,359 | ---- | M] () -- C:\Oct2005_xinput_x86.cab [2010-06-02 04:22:54 | 001,412,902 | ---- | M] () -- C:\OCT2006_d3dx9_31_x64.cab [2010-06-02 04:22:54 | 001,127,217 | ---- | M] () -- C:\OCT2006_d3dx9_31_x86.cab [2010-06-02 04:22:54 | 000,182,361 | ---- | M] () -- C:\OCT2006_XACT_x64.cab [2010-06-02 04:22:54 | 000,138,017 | ---- | M] () -- C:\OCT2006_XACT_x86.cab [2010-11-15 20:59:19 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [2010-08-09 19:07:15 | 000,052,457 | -H-- | M] () -- C:\treeinfo.wc [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-04-15 13:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2008-04-15 13:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys [2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2008-04-15 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\system32\DRIVERS\atapi.sys [2008-04-15 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys [2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2008-04-15 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\ERDNT\cache\beep.sys [2008-04-15 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-04-15 13:00:00 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008-04-15 13:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008-04-15 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\ERDNT\cache\eventlog.dll [2008-04-15 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=35FCCFD093582FA9098762E6F84EE119 -- C:\WINDOWS\system32\eventlog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008-04-15 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys [2008-04-15 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2008-04-15 13:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ERDNT\cache\winlogon.exe [2008-04-15 13:00:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe < End of report > [/log] przy okazji proszę o sprawdzenie, czy tak poza tym te logi są w porządku...
Tomek01 komentarz 15 listopada 2010 komentarz 15 listopada 2010 Odinstaluj Deamon Tools Toolbar. Otwierasz notatnik, wklepujesz C:\windows\System32\drivers\etc\Hosts - enter. Usuwasz wszystko poza prawidłowym wpisem 127.0.0.1 localhost. Zapisujesz zmiany. Pamiętaj aby nie skojarzyć go na stałe z Notatnikiem ! Wykonaj pełny skan [url=http://www.instalki.pl/programy/download_c/14/155.html][color=#0000CD][b]DrWebCureIt[/b][/color][/url] oraz [url=http://www.instalki.pl/programy/download_c/13/96.html][color=#0000CD][b]Malwarebytes Anti-Malware[/b][/color][/url] i wyniki pokaż na forum.
szimin komentarz 16 listopada 2010 Autor komentarz 16 listopada 2010 (edytowane) Odinstalowałem, tak myślę, Daemon Tools Toolbar. Niestety w Dodaj/Usuń programy go nie było. Usuąłem go poprzez Firefox (domyślna przeglądarka) -> Narzędzia -> Dodatki i tam "odinstaluj". Jeszcze użyłem programu Final Uninstaller. Jeżeli chodzi o Hosts. To wklepałem to w okno adresu np. w Moich dokumentach. Następnie otworzyłem poprzez Notatnik i usunąłem wszystko oprócz pierwszego wpisu - 127.0.0.1 localhost. Przy próbie zapisuj wyskakuje komunikat: "Nie można utworzyć pliku C:\WINDOWS\system32\drivers\etc\hosts. Upewnij się, czy ścieżka i nazwa pliku są poprawne." Jednak za moment wyskakuje okienko zapisu i się zapisuje ale nie wiem czy to jest dobrze. Zresztą program Dr.Web pyta o przywrócenie domyślnego pliku Hosts i kliknąłem na "Tak". Natomiast gdy znowu wpiszę w adres tą ścieżkę, co napisałeś i otworzę w Notatniku to cały czas jest więcej wpisów niż ten 127.0.0.1 localhost. Także nie wiem... Dokonałem też skanu systemu [b]Malwarebytes Anti-Malware[/b] i oto wynik. [log]Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Wersja bazy: 5121 Windows 5.1.2600 Dodatek Service Pack 3 Internet Explorer 8.0.6001.18702 2010-11-16 00:50:22 mbam-log-2010-11-16 (00-50-22).txt Typ skanowania: Pełne skanowanie (A:\|C:\|D:\|E:\|F:\|G:\|H:\|) Przeskanowano obiektów: 246335 Upłynęło: 39 minut(y), 40 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 0 Zainfekowanych wartości rejestru: 0 Zainfekowane informacje rejestru systemowego: 0 Zainfekowanych