Posiadam Windows 7, od wczoraj działam w trybie awaryjnym ponieważ co mnie zaloguje do systemu to za 2 sekundy wylogowuje i tak cały czas nie wiem co to może być wirus jakiś jak z tym walczyć ?
Wirus. Daj loga z OTL
o to chodzi?
OTL logfile created on: 2010-01-10 11:06:27 - Run 1
OTL by OldTimer - Version 3.1.23.0 Folder = C:\Users\oparek\Downloads
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 74,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 146,58 Gb Total Space | 40,39 Gb Free Space | 27,55% Space Free | Partition Type: NTFS
Drive D: | 319,18 Gb Total Space | 249,57 Gb Free Space | 78,19% Space Free | Partition Type: NTFS
Drive E: | 3,75 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
Drive G: | 29,29 Gb Total Space | 4,21 Gb Free Space | 14,37% Space Free | Partition Type: NTFS
Drive H: | 45,23 Gb Total Space | 18,04 Gb Free Space | 39,89% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Computer Name: OPAREK-PC
Current User Name: oparek
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days
Output = Standard
========== Processes (All) ==========
PRC - [2010-01-10 10:47:52 | 00,543,744 | ---- | M] (OldTimer Tools) – C:\Users\oparek\Downloads\OTL.exe
PRC - [2009-12-19 20:01:58 | 00,910,296 | ---- | M] (Mozilla Corporation) – C:\Program Files\Mozilla Firefox 3.6 Beta 1\firefox.exe
PRC - [2009-08-03 06:35:50 | 02,613,248 | ---- | M] (Microsoft Corporation) – C:\Windows\explorer.exe
PRC - [2009-07-14 02:14:45 | 00,285,696 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\winlogon.exe
PRC - [2009-07-14 02:14:45 | 00,096,256 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\wininit.exe
PRC - [2009-07-14 02:14:41 | 00,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 00,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 00,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 00,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 00,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 00,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 00,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 00,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 00,020,992 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:39 | 00,069,632 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\smss.exe
PRC - [2009-07-14 02:14:36 | 00,259,072 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\services.exe
PRC - [2009-07-14 02:14:23 | 00,261,120 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\lsm.exe
PRC - [2009-07-14 02:14:23 | 00,022,528 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\lsass.exe
PRC - [2009-07-14 02:14:16 | 00,008,704 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\ctfmon.exe
PRC - [2009-07-14 02:14:16 | 00,006,144 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\csrss.exe
PRC - [2009-07-14 02:14:15 | 00,271,360 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\conhost.exe
PRC - [2009-05-14 14:42:50 | 00,245,680 | ---- | M] (ESET) – C:\Program Files\ESET\ESET Smart Security\ecls.exe
========== Modules (All) ==========
MOD - [2010-01-10 10:47:52 | 00,543,744 | ---- | M] (OldTimer Tools) – C:\Users\oparek\Downloads\OTL.exe
MOD - [2009-08-29 07:57:31 | 00,034,816 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msasn1.dll
MOD - [2009-07-14 02:17:51 | 01,286,144 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\ntdll.dll
MOD - [2009-07-14 02:16:21 | 00,180,224 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\xmllite.dll
MOD - [2009-07-14 02:16:19 | 00,268,800 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\Wldap32.dll
MOD - [2009-07-14 02:16:18 | 01,011,200 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\WindowsCodecs.dll
MOD - [2009-07-14 02:16:17 | 01,224,704 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\urlmon.dll
MOD - [2009-07-14 02:16:17 | 01,123,328 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\vssapi.dll
MOD - [2009-07-14 02:16:17 | 00,811,520 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\user32.dll
MOD - [2009-07-14 02:16:17 | 00,627,200 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\usp10.dll
MOD - [2009-07-14 02:16:17 | 00,249,856 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\uxtheme.dll
MOD - [2009-07-14 02:16:17 | 00,056,320 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\vsstrace.dll
MOD - [2009-07-14 02:16:17 | 00,021,504 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\version.dll
MOD - [2009-07-14 02:16:15 | 00,171,008 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\spp.dll
MOD - [2009-07-14 02:16:15 | 00,099,840 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\sspicli.dll
MOD - [2009-07-14 02:16:15 | 00,090,112 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\srvcli.dll
MOD - [2009-07-14 02:16:15 | 00,043,008 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\srclient.dll
MOD - [2009-07-14 02:16:15 | 00,027,136 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\slc.dll
MOD - [2009-07-14 02:16:14 | 12,866,560 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\shell32.dll
MOD - [2009-07-14 02:16:14 | 01,668,608 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\setupapi.dll
MOD - [2009-07-14 02:16:14 | 00,350,208 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\shlwapi.dll
MOD - [2009-07-14 02:16:14 | 00,179,712 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\shdocvw.dll
MOD - [2009-07-14 02:16:13 | 00,652,288 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\rpcrt4.dll
MOD - [2009-07-14 02:16:13 | 00,092,160 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\sechost.dll
MOD - [2009-07-14 02:16:13 | 00,060,928 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\samlib.dll
MOD - [2009-07-14 02:16:13 | 00,050,688 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\samcli.dll
MOD - [2009-07-14 02:16:13 | 00,022,016 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\secur32.dll
MOD - [2009-07-14 02:16:12 | 01,412,608 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\ole32.dll
MOD - [2009-07-14 02:16:12 | 00,988,160 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\propsys.dll
MOD - [2009-07-14 02:16:12 | 00,571,904 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\oleaut32.dll
MOD - [2009-07-14 02:16:12 | 00,090,112 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\olepro32.dll
MOD - [2009-07-14 02:16:12 | 00,031,744 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\profapi.dll
MOD - [2009-07-14 02:16:12 | 00,006,144 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\psapi.dll
MOD - [2009-07-14 02:16:11 | 00,442,880 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\ntshrui.dll
MOD - [2009-07-14 02:16:11 | 00,121,856 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\ntmarta.dll
MOD - [2009-07-14 02:16:03 | 00,022,016 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\netutils.dll
MOD - [2009-07-14 02:15:52 | 01,233,408 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msxml3.dll
MOD - [2009-07-14 02:15:50 | 00,690,688 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msvcrt.dll
MOD - [2009-07-14 02:15:43 | 00,828,928 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\msctf.dll
MOD - [2009-07-14 02:15:41 | 00,064,000 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\mpr.dll
MOD - [2009-07-14 02:15:36 | 00,026,624 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\lpk.dll
MOD - [2009-07-14 02:15:35 | 00,857,088 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\kernel32.dll
MOD - [2009-07-14 02:15:35 | 00,288,256 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\KernelBase.dll
MOD - [2009-07-14 02:15:32 | 00,118,272 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\imm32.dll
MOD - [2009-07-14 02:15:28 | 02,058,240 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\iertutil.dll
MOD - [2009-07-14 02:15:22 | 00,304,640 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\gdi32.dll
MOD - [2009-07-14 02:15:21 | 00,828,928 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\fontext.dll
MOD - [2009-07-14 02:15:21 | 00,093,696 | ---- | M] (Windows ® Codename Longhorn DDK provider) – C:\Windows\System32\fms.dll
MOD - [2009-07-14 02:15:14 | 00,189,952 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\EhStorShell.dll
MOD - [2009-07-14 02:15:11 | 00,064,512 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\devobj.dll
MOD - [2009-07-14 02:15:07 | 01,151,488 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\crypt32.dll
MOD - [2009-07-14 02:15:07 | 00,418,816 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\cscui.dll
MOD - [2009-07-14 02:15:07 | 00,036,864 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\cryptbase.dll
MOD - [2009-07-14 02:15:07 | 00,034,816 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\cscapi.dll
MOD - [2009-07-14 02:15:07 | 00,023,040 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\cscdll.dll
MOD - [2009-07-14 02:15:03 | 00,522,240 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\clbcatq.dll
MOD - [2009-07-14 02:15:02 | 00,145,920 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\cfgmgr32.dll
MOD - [2009-07-14 02:14:57 | 00,070,144 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\atl.dll
MOD - [2009-07-14 02:14:53 | 00,640,000 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\advapi32.dll
MOD - [2009-07-14 02:14:53 | 00,292,352 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\apphelp.dll
MOD - [2009-07-14 02:14:08 | 00,319,488 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\winspool.drv
MOD - [2009-07-14 02:03:50 | 01,680,896 | ---- | M] (Microsoft Corporation) – C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] – -- (.EsetTrialReset)
SRV - [2009-11-09 15:51:49 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] – C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe – (FLEXnet Licensing Service)
SRV - [2009-08-24 10:27:15 | 00,075,064 | ---- | M] () [Auto | Stopped] – C:\Windows\System32\PnkBstrA.exe – (PnkBstrA)
SRV - [2009-08-18 01:36:08 | 00,176,128 | ---- | M] (AMD) [Auto | Stopped] – C:\Windows\System32\atiesrxx.exe – (AMD External Events Utility)
SRV - [2009-07-14 02:16:21 | 00,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\wwansvc.dll – (WwanSvc)
SRV - [2009-07-14 02:16:17 | 00,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\wbiosrvc.dll – (WbioSrvc)
SRV - [2009-07-14 02:16:17 | 00,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\umpo.dll – (Power)
SRV - [2009-07-14 02:16:16 | 00,037,376 | ---- | M] (Microsoft Corporation) [Auto | Stopped] – C:\Windows\System32\themeservice.dll – (Themes)
SRV - [2009-07-14 02:16:15 | 00,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\sppuinotify.dll – (sppuinotify)