folderów: 0 Zainfekowanych plików: 2 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: (Nie znaleziono zagrożeń) Zainfekowanych wartości rejestru: (Nie znaleziono zagrożeń) Zainfekowane informacje rejestru systemowego: (Nie znaleziono zagrożeń) Zainfekowanych folderów: (Nie znaleziono zagrożeń) Zainfekowanych plików: C:\Documents and Settings\Szymon2\Pulpit\Ygoow\MailClients\VoilaClient.dll (Trojan.Dropper) -> Quarantined and deleted successfully. E:\Instalki programów\Sony Vegas\SonyVegas\Patch\patch.exe (Trojan.Downloader) -> Quarantined and deleted successfully. [/log] Z kolei Dr.Web przy szybkim skanowaniu nic nie wykrył, ale przy pełnym wykrył i screen niżej. [b] Kaspersky wciąż wyświetla mi wirusa jako aktywne zagrożenie, mimo że nic nie mogę zrobić. Klik na "neutralizuj wszystkie" nie wywołuje żadnej reakcji, tak samo jak "przetwórz" czy "wylecz wszystkie" (z podpiętym czy nie pendrivem). Zmienia się tylko data zagrożenia na aktualną przy tych operacjach. Miałem wcześniej podobny problem, kiedy na płycie DVD Kaspersky wykrył wirusa i w związku z tym a nie innym nośnikiem nie mógł nic z nim zrobić i też wyświetlał się taki ciągły komunikat o zagrożeniu...[/b]
Tomek01 komentarz 16 listopada 2010 komentarz 16 listopada 2010 Trzy pierwsze są fałszywym alarmem, u mnie też wykrywa bo używałem Flash Disinfector. Pozostałe pliki są wykrywane w System Volume Information więc wystarczy jak wyłączysz a następnie włączysz przywracanie systemu na wszystkich partycjach.
szimin komentarz 16 listopada 2010 Autor komentarz 16 listopada 2010 Rozumiem, że dokonuję tego poprzez PPM na Mój komputer -> zakładka Przywracanie systemu -> zaznaczyć ptaszka przy "Wyłącz Przywracanie systemu na wszystkich dyskach" (Zastosuj/OK) -> a potem przy tym samym odznaczyć ptaszka (Zastosuj/OK). A więc zrobiłem tak, dodatkowo jeszcze uruchomiłem ponownie komputer jednak alert o zagrożeniu z Kaspersky'ego nie zniknął...
Tomek01 komentarz 16 listopada 2010 komentarz 16 listopada 2010 Czy FlashDisinfector użyłeś z podpiętym pen'em ?
Tomek01 komentarz 16 listopada 2010 komentarz 16 listopada 2010 Pobierz [url="http://www.przeklej.pl/plik/usbfix-exe-00220gb4m1dc"]USBFix[/url] Podepnij wszystkie pamięci USB jakie posiadasz i uruchom w USBFix opcję REASERACH. Wrzuć raport. Po użyciu odinstalowujesz.
szimin komentarz 16 listopada 2010 Autor komentarz 16 listopada 2010 USBFix [log]############################## | UsbFix 7.022 | [Research] User: Szimin (Administrator) # USER-2322F37874 [ ] Updated 29/08/10 by El Desaparecido / C_XX Started at 23:55:04 | 16/11/2010 Website: http://pagesperso-orange.fr/NosTools/index.html Contact: FindyKill.Contact@gmail.com CPU: Intel(R) Core(TM)2 Quad CPU Q9550 @ 2.83GHz CPU 2: Intel(R) Core(TM)2 Quad CPU Q9550 @ 2.83GHz Microsoft Windows XP Home Edition (5.1.2600 32-Bit) # Dodatek Service Pack 3 Internet Explorer 8.0.6001.18702 Windows Firewall: Disabled /!\ Antivirus: Kaspersky Internet Security 11.0.0.232 [Enabled | Updated] Firewall: Kaspersky Internet Security 11.0.0.232 [Enabled] RAM -> 3327 Mb C:\ (%systemdrive%) -> Fixed drive # 49 Gb (25 Mb free - 51%) [] # NTFS D:\ -> CD-ROM E:\ -> Fixed drive # 208 Gb (42 Mb free - 20%) [] # NTFS F:\ -> Fixed drive # 208 Gb (46 Mb free - 22%) [] # NTFS G:\ -> CD-ROM H:\ -> Removable drive # 7 Gb (6 Mb free - 83%) [PATRIOT] # FAT32 I:\ -> Removable drive # 4 Gb (3 Mb free - 84%) [] # FAT32 ################## | Files # Infected Folders | Found ! I:\Autorun.inf ################## | Registry | Found ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives ################## | Mountpoints2 | ################## | Vaccin | C:\autorun.inf -> Folder created by Flash_Disinfector (sUBs) E:\autorun.inf -> Folder created by Flash_Disinfector (sUBs) F:\autorun.inf -> Folder created by Flash_Disinfector (sUBs) H:\autorun.inf -> Folder created by Flash_Disinfector (sUBs) ################## | E.O.F | [/log]
Tomek01 komentarz 17 listopada 2010 komentarz 17 listopada 2010 Więc użyj go jeszcze raz ale z opcją DELETION, z podpiętym oczywiście pen'em.