SRV - [2009-07-14 02:16:15 | 00,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\StorSvc.dll – (StorSvc)
SRV - [2009-07-14 02:16:13 | 00,043,520 | ---- | M] (Microsoft Corporation) [unknown | Running] – C:\Windows\System32\RpcEpMap.dll – (RpcEptMapper)
SRV - [2009-07-14 02:16:13 | 00,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\sensrsvc.dll – (SensrSvc)
SRV - [2009-07-14 02:16:12 | 01,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\PeerDistSvc.dll – (PeerDistSvc)
SRV - [2009-07-14 02:16:12 | 00,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\pnrpsvc.dll – (PNRPsvc)
SRV - [2009-07-14 02:16:12 | 00,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\pnrpsvc.dll – (p2pimsvc)
SRV - [2009-07-14 02:16:12 | 00,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\provsvc.dll – (HomeGroupProvider)
SRV - [2009-07-14 02:16:12 | 00,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\pnrpauto.dll – (PNRPAutoReg)
SRV - [2009-07-14 02:15:41 | 00,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Program Files\Windows Defender\MpSvc.dll – (WinDefend)
SRV - [2009-07-14 02:15:36 | 00,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\ListSvc.dll – (HomeGroupListener)
SRV - [2009-07-14 02:15:21 | 00,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\FntCache.dll – (FontCache)
SRV - [2009-07-14 02:15:11 | 00,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\System32\dhcpcore.dll – (Dhcp)
SRV - [2009-07-14 02:15:10 | 00,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\defragsvc.dll – (defragsvc)
SRV - [2009-07-14 02:14:59 | 00,076,800 | ---- | M] (Microsoft Corporation) [unknown | Stopped] – C:\Windows\System32\bdesvc.dll – (BDESVC)
SRV - [2009-07-14 02:14:58 | 00,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\AxInstSv.dll – (AxInstSV) Instalator formantów ActiveX (AxInstSV)
SRV - [2009-07-14 02:14:53 | 00,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\appidsvc.dll – (AppIDSvc)
SRV - [2009-07-14 02:14:29 | 03,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] – C:\Windows\System32\sppsvc.exe – (sppsvc)
SRV - [2009-05-14 14:54:22 | 00,020,680 | ---- | M] (ESET) [On_Demand | Stopped] – C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe – (EhttpSrv)
SRV - [2009-05-14 14:47:54 | 00,731,840 | ---- | M] (ESET) [Auto | Stopped] – C:\Program Files\ESET\ESET Smart Security\ekrn.exe – (ekrn)
SRV - [2007-08-24 02:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE – (odserv)
SRV - [2007-05-31 16:21:24 | 00,379,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] – C:\Windows\WindowsMobile\wcescomm.dll – (WcesComm)
SRV - [2007-05-31 16:21:18 | 00,183,688 | ---- | M] (Microsoft Corporation) [Auto | Stopped] – C:\Windows\WindowsMobile\rapimgr.dll – (RapiMgr)
SRV - [2007-05-28 17:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) [Auto | Stopped] – C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe – (StarWindServiceAE)
SRV - [2006-10-26 12:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE – (ose)
SRV - [2006-02-28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) [Auto | Stopped] – C:\Program Files\Bonjour\mDNSResponder.exe – (Bonjour Service)
========== Driver Services (SafeList) ==========
DRV - [2010-01-09 23:37:59 | 00,107,256 | ---- | M] (ESET) [Kernel | On_Demand | Stopped] – C:\Users\oparek\AppData\Local\Temp\esihdrv.sys – (esihdrv)
DRV - [2009-08-18 02:48:06 | 04,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\atikmdag.sys – (atikmdag)
DRV - [2009-08-16 09:19:35 | 00,721,904 | ---- | M] () [Kernel | Boot | Running] – C:\Windows\System32\Drivers\sptd.sys – (sptd)
DRV - [2009-07-14 02:26:21 | 00,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\cmdide.sys – (cmdide)
DRV - [2009-07-14 02:26:17 | 00,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\adpahci.sys – (adpahci)
DRV - [2009-07-14 02:26:15 | 00,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\adp94xx.sys – (adp94xx)
DRV - [2009-07-14 02:26:15 | 00,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\amdsbs.sys – (amdsbs)
DRV - [2009-07-14 02:26:15 | 00,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\adpu320.sys – (adpu320)
DRV - [2009-07-14 02:26:15 | 00,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\arcsas.sys – (arcsas)
DRV - [2009-07-14 02:26:15 | 00,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\amdsata.sys – (amdsata)
DRV - [2009-07-14 02:26:15 | 00,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\arc.sys – (arc)
DRV - [2009-07-14 02:26:15 | 00,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] – C:\Windows\system32\DRIVERS\amdxata.sys – (amdxata)
DRV - [2009-07-14 02:26:15 | 00,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\aliide.sys – (aliide)
DRV - [2009-07-14 02:20:44 | 00,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] – C:\Windows\system32\DRIVERS\nvstor.sys – (nvstor)
DRV - [2009-07-14 02:20:44 | 00,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\nvraid.sys – (nvraid)
DRV - [2009-07-14 02:20:44 | 00,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\nfrd960.sys – (nfrd960)
DRV - [2009-07-14 02:20:37 | 00,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\lsi_sas.sys – (LSI_SAS)
DRV - [2009-07-14 02:20:36 | 00,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\iaStorV.sys – (iaStorV)
DRV - [2009-07-14 02:20:36 | 00,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\MegaSR.sys – (MegaSR)
DRV - [2009-07-14 02:20:36 | 00,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\Drivers\ksecpkg.sys – (KSecPkg)
DRV - [2009-07-14 02:20:36 | 00,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\lsi_scsi.sys – (LSI_SCSI)
DRV - [2009-07-14 02:20:36 | 00,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\lsi_fc.sys – (LSI_FC)
DRV - [2009-07-14 02:20:36 | 00,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\lsi_sas2.sys – (LSI_SAS2)
DRV - [2009-07-14 02:20:36 | 00,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\iirsp.sys – (iirsp)
DRV - [2009-07-14 02:20:36 | 00,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\megasas.sys – (megasas)
DRV - [2009-07-14 02:20:36 | 00,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\hwpolicy.sys – (hwpolicy)
DRV - [2009-07-14 02:20:28 | 00,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\elxstor.sys – (elxstor)
DRV - [2009-07-14 02:20:28 | 00,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\djsvs.sys – (aic78xx)
DRV - [2009-07-14 02:20:28 | 00,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\HpSAMD.sys – (HpSAMD)
DRV - [2009-07-14 02:20:28 | 00,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] – C:\Windows\System32\drivers\fsdepends.sys – (FsDepends)
DRV - [2009-07-14 02:19:11 | 00,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\vsmraid.sys – (vsmraid)
DRV - [2009-07-14 02:19:10 | 00,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\vmbus.sys – (vmbus)
DRV - [2009-07-14 02:19:10 | 00,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\vhdmp.sys – (vhdmp)
DRV - [2009-07-14 02:19:10 | 00,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\system32\DRIVERS\vmstorfl.sys – (storflt)
DRV - [2009-07-14 02:19:10 | 00,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\system32\DRIVERS\vdrvroot.sys – (vdrvroot)
DRV - [2009-07-14 02:19:10 | 00,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\storvsc.sys – (storvsc)
DRV - [2009-07-14 02:19:10 | 00,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] – C:\Windows\System32\drivers\wimmount.sys – (WIMMount)
DRV - [2009-07-14 02:19:10 | 00,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\viaide.sys – (viaide)
DRV - [2009-07-14 02:19:04 | 01,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\ql2300.sys – (ql2300)
DRV - [2009-07-14 02:19:04 | 00,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\rdyboost.sys – (rdyboost)
DRV - [2009-07-14 02:19:04 | 00,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\ql40xx.sys – (ql40xx)
DRV - [2009-07-14 02:19:04 | 00,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\sisraid4.sys – (SiSRaid4)
DRV - [2009-07-14 02:19:04 | 00,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\drivers\pcw.sys – (pcw)
DRV - [2009-07-14 02:19:04 | 00,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\SiSRaid2.sys – (SiSRaid2)
DRV - [2009-07-14 02:19:04 | 00,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\stexstor.sys – (stexstor)
DRV - [2009-07-14 02:17:54 | 00,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\System32\Drivers\cng.sys – (CNG)
DRV - [2009-07-14 01:57:25 | 00,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\Drivers\Brserid.sys – (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009-07-14 01:02:41 | 00,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\rdpbus.sys – (rdpbus)
DRV - [2009-07-14 01:01:41 | 00,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] – C:\Windows\System32\drivers\RDPREFMP.sys – (RDPREFMP)
DRV - [2009-07-14 00:55:00 | 00,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\agilevpn.sys – (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009-07-14 00:53:51 | 00,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\System32\drivers\wfplwf.sys – (WfpLwf)
DRV - [2009-07-14 00:52:44 | 00,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\ndiscap.sys – (NdisCap)
DRV - [2009-07-14 00:52:02 | 00,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\vwifibus.sys – (vwifibus)
DRV - [2009-07-14 00:52:00 | 00,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\1394ohci.sys – (1394ohci)
DRV - [2009-07-14 00:51:35 | 00,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\umpass.sys – (UmPass)
DRV - [2009-07-14 00:51:11 | 00,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\winusb.sys – (WinUsb)
DRV - [2009-07-14 00:51:08 | 00,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\mshidkmdf.sys – (mshidkmdf)
DRV - [2009-07-14 00:46:55 | 00,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\MTConfig.sys – (MTConfig)
DRV - [2009-07-14 00:45:26 | 00,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\CompositeBus.sys – (CompositeBus)
DRV - [2009-07-14 00:36:52 | 00,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\system32\drivers\appid.sys – (AppID)
DRV - [2009-07-14 00:33:50 | 00,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] – C:\Windows\System32\drivers\scfilter.sys – (scfilter)
DRV - [2009-07-14 00:28:47 | 00,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\vms3cap.sys – (s3cap)
DRV - [2009-07-14 00:28:45 | 00,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\VMBusHID.sys – (VMBusHID)