szimin komentarz 17 listopada 2010 Autor komentarz 17 listopada 2010 [log] ############################## | UsbFix 7.022 | [Deletion] User: Szimin (Administrator) # USER-2322F37874 [ ] Updated 29/08/10 by El Desaparecido / C_XX Started at 19:21:18 | 17/11/2010 Website: http://pagesperso-orange.fr/NosTools/index.html Contact: FindyKill.Contact@gmail.com CPU: Intel(R) Core(TM)2 Quad CPU Q9550 @ 2.83GHz CPU 2: Intel(R) Core(TM)2 Quad CPU Q9550 @ 2.83GHz Microsoft Windows XP Home Edition (5.1.2600 32-Bit) # Dodatek Service Pack 3 Internet Explorer 8.0.6001.18702 Windows Firewall: Disabled /!\ Antivirus: Kaspersky Internet Security 11.0.0.232 [Enabled | Updated] Firewall: Kaspersky Internet Security 11.0.0.232 [Enabled] RAM -> 3327 Mb C:\ (%systemdrive%) -> Fixed drive # 49 Gb (25 Mb free - 51%) [] # NTFS D:\ -> CD-ROM E:\ -> Fixed drive # 208 Gb (42 Mb free - 20%) [] # NTFS F:\ -> Fixed drive # 208 Gb (46 Mb free - 22%) [] # NTFS G:\ -> CD-ROM H:\ -> Removable drive # 7 Gb (6 Mb free - 83%) [PATRIOT] # FAT32 I:\ -> Removable drive # 4 Gb (3 Mb free - 84%) [] # FAT32 ################## | Files # Infected Folders | Deleted ! I:\Autorun.inf ################## | Registry | Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives ################## | Mountpoints2 | ################## | Listing | [11/09/2009 - 22:40:20 | A | 50620] C:\aaw7boot.log [29/11/2009 - 23:02:50 | A | 406901] C:\AnalysisLog.sr0 [02/06/2010 - 04:21:16 | A | 1347354] C:\Apr2005_d3dx9_25_x64.cab [02/06/2010 - 04:21:16 | A | 1078962] C:\Apr2005_d3dx9_25_x86.cab [02/06/2010 - 04:21:16 | A | 1397830] C:\Apr2006_d3dx9_30_x64.cab [02/06/2010 - 04:21:16 | A | 1115221] C:\Apr2006_d3dx9_30_x86.cab [02/06/2010 - 04:21:18 | A | 916430] C:\Apr2006_MDX1_x86.cab [02/06/2010 - 04:21:18 | A | 4162630] C:\Apr2006_MDX1_x86_Archive.cab [02/06/2010 - 04:21:18 | A | 179133] C:\Apr2006_XACT_x64.cab [02/06/2010 - 04:21:18 | A | 133103] C:\Apr2006_XACT_x86.cab [02/06/2010 - 04:21:20 | A | 87101] C:\Apr2006_xinput_x64.cab [02/06/2010 - 04:21:34 | A | 46010] C:\Apr2006_xinput_x86.cab [02/06/2010 - 04:21:36 | A | 698612] C:\APR2007_d3dx10_33_x64.cab [02/06/2010 - 04:21:36 | A | 695865] C:\APR2007_d3dx10_33_x86.cab [02/06/2010 - 04:21:36 | A | 1607358] C:\APR2007_d3dx9_33_x64.cab [02/06/2010 - 04:21:38 | A | 1606039] C:\APR2007_d3dx9_33_x86.cab [02/06/2010 - 04:21:38 | A | 195766] C:\APR2007_XACT_x64.cab [02/06/2010 - 04:21:38 | A | 151225] C:\APR2007_XACT_x86.cab [02/06/2010 - 04:21:38 | A | 96817] C:\APR2007_xinput_x64.cab [02/06/2010 - 04:21:40 | A | 53302] C:\APR2007_xinput_x86.cab [24/12/2009 - 23:41:59 | A | 30052] C:\ASLog.txt [02/06/2010 - 04:21:40 | A | 