DRV - [2009-07-14 00:24:05 | 00,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] – C:\Windows\System32\drivers\discache.sys – (discache)
DRV - [2009-07-14 00:19:21 | 00,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\HidBatt.sys – (HidBatt)
DRV - [2009-07-14 00:16:36 | 00,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\acpipmi.sys – (AcpiPmi)
DRV - [2009-07-14 00:11:04 | 00,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\amdppm.sys – (AmdPPM)
DRV - [2009-07-13 23:54:14 | 00,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\system32\drivers\hcw85cir.sys – (hcw85cir)
DRV - [2009-07-13 23:53:33 | 00,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\Drivers\BrUsbMdm.sys – (BrUsbMdm)
DRV - [2009-07-13 23:53:33 | 00,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\Drivers\BrUsbSer.sys – (BrUsbSer)
DRV - [2009-07-13 23:53:32 | 00,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\Drivers\BrSerWdm.sys – (BrSerWdm)
DRV - [2009-07-13 23:53:28 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\BrFiltLo.sys – (BrFiltLo)
DRV - [2009-07-13 23:53:28 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\BrFiltUp.sys – (BrFiltUp)
DRV - [2009-07-13 23:02:52 | 00,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\nvm62x32.sys – (NVENETFD)
DRV - [2009-07-13 23:02:49 | 00,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\b57nd60x.sys – (b57nd60x)
DRV - [2009-07-13 23:02:48 | 03,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\evbdx.sys – (ebdrv)
DRV - [2009-07-13 23:02:48 | 00,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\system32\DRIVERS\bxvbdx.sys – (b06bdrv)
DRV - [2009-07-13 21:50:20 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Stopped] – C:\Windows\System32\drivers\secdrv.sys – (secdrv)
DRV - [2009-06-02 11:04:56 | 02,364,960 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\RTKVHDA.sys – (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009-05-14 14:49:32 | 00,038,240 | ---- | M] (ESET) [Kernel | Auto | Stopped] – C:\Windows\System32\drivers\epfwwfp.sys – (epfwwfp)
DRV - [2009-05-14 14:49:26 | 00,033,096 | ---- | M] (ESET) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\epfwndis.sys – (Epfwndis)
DRV - [2009-05-14 14:49:22 | 00,133,000 | ---- | M] (ESET) [Kernel | Auto | Stopped] – C:\Windows\System32\drivers\epfw.sys – (epfw)
DRV - [2009-05-14 14:47:14 | 00,107,256 | ---- | M] (ESET) [Kernel | Auto | Stopped] – C:\Windows\System32\drivers\ehdrv.sys – (ehdrv)
DRV - [2009-05-14 14:41:10 | 00,114,472 | ---- | M] (ESET) [File_System | Auto | Stopped] – C:\Windows\System32\drivers\eamon.sys – (eamon)
DRV - [2007-09-25 15:59:46 | 00,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] – C:\Program Files\MediaCoder\SysInfo.sys – (CrystalSysInfo)
DRV - [2006-07-24 16:05:00 | 00,005,632 | ---- | M] () [File_System | System | Stopped] – C:\Windows\System32\drivers\StarOpen.sys – (StarOpen)
DRV - [2005-08-30 16:59:00 | 00,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\ss_mdm.sys – (ss_mdm)
DRV - [2005-08-30 16:58:56 | 00,008,304 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\ss_mdfl.sys – (ss_mdfl)
DRV - [2005-08-30 16:57:18 | 00,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\ss_bus.sys – (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2005-06-24 17:36:16 | 00,039,036 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\lgusbmodem.sys – (USBModem)
DRV - [2005-05-26 10:01:18 | 00,021,344 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\lgusbbus.sys – (usbbus)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM…\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://pl.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 80 82 36 E4 EE 1D CA 01 [binary data]
IE - HKCU…\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyOverride” = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyServer” =
========== FireFox ==========
FF - prefs.js…browser.search.defaultenginename: “BearShare Web Search”
FF - prefs.js…browser.search.order.1: “BearShare Web Search”
FF - prefs.js…browser.search.selectedEngine: “Google”
FF - prefs.js…browser.startup.homepage: “www.wp.pl”
FF - prefs.js…extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.0
FF - prefs.js…keyword.URL: “http://search.bearshare.com/webResults.html?src=ffb&q=”
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\Components: C:\Program Files\Mozilla Firefox\components [2009-11-21 10:01:53 | 00,000,000 | —D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-12-20 16:00:35 | 00,000,000 | —D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6b5\extensions\Components: C:\Program Files\Mozilla Firefox 3.6 Beta 1\components [2009-12-19 20:01:59 | 00,000,000 | —D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6b5\extensions\Plugins: C:\Program Files\Mozilla Firefox 3.6 Beta 1\plugins [2009-12-20 16:00:35 | 00,000,000 | —D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2009-08-15 22:22:09 | 00,000,000 | —D | M]
[2009-11-04 19:34:22 | 00,000,000 | —D | M] – C:\Users\oparek\AppData\Roaming\mozilla\Extensions
[2009-11-04 19:34:22 | 00,000,000 | —D | M] – C:\Users\oparek\AppData\Roaming\mozilla\Extensions\MediaCoder-MCEX
[2010-01-10 09:23:49 | 00,000,000 | —D | M] – C:\Users\oparek\AppData\Roaming\mozilla\Firefox\Profiles\bnvit657.default\extensions
[2009-09-25 17:03:26 | 00,000,000 | —D | M] (MediaBar) – C:\Users\oparek\AppData\Roaming\mozilla\Firefox\Profiles\bnvit657.default\extensions{E84D42CA-64EB-11DE-A65F-8C3656D89593}
[2009-07-18 00:02:48 | 00,002,476 | ---- | M] () – C:\Users\oparek\AppData\Roaming\Mozilla\FireFox\Profiles\bnvit657.default\searchplugins\BearShareWebSearch.xml
[2009-08-21 11:24:33 | 00,000,000 | —D | M] – C:\Program Files\Mozilla Firefox\extensions
[2009-08-27 17:37:48 | 00,873,976 | ---- | M] (Ganymede Technologies) – C:\Program Files\Mozilla Firefox\plugins\NPCARDS.dll
[2009-08-27 17:38:10 | 00,620,016 | ---- | M] (Ganymede Technologies) – C:\Program Files\Mozilla Firefox\plugins\NPSOCCER.dll
[2009-09-13 15:35:28 | 00,002,767 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-07-18 00:02:48 | 00,002,476 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml
[2009-09-13 15:35:28 | 00,001,406 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-09-13 15:35:28 | 00,000,917 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-09-13 15:35:28 | 00,000,858 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-09-13 15:35:28 | 00,001,183 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-09-13 15:35:28 | 00,001,683 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml
O1 HOSTS File: (824 bytes) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare\BearShareIEHelper.dll ()
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\oparek\AppData\Roaming\Nowe Gadu-Gadu_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKLM…\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll ()
O3 - HKLM…\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM…\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
O3 - HKCU…\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU…\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
O4 - HKLM…\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM…\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM…\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM…\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM…\Run: [skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM…\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM…\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKCU…\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - Startup: C:\Users\oparek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\logoff.lnk = C:\Windows\logoff.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra ‘Tools’ menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s … wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.241.79.37 83.238.255.76
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 00,000,024 | ---- | M] () - C:\autoexec.bat – [NTFS]
O32 - AutoRun File - [2005-09-02 20:21:51 | 00,000,051 | R— | M] () - E:\autorun.inf – [UDF]
O32 - AutoRun File - [2006-09-18 22:43:36 | 00,000,024 | ---- | M] () - G:\autoexec.bat – [NTFS]
O33 - MountPoints2{9fcf90a3-8a3d-11de-86ee-001d7d5cbe5c}\Shell - “” = AutoRun
O33 - MountPoints2{9fcf90a3-8a3d-11de-86ee-001d7d5cbe5c}\Shell\AutoRun\command - “” = F:\autorun.exe – File not found
O33 - MountPoints2{9fcf90a3-8a3d-11de-86ee-001d7d5cbe5c}\Shell\readit\command - “” = notepad readme.doc
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] – “%1” %*
O35 - exefile [open] – “%1” %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2009-07-14 03:37:08 | 00,000,000 | —D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
========== Files/Folders - Created Within 30 Days ==========
[2010-01-02 20:06:54 | 00,000,000 | —D | C] – C:\Users\oparek\Desktop\Nowy folder (2)
[2009-12-30 15:22:38 | 00,000,000 | —D | C] – C:\Windows\System32\appmgmt
[2009-12-25 15:42:07 | 00,000,000 | —D | C] – C:\ProgramData\Codemasters
[2009-12-25 15:42:06 | 00,000,000 | —D | C] – C:\Users\Public\Documents\microsoft
[2009-12-25 15:38:43 | 00,872,448 | ---- | C] (Blue Ripple Sound Limited) – C:\Windows\System32\rapture3d_oal.dll
[2009-12-25 15:38:41 | 00,000,000 | —D | C] – C:\Program Files\BRS
[2009-12-25 15:38:27 | 00,000,000 | —D | C] – C:\Windows\System32\xlive
[2009-12-25 15:38:26 | 00,000,000 | —D | C] – C:\Program Files\Microsoft Games for Windows - LIVE
[2009-12-25 15:38:14 | 00,445,016 | ---- | C] (Creative Labs) – C:\Windows\System32\wrap_oal.dll
[2009-12-25 15:38:14 | 00,109,144 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) – C:\Windows\System32\OpenAL32.dll
[2009-12-25 15:38:14 | 00,000,000 | —D | C] – C:\Program Files\OpenAL
[2009-12-25 15:28:45 | 00,000,000 | —D | C] – C:\Program Files\Codemasters
[2009-12-24 20:01:13 | 00,000,000 | —D | C] – C:\Program Files\LucasArts
[2009-12-24 20:00:53 | 00,000,000 | —D | C] – C:\Program Files\GameSpy Arcade
[2009-12-20 21:37:39 | 00,000,000 | —D | C] – C:\Users\oparek\AppData\Roaming\XRay Engine
[2009-12-19 20:37:43 | 00,737,280 | ---- | C] (Indigo Rose Corporation) – C:\Windows\iun6002.exe
[2009-12-19 20:37:39 | 00,000,000 | —D | C] – C:\Program Files\AndreaMosaic
[2009-12-17 22:07:17 | 00,000,000 | —D | C] – C:\Users\oparek\Desktop\Nowy folder (3)
[2009-12-16 20:03:13 | 00,000,000 | —D | C] – C:\Users\oparek\Documents\Dokumenty na navia
[2009-12-16 20:01:27 | 00,000,000 | —D | C] – C:\Windows\WindowsMobile
[2009-12-15 20:39:03 | 00,000,000 | —D | C] – C:\Users\Public\Documents\stalke~1.-
[2009-12-14 22:13:20 | 30,127,432 | ---- | C] (Sports Interactive) – C:\Users\oparek\Desktop\fm.exe