1350542] C:\Aug2005_d3dx9_27_x64.cab [02/06/2010 - 04:21:40 | A | 1077644] C:\Aug2005_d3dx9_27_x86.cab [02/06/2010 - 04:21:40 | A | 182903] C:\AUG2006_XACT_x64.cab [02/06/2010 - 04:21:40 | A | 137235] C:\AUG2006_XACT_x86.cab [02/06/2010 - 04:21:40 | A | 87142] C:\AUG2006_xinput_x64.cab [02/06/2010 - 04:21:40 | A | 46058] C:\AUG2006_xinput_x86.cab [02/06/2010 - 04:21:42 | A | 852286] C:\AUG2007_d3dx10_35_x64.cab [02/06/2010 - 04:21:42 | A | 796867] C:\AUG2007_d3dx10_35_x86.cab [02/06/2010 - 04:21:42 | A | 1800160] C:\AUG2007_d3dx9_35_x64.cab [02/06/2010 - 04:21:42 | A | 1708152] C:\AUG2007_d3dx9_35_x86.cab [02/06/2010 - 04:21:44 | A | 198096] C:\AUG2007_XACT_x64.cab [02/06/2010 - 04:21:44 | A | 153012] C:\AUG2007_XACT_x86.cab [02/06/2010 - 04:21:42 | A | 867612] C:\Aug2008_d3dx10_39_x64.cab [02/06/2010 - 04:21:44 | A | 849167] C:\Aug2008_d3dx10_39_x86.cab [02/06/2010 - 04:21:44 | A | 1794084] C:\Aug2008_d3dx9_39_x64.cab [02/06/2010 - 04:21:44 | A | 1464672] C:\Aug2008_d3dx9_39_x86.cab [02/06/2010 - 04:21:44 | A | 121772] C:\Aug2008_XACT_x64.cab [02/06/2010 - 04:21:44 | A | 92996] C:\Aug2008_XACT_x86.cab [02/06/2010 - 04:21:46 | A | 271412] C:\Aug2008_XAudio_x64.cab [02/06/2010 - 04:21:46 | A | 271038] C:\Aug2008_XAudio_x86.cab [02/06/2010 - 04:21:46 | A | 919044] C:\Aug2009_D3DCompiler_42_x64.cab [02/06/2010 - 04:21:56 | A | 900598] C:\Aug2009_D3DCompiler_42_x86.cab [02/06/2010 - 04:21:56 | A | 3112111] C:\Aug2009_d3dcsx_42_x64.cab [02/06/2010 - 04:21:56 | A | 3319740] C:\Aug2009_d3dcsx_42_x86.cab [02/06/2010 - 04:21:58 | A | 232635] C:\Aug2009_d3dx10_42_x64.cab [02/06/2010 - 04:21:58 | A | 192131] C:\Aug2009_d3dx10_42_x86.cab [02/06/2010 - 04:21:58 | A | 136301] C:\Aug2009_d3dx11_42_x64.cab [02/06/2010 - 04:21:58 | A | 105044] C:\Aug2009_d3dx11_42_x86.cab [02/06/2010 - 04:21:58 | A | 930116] C:\Aug2009_d3dx9_42_x64.cab [02/06/2010 - 04:21:58 | A | 728456] C:\Aug2009_d3dx9_42_x86.cab [02/06/2010 - 04:22:00 | A | 122408] C:\Aug2009_XACT_x64.cab [02/06/2010 - 04:22:00 | A | 93106] C:\Aug2009_XACT_x86.cab [02/06/2010 - 04:22:00 | A | 273264] C:\Aug2009_XAudio_x64.cab [02/06/2010 - 04:22:00 | A | 272642] C:\Aug2009_XAudio_x86.cab [03/10/2008 - 20:54:11 | A | 0] C:\AUTOEXEC.BAT [15/11/2010 - 21:46:53 | RASHD ] C:\autorun.inf [04/02/2010 - 10:21:32 | A | 1155491] C:\BDANT.cab [04/02/2010 - 10:21:32 | A | 975148] C:\BDAXP.cab [12/03/2009 - 17:30:01 | A | 211] C:\Boot.bak [09/11/2010 - 19:33:56 | RASH | 281] C:\boot.ini [15/04/2008 - 13:00:00 | RASH | 4952] C:\Bootfont.bin [08/11/2009 - 21:43:43 | RASHD ] C:\cmdcons [03/08/2004 - 23:00:14 | A | 262400] C:\cmldr [18/03/2010 - 23:15:40 | A | 151716] C:\ComboFix.txt [16/11/2010 - 22:11:21 | D ] C:\Config.Msi [03/10/2008 - 20:54:11 | A | 0] C:\CONFIG.SYS [02/06/2010 - 04:22:00 | A | 1357976] C:\Dec2005_d3dx9_28_x64.cab [02/06/2010 - 04:22:00 | A | 1079456] C:\Dec2005_d3dx9_28_x86.cab [02/06/2010 - 04:22:00 | A | 212807] C:\DEC2006_d3dx10_00_x64.cab [02/06/2010 - 04:22:00 | A | 191720] C:\DEC2006_d3dx10_00_x86.cab [02/06/2010 - 04:22:00 | A | 1571154] C:\DEC2006_d3dx9_32_x64.cab [02/06/2010 - 04:22:02 | A | 1574376] C:\DEC2006_d3dx9_32_x86.cab [02/06/2010 - 04:22:02 | A | 192475] C:\DEC2006_XACT_x64.cab [02/06/2010 - 04:22:02 | A | 145599] C:\DEC2006_XACT_x86.cab [23/04/2010 - 22:03:06 | D ] C:\Documents and Settings [15/09/2010 - 13:51:41 | D ] C:\Downloads [02/06/2010 - 04:22:02 | A | 89944] C:\DSETUP.dll [02/06/2010 - 04:22:02 | A | 1801048] C:\dsetup32.dll [02/06/2010 - 04:22:02 | A | 42410] C:\dxdllreg_x86.cab [04/02/2010 - 10:21:34 | A | 13264168] C:\dxnt.cab [02/06/2010 - 04:22:02 | A | 537432] C:\DXSETUP.exe [02/06/2010 - 04:22:02 | A | 94011] C:\dxupdate.cab [02/06/2010 - 04:22:02 | A | 1247499] C:\Feb2005_d3dx9_24_x64.cab [02/06/2010 - 04:22:02 | A | 1013225] C:\Feb2005_d3dx9_24_x86.cab [02/06/2010 - 04:22:02 | A | 1362796] C:\Feb2006_d3dx9_29_x64.cab [02/06/2010 - 04:22:04 | A | 1084720] C:\Feb2006_d3dx9_29_x86.cab [02/06/2010 - 04:22:10 | A | 178359] C:\Feb2006_XACT_x64.cab [02/06/2010 - 04:22:10 | A | 132409] C:\Feb2006_XACT_x86.cab [02/06/2010 - 04:22:12 | A | 194675] C:\FEB2007_XACT_x64.cab [02/06/2010 - 04:22:12 | A | 147983] C:\FEB2007_XACT_x86.cab [02/06/2010 - 04:22:12 | A | 54678] C:\Feb2010_X3DAudio_x64.cab [02/06/2010 - 04:22:12 | A | 20713] C:\Feb2010_X3DAudio_x86.cab [02/06/2010 - 04:22:14 | A | 122446] C:\Feb2010_XACT_x64.cab [02/06/2010 - 04:22:14 | A | 93180] C:\Feb2010_XACT_x86.cab [02/06/2010 - 04:22:14 | A | 276960] C:\Feb2010_XAudio_x64.cab [02/06/2010 - 04:22:14 | A | 277191] C:\Feb2010_XAudio_x86.cab [03/10/2008 - 21:04:34 | D ] C:\Intel [03/10/2008 - 20:54:11 | RASH | 0] C:\IO.SYS [02/06/2010 - 04:22:14 | A | 1336002] C:\Jun2005_d3dx9_26_x64.cab [02/06/2010 - 04:22:16 | A | 1064925] C:\Jun2005_d3dx9_26_x86.cab [02/06/2010 - 04:22:16 | A | 180785] C:\JUN2006_XACT_x64.cab [02/06/2010 - 04:22:16 | A | 133671] C:\JUN2006_XACT_x86.cab [02/06/2010 - 04:22:16 | A | 699044] C:\JUN2007_d3dx10_34_x64.cab [02/06/2010 - 04:22:16 | A | 698472] C:\JUN2007_d3dx10_34_x86.cab [02/06/2010 - 04:22:16 | A | 1607774] C:\JUN2007_d3dx9_34_x64.cab [02/06/2010 - 04:22:16 | A | 1607286] C:\JUN2007_d3dx9_34_x86.cab [02/06/2010 - 04:22:16 | A | 197122] C:\JUN2007_XACT_x64.cab [02/06/2010 - 04:22:18 | A | 152909] C:\JUN2007_XACT_x86.cab [02/06/2010 - 04:22:18 | A | 867828] C:\JUN2008_d3dx10_38_x64.cab [02/06/2010 - 04:22:18 | A | 849919] C:\JUN2008_d3dx10_38_x86.cab [02/06/2010 - 04:22:18 | A | 1792608] C:\JUN2008_d3dx9_38_x64.cab [02/06/2010 - 04:22:18 | A | 1463878] C:\JUN2008_d3dx9_38_x86.cab [02/06/2010 - 04:22:18 | A | 55154] C:\JUN2008_X3DAudio_x64.cab [02/06/2010 - 04:22:18 | A | 21905] C:\JUN2008_X3DAudio_x86.cab [02/06/2010 - 04:22:18 | A | 121054] C:\JUN2008_XACT_x64.cab [02/06/2010 - 04:22:18 | A | 93128] C:\JUN2008_XACT_x86.cab [02/06/2010 - 04:22:18 | A | 269628] C:\JUN2008_XAudio_x64.cab [02/06/2010 - 04:22:20 | A | 269024] C:\JUN2008_XAudio_x86.cab [02/06/2010 - 04:22:28 | A | 944460] C:\Jun2010_D3DCompiler_43_x64.cab [02/06/2010 - 04:22:28 | A | 931471] C:\Jun2010_D3DCompiler_43_x86.cab [02/06/2010 - 04:22:28 | A | 752783] C:\Jun2010_d3dcsx_43_x64.cab [02/06/2010 - 04:22:30 | A | 762188] C:\Jun2010_d3dcsx_43_x86.cab [02/06/2010 - 04:22:30 | A | 235955] C:\Jun2010_d3dx10_43_x64.cab [02/06/2010 - 04:22:30 | A | 197283] C:\Jun2010_d3dx10_43_x86.cab [02/06/2010 - 04:22:30 | A | 138205] C:\Jun2010_d3dx11_43_x64.cab [02/06/2010 - 04:22:30 | A | 109445] C:\Jun2010_d3dx11_43_x86.cab [02/06/2010 - 04:22:32 | A | 937246] C:\Jun2010_d3dx9_43_x64.cab [02/06/2010 - 04:22:32 | A | 768036] C:\Jun2010_d3dx9_43_x86.cab [02/06/2010 - 04:22:32 | A | 124596] C:\Jun2010_XACT_x64.cab [02/06/2010 - 04:22:32 | A | 93686] C:\Jun2010_XACT_x86.cab [02/06/2010 - 04:22:32 | A | 277338] C:\Jun2010_XAudio_x64.cab [02/06/2010 - 04:22:32 | A | 278060] C:\Jun2010_XAudio_x86.cab [02/06/2010 - 04:22:32 | A | 844884] C:\Mar2008_d3dx10_37_x64.cab [02/06/2010 - 04:22:34 | A | 818260] C:\Mar2008_d3dx10_37_x86.cab [02/06/2010 - 04:22:34 | A | 1769862] C:\Mar2008_d3dx9_37_x64.cab [02/06/2010 - 04:22:34 | A | 1443282] C:\Mar2008_d3dx9_37_x86.cab [02/06/2010 - 04:22:34 | A | 55058] C:\Mar2008_X3DAudio_x64.cab [02/06/2010 - 04:22:34 | A | 21867] C:\Mar2008_X3DAudio_x86.cab [02/06/2010 - 04:22:36 | A | 122336] C:\Mar2008_XACT_x64.cab [02/06/2010 - 04:22:36 | A | 93734] C:\Mar2008_XACT_x86.cab [02/06/2010 - 04:22:36 | A | 251194] C:\Mar2008_XAudio_x64.cab [02/06/2010 - 04:22:36 | A | 226250] C:\Mar2008_XAudio_x86.cab [02/06/2010 - 04:22:36 | A | 1067160] C:\Mar2009_d3dx10_41_x64.cab [02/06/2010 - 04:22:36 | A | 1040745] C:\Mar2009_d3dx10_41_x86.cab [02/06/2010 - 04:22:36 | A | 1973702] C:\Mar2009_d3dx9_41_x64.cab [02/06/2010 - 04:22:36 | A | 1612446] C:\Mar2009_d3dx9_41_x86.cab [02/06/2010 - 04:22:38 | A | 54600] C:\Mar2009_X3DAudio_x64.cab [02/06/2010 - 04:22:38 | A | 21298] C:\Mar2009_X3DAudio_x86.cab [02/06/2010 - 04:22:46 | A | 121506] C:\Mar2009_XACT_x64.cab [02/06/2010 - 04:22:46 | A | 92740] C:\Mar2009_XACT_x86.cab [02/06/2010 - 04:22:46 | A | 275044] C:\Mar2009_XAudio_x64.cab [02/06/2010 - 04:22:48 | A | 273018] C:\Mar2009_XAudio_x86.cab [03/10/2008 - 20:54:11 | RASH | 0] C:\MSDOS.SYS [02/06/2010 - 04:22:48 | A | 864600] C:\Nov2007_d3dx10_36_x64.cab [02/06/2010 - 04:22:48 | A | 803884] C:\Nov2007_d3dx10_36_x86.cab [02/06/2010 - 04:22:48 | A | 1802058] C:\Nov2007_d3dx9_36_x64.cab [02/06/2010 - 04:22:48 | A | 1709360] C:\Nov2007_d3dx9_36_x86.cab [02/06/2010 - 04:22:50 | A | 46144] C:\NOV2007_X3DAudio_x64.cab [02/06/2010 - 04:22:50 | A | 18496] C:\NOV2007_X3DAudio_x86.cab [02/06/2010 - 04:22:50 | A | 196762] C:\NOV2007_XACT_x64.cab [02/06/2010 - 04:22:50 | A | 148264] C:\NOV2007_XACT_x86.cab [02/06/2010 - 04:22:50 | A | 994154] C:\Nov2008_d3dx10_40_x64.cab [02/06/2010 - 04:22:52 | A | 965421] C:\Nov2008_d3dx10_40_x86.cab [02/06/2010 - 04:22:52 | A | 1906878] C:\Nov2008_d3dx9_40_x64.cab [02/06/2010 - 04:22:52 | A | 1550796] C:\Nov2008_d3dx9_40_x86.cab [02/06/2010 - 04:22:52 | A | 54522] C:\Nov2008_X3DAudio_x64.cab [02/06/2010 - 04:22:52 | A | 21851] C:\Nov2008_X3DAudio_x86.cab [02/06/2010 - 04:22:52 | A | 121794] C:\Nov2008_XACT_x64.cab [02/06/2010 - 04:22:52 | A | 92684] C:\Nov2008_XACT_x86.cab [02/06/2010 - 04:22:54 | A | 273960] C:\Nov2008_XAudio_x64.cab [02/06/2010 - 04:22:54 | A | 272611] C:\Nov2008_XAudio_x86.cab [15/04/2008 - 13:00:00 | RASH | 47564] C:\NTDETECT.COM [15/04/2008 - 13:00:00 | RASH | 251152] C:\ntldr [26/07/2009 - 20:44:28 | D ] C:\NVIDIA [02/06/2010 - 04:22:54 | A | 86037] C:\Oct2005_xinput_x64.cab [02/06/2010 - 04:22:54 | A | 45359] C:\Oct2005_xinput_x86.cab [02/06/2010 - 04:22:54 | A | 1412902] C:\OCT2006_d3dx9_31_x64.cab [02/06/2010 - 04:22:54 | A | 1127217] C:\OCT2006_d3dx9_31_x86.cab [02/06/2010 - 04:22:54 | A | 182361] C:\OCT2006_XACT_x64.cab [02/06/2010 - 04:22:54 | A | 138017] C:\OCT2006_XACT_x86.cab [17/11/2010 - 13:17:26 | ASH | 2145386496] C:\pagefile.sys [16/11/2010 - 22:52:41 | RD ] C:\Program Files [17/11/2010 - 19:22:36 | SHD ] C:\RECYCLER [15/11/2010 - 21:49:08 | D ] C:\rsit [16/11/2010 - 21:23:19 | SHD ] C:\System Volume Information [18/06/2010 - 08:01:20 | D ] C:\totalcmd [09/08/2010 - 19:07:15 | H | 52457] C:\treeinfo.wc [17/11/2010 - 19:22:36 | D ] C:\UsbFix [17/11/2010 - 19:22:39 | A | 13235] C:\UsbFix.txt [16/11/2010 - 22:25:49 | D ] C:\WINDOWS [12/11/2010 - 17:30:30 | D ] E:\Activision [30/03/2010 - 14:36:27 | D ] E:\Adobe [15/11/2010 - 21:46:54 | RASHD ] E:\autorun.inf [05/11/2010 - 12:39:22 | D ] E:\f7eb8690fdd3b02d84d12738a7e32692 [17/11/2010 - 19:13:13 | RD ] E:\Filmy [12/11/2010 - 17:21:51 | RD ] E:\Instalki gier [16/11/2010 - 17:58:09 | RD ] E:\Instalki programów [03/11/2010 - 