[2009-12-13 18:37:51 | 00,000,000 | —D | C] – C:\Users\oparek.gstreamer-0.10
[2009-12-11 21:42:33 | 00,000,000 | —D | C] – C:\ProgramData\Sports Interactive
[2009-12-11 21:42:14 | 00,000,000 | —D | C] – C:\Users\Public\Documents\Sports Interactive
[2009-12-11 21:42:14 | 00,000,000 | —D | C] – C:\Users\oparek\Documents\Sports Interactive
[2009-12-11 21:32:06 | 00,000,000 | -H-D | C] – C:\Program Files\Zero G Registry
[2009-12-11 21:30:51 | 00,000,000 | -H-D | C] – C:\Users\oparek\InstallAnywhere
[2009-12-11 21:30:37 | 00,000,000 | —D | C] – C:\Users\oparek\AppData\Roaming\Sports Interactive
[2 C:\Windows\System32*.tmp files -> C:\Windows\System32*.tmp ->]
[2 C:*.tmp files -> C:*.tmp ->]
[1 C:\Windows*.tmp files -> C:\Windows*.tmp ->]
========== Files - Modified Within 30 Days ==========
[2010-01-10 11:06:41 | 02,621,440 | -HS- | M] () – C:\Users\oparek\NTUSER.DAT
[2010-01-10 10:43:39 | 00,000,438 | ---- | M] () – C:\Windows\win.ini
[2010-01-10 10:43:39 | 00,000,004 | ---- | M] () – C:\Windows\System32\proc-503976190.bin
[2010-01-10 09:13:14 | 00,067,584 | --S- | M] () – C:\Windows\bootstat.dat
[2010-01-10 09:13:11 | 28,182,20032 | -HS- | M] () – C:\hiberfil.sys
[2010-01-10 09:11:03 | 01,096,566 | -H-- | M] () – C:\Users\oparek\AppData\Local\IconCache.db
[2010-01-10 09:10:57 | 00,000,006 | -H-- | M] () – C:\Windows\tasks\SA.DAT
[2010-01-10 00:00:07 | 00,013,248 | -H-- | M] () – C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010-01-10 00:00:07 | 00,013,248 | -H-- | M] () – C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010-01-09 23:33:36 | 01,523,412 | ---- | M] () – C:\Windows\System32\PerfStringBackup.INI
[2010-01-09 23:33:36 | 00,687,590 | ---- | M] () – C:\Windows\System32\perfh015.dat
[2010-01-09 23:33:36 | 00,606,992 | ---- | M] () – C:\Windows\System32\perfh009.dat
[2010-01-09 23:33:36 | 00,131,176 | ---- | M] () – C:\Windows\System32\perfc015.dat
[2010-01-09 23:33:36 | 00,103,370 | ---- | M] () – C:\Windows\System32\perfc009.dat
[2010-01-09 22:57:34 | 00,034,304 | ---- | M] () – C:\Users\oparek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-01-07 18:27:47 | 01,440,054 | ---- | M] () – C:\Users\oparek\Documents\de_inferno0001.bmp
[2010-01-07 18:24:54 | 01,440,054 | ---- | M] () – C:\Users\oparek\Documents\de_inferno0000.bmp
[2010-01-07 18:20:36 | 01,440,054 | ---- | M] () – C:\Users\oparek\Documents\de_inferno0002.bmp
[2010-01-02 20:09:46 | 00,000,000 | ---- | M] () – C:\ProgramData\LauncherAccess.dt
[2010-01-02 20:09:36 | 00,000,106 | ---- | M] () – C:\Users\oparek\Documents\funrecent.fmp
[2010-01-01 18:08:06 | 03,932,214 | ---- | M] () – C:\Users\oparek\Documents\bez tytułu.jpg
[2009-12-30 18:53:45 | 00,001,444 | ---- | M] () – C:\Users\oparek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\logoff.lnk
[2009-12-25 15:41:58 | 00,001,502 | ---- | M] () – C:\Users\oparek\Desktop\dirt2 — skrót.lnk
[2009-12-25 15:38:14 | 00,445,016 | ---- | M] (Creative Labs) – C:\Windows\System32\wrap_oal.dll
[2009-12-25 15:38:14 | 00,109,144 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) – C:\Windows\System32\OpenAL32.dll
[2009-12-24 22:13:06 | 00,000,833 | ---- | M] () – C:\Users\oparek\Desktop\Play Star Wars Battlefront II.lnk
[2009-12-24 20:08:44 | 00,000,972 | ---- | M] () – C:\Users\oparek\Desktop\GameSpy Arcade.lnk
[2009-12-20 16:00:35 | 00,001,990 | ---- | M] () – C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2009-12-19 20:37:32 | 00,737,280 | ---- | M] (Indigo Rose Corporation) – C:\Windows\iun6002.exe
[2009-12-16 20:03:13 | 00,000,771 | ---- | M] () – C:\Users\oparek\Desktop\Dokumenty na navia.LNK
[2009-12-16 20:02:02 | 00,000,000 | -H-- | M] () – C:\Windows\System32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2 C:\Windows\System32*.tmp files -> C:\Windows\System32*.tmp ->]
[2 C:*.tmp files -> C:*.tmp ->]
[1 C:\Windows*.tmp files -> C:\Windows*.tmp ->]
========== Files Created - No Company Name ==========
[2010-01-10 10:43:39 | 00,000,004 | ---- | C] () – C:\Windows\System32\proc-503976190.bin
[2010-01-07 18:20:33 | 01,440,054 | ---- | C] () – C:\Users\oparek\Documents\de_inferno0002.bmp
[2010-01-07 18:20:30 | 01,440,054 | ---- | C] () – C:\Users\oparek\Documents\de_inferno0001.bmp
[2010-01-07 18:19:18 | 01,440,054 | ---- | C] () – C:\Users\oparek\Documents\de_inferno0000.bmp
[2010-01-01 18:02:56 | 03,932,214 | ---- | C] () – C:\Users\oparek\Documents\bez tytułu.jpg
[2009-12-30 18:52:29 | 00,001,444 | ---- | C] () – C:\Users\oparek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\logoff.lnk
[2009-12-25 15:41:58 | 00,001,502 | ---- | C] () – C:\Users\oparek\Desktop\dirt2 — skrót.lnk
[2009-12-24 22:13:06 | 00,000,833 | ---- | C] () – C:\Users\oparek\Desktop\Play Star Wars Battlefront II.lnk
[2009-12-24 20:01:01 | 00,000,972 | ---- | C] () – C:\Users\oparek\Desktop\GameSpy Arcade.lnk
[2009-12-20 16:00:35 | 00,001,990 | ---- | C] () – C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2009-12-16 20:03:13 | 00,000,771 | ---- | C] () – C:\Users\oparek\Desktop\Dokumenty na navia.LNK
[2009-12-16 20:02:02 | 00,000,000 | -H-- | C] () – C:\Windows\System32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2009-12-14 22:13:19 | 00,015,323 | ---- | C] () – C:\Users\oparek\Desktop\battery.nfo
[2009-11-14 22:37:25 | 00,000,250 | ---- | C] () – C:\Windows\XIIIHooligans.ini
[2009-11-08 16:20:43 | 02,255,360 | ---- | C] () – C:\Windows\System32\libavcodec.dll
[2009-11-08 16:20:43 | 00,395,776 | ---- | C] () – C:\Windows\System32\libmplayer.dll
[2009-11-08 16:20:43 | 00,262,144 | ---- | C] () – C:\Windows\System32\TomsMoComp_ff.dll
[2009-11-08 16:20:43 | 00,112,640 | ---- | C] () – C:\Windows\System32\libmpeg2_ff.dll
[2009-11-06 10:58:04 | 00,178,975 | ---- | C] () – C:\Windows\System32\xlive.dll.cat
[2009-09-25 15:55:22 | 00,076,407 | ---- | C] () – C:\Users\oparek\AppData\Roaming\Smiley.ico
[2009-09-05 16:15:57 | 00,007,602 | ---- | C] () – C:\Users\oparek\AppData\Local\Resmon.ResmonCfg
[2009-08-24 10:27:37 | 00,139,152 | ---- | C] () – C:\Windows\System32\drivers\PnkBstrK.sys
[2009-08-24 10:27:37 | 00,139,152 | ---- | C] () – C:\Users\oparek\AppData\Roaming\PnkBstrK.sys
[2009-08-22 13:17:36 | 00,000,000 | ---- | C] () – C:\ProgramData\LauncherAccess.dt
[2009-08-22 12:50:00 | 00,005,632 | ---- | C] () – C:\Windows\System32\drivers\StarOpen.sys
[2009-08-18 08:55:37 | 00,034,304 | ---- | C] () – C:\Users\oparek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-08-15 22:31:47 | 00,721,904 | ---- | C] () – C:\Windows\System32\drivers\sptd.sys
[2009-07-14 00:51:43 | 00,073,728 | ---- | C] () – C:\Windows\System32\BthpanContextHandler.dll
[2009-07-14 00:42:10 | 00,064,000 | ---- | C] () – C:\Windows\System32\BWContextHandler.dll
[2009-06-19 19:06:22 | 00,197,912 | ---- | C] () – C:\Windows\System32\physxcudart_20.dll
[2009-06-19 19:06:22 | 00,058,648 | ---- | C] () – C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009-06-19 19:06:22 | 00,058,648 | ---- | C] () – C:\Windows\System32\AgCPanelSwedish.dll
[2009-06-19 19:06:22 | 00,058,648 | ---- | C] () – C:\Windows\System32\AgCPanelSpanish.dll
[2009-06-19 19:06:22 | 00,058,648 | ---- | C] () – C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009-06-19 19:06:22 | 00,058,648 | ---- | C] () – C:\Windows\System32\AgCPanelPortugese.dll
[2009-06-19 19:06:22 | 00,058,648 | ---- | C] () – C:\Windows\System32\AgCPanelKorean.dll
[2009-06-19 19:06:22 | 00,058,648 | ---- | C] () – C:\Windows\System32\AgCPanelJapanese.dll
[2009-06-19 19:06:22 | 00,058,648 | ---- | C] () – C:\Windows\System32\AgCPanelGerman.dll
[2009-06-19 19:06:22 | 00,058,648 | ---- | C] () – C:\Windows\System32\AgCPanelFrench.dll
[2009-06-02 17:11:16 | 00,085,504 | ---- | C] () – C:\Windows\System32\ff_vfw.dll
[2009-05-29 15:52:26 | 00,204,800 | ---- | C] () – C:\Windows\System32\xvidvfw.dll
[2009-05-29 15:47:06 | 00,881,664 | ---- | C] () – C:\Windows\System32\xvidcore.dll
[2007-09-04 11:56:10 | 00,164,352 | ---- | C] () – C:\Windows\System32\unrar.dll
[2007-02-05 19:05:26 | 00,000,038 | ---- | C] () – C:\Windows\AviSplitter.INI
========== LOP Check ==========
[2009-09-25 15:55:20 | 00,000,000 | —D | M] – C:\Users\oparek\AppData\Roaming\BearShareTb
[2009-12-29 21:52:13 | 00,000,000 | —D | M] – C:\Users\oparek\AppData\Roaming\BESTplayer
[2009-11-04 17:40:46 | 00,000,000 | —D | M] – C:\Users\oparek\AppData\Roaming\Broad Intelligence
[2009-11-04 19:36:38 | 00,000,000 | —D | M] – C:\Users\oparek\AppData\Roaming\ConvertTemp
[2009-08-16 09:22:27 | 00,000,000 | —D | M] – C:\Users\oparek\AppData\Roaming\DAEMON Tools Lite
[2009-08-15 22:22:41 | 00,000,000 | —D | M] – C:\Users\oparek\AppData\Roaming\ESET
[2009-08-22 07:27:27 | 00,000,000 | —D | M] – C:\Users\oparek\AppData\Roaming\GanymedeNet
[2009-10-14 16:16:54 | 00,000,000 | —D | M] – C:\Users\oparek\AppData\Roaming\Leadertech
[2009-12-30 09:41:14 | 00,000,000 | —D | M] – C:\Users\oparek\AppData\Roaming\Nowe Gadu-Gadu
[2009-09-13 15:54:03 | 00,000,000 | —D | M] – C:\Users\oparek\AppData\Roaming\OpenFM
[2009-10-08 07:21:28 | 00,000,000 | —D | M] – C:\Users\oparek\AppData\Roaming\play2p
[2009-08-22 13:18:48 | 00,000,000 | —D | M] – C:\Users\oparek\AppData\Roaming\Samsung
[2009-12-11 21:42:13 | 00,000,000 | —D | M] – C:\Users\oparek\AppData\Roaming\Sports Interactive
[2009-08-22 07:21:25 | 00,000,000 | —D | M] – C:\Users\oparek\AppData\Roaming\temp
[2009-11-26 22:52:56 | 00,000,000 | —D | M] – C:\Users\oparek\AppData\Roaming\Temporary
[2009-10-08 10:30:57 | 00,000,000 | —D | M] – C:\Users\oparek\AppData\Roaming\Tlen.pl
[2010-01-02 20:11:07 | 00,000,000 | —D | M] – C:\Users\oparek\AppData\Roaming\TransRender
[2009-12-30 17:13:13 | 00,000,000 | —D | M] – C:\Users\oparek\AppData\Roaming\uTorrent
[2009-08-16 09:18:20 | 00,000,000 | —D | M] – C:\Users\oparek\AppData\Roaming\Win7codecs
[2009-12-20 21:37:39 | 00,000,000 | —D | M] – C:\Users\oparek\AppData\Roaming\XRay Engine
[2010-01-03 14:48:59 | 00,032,604 | ---- | M] () – C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %systemdrive%*.* >
[2009-06-10 22:42:20 | 00,000,024 | ---- | M] () – C:\autoexec.bat
[2009-11-08 16:50:50 | 00,010,469 | ---- | M] () – C:\avi_log.txt
[2009-07-14 02:38:58 | 00,383,562 | RHS- | M] () – C:\bootmgr
[2009-08-16 08:13:16 | 00,008,192 | RHS- | M] () – C:\BOOTSECT.BAK
[2009-06-10 22:42:20 | 00,000,010 | ---- | M] () – C:\config.sys
[2010-01-10 09:13:11 | 28,182,20032 | -HS- | M] () – C:\hiberfil.sys
[2010-01-10 09:13:16 | 37,576,29440 | -HS- | M] () – C:\pagefile.sys
[2 C:*.tmp files -> C:*.tmp ->]
< End of report >
A może wgrałeś nową skórę do 7 ?
Jest to windows z msdn aa wersja angielska z polskim language packiem. Nic więcej nei zmieniałem
po temacie poszła reinstalka systemu