18:46:41 | RD ] E:\Kamera [26/06/2010 - 18:39:18 | D ] E:\msdownld.tmp [15/11/2010 - 16:58:41 | D ] E:\NoPremium.pl [17/11/2010 - 19:22:36 | SHD ] E:\RECYCLER [09/03/2010 - 18:12:00 | D ] E:\Sony [16/11/2010 - 21:45:39 | SHD ] E:\System Volume Information [15/11/2010 - 21:46:54 | RASHD ] F:\autorun.inf [29/10/2010 - 19:09:24 | RD ] F:\Filmy obejrzane [16/11/2010 - 20:06:57 | D ] F:\FU_Backup [15/10/2010 - 20:37:33 | RD ] F:\Instalki gier [14/10/2010 - 13:32:22 | HD ] F:\msdownld.tmp [17/11/2010 - 19:22:36 | SHD ] F:\RECYCLER [16/11/2010 - 21:45:39 | SHD ] F:\System Volume Information [15/11/2010 - 21:21:13 | D ] F:\WSInf [25/10/2010 - 15:46:36 | D ] H:\informacje [16/11/2010 - 18:54:48 | RASHD ] H:\autorun.inf [16/11/2010 - 23:09:36 | D ] H:\!PI - ZALEGŁE DO ZALICZENIA [16/11/2010 - 23:09:54 | RD ] H:\MATERIAŁY - od studentów [16/11/2010 - 23:10:28 | D ] H:\moje pliki [16/11/2010 - 23:10:54 | D ] H:\programy [25/10/2010 - 15:47:46 | RD ] H:\nagrane WYKŁADY [25/10/2010 - 15:48:16 | D ] H:\plan z nazwiskami [25/10/2010 - 15:48:20 | RD ] H:\podręczniki [25/10/2010 - 15:52:16 | D ] H:\MATERIAŁY - wsinf.bydgoszcz.pl [04/11/2010 - 22:19:34 | RD ] H:\MATERIAŁY - od wykładowców [26/09/2010 - 15:42:04 | D ] I:\Nowy folder [26/09/2010 - 07:39:06 | D ] I:\pi 25-09 [13/11/2010 - 07:17:52 | D ] I:\utp - ti smieci [13/11/2010 - 07:18:22 | D ] I:\WSInf [13/11/2010 - 16:45:32 | A | 38912] I:\fyff.doc [13/11/2010 - 16:45:50 | A | 5408936] I:\fyff.pdf [13/11/2010 - 19:39:46 | D ] I:\wsinf 2010-11-13 [14/11/2010 - 16:32:36 | A | 43008] I:\Zeszyt1 - gotowe.xls ################## | Vaccin | C:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX) E:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX) F:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX) H:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX) I:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX) ################## | Upload | Please send the file: C:\UsbFix_Upload_Me_USER-2322F37874.zip http://chiquitine.changelog.fr/Sample/Upload.php Thank you for your contribution. ################## | E.O.F | [/log] jest ok? bo wcześniej odinstalowałem i zainstalowałem ponownie Kaspersky'ego żeby mi nie pokazywał komunikatu..
szimin komentarz 17 listopada 2010 Autor komentarz 17 listopada 2010 (edytowane) Wpisałem jeszcze w rejestr HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, w kluczu NoDriveTypeAutorun wartość ff (bo 0xff nie mozna wpisać?) zeby zablokować autoruny. Mam nadzieje, że dobrze...
Tomek01 komentarz 17 listopada 2010 komentarz 17 listopada 2010 Czytaj: http://support.microsoft.com/kb/967715/pl
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.