consafo utworzono 2 lipca 2009 utworzono 2 lipca 2009 Logfile of Trend Micro HijackThis v2.0.2Scan saved at 14:59:01, on 2009-07-02Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\system32\CTsvcCDA.exeC:\Program Files\Creative\Shared Files\CTDevSrv.exeC:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exeC:\Program Files\Common Files\BinarySense\hldasvc.exeC:\Program Files\Common Files\BinarySense\hldasvc.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\CyberLink\Shared Files\RichVideo.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exeC:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exeC:\Program Files\Canon\CAL\CALMAIN.exeC:\Program Files\Analog Devices\Core\smax4pnp.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\Program Files\CyberLink\PowerDVD\PDVDServ.exeC:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exeC:\Program Files\Winamp\winampa.exeC:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exeC:\PROGRA~1\NEOSTR~1\CnxMon.exeC:\PROGRA~1\NEOSTR~1\TaskbarIcon.exeC:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\ESET\ESET NOD32 Antivirus\egui.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exeC:\Program Files\Creative\Creative Media Lite\CTZDetec.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exeC:\Program Files\RALINK\Common\RaUI.exeC:\Program Files\Microsoft Office\Office12\ONENOTEM.EXEC:\WINDOWS\system32\wuauclt.exeC:\PROGRA~1\NEOSTR~1\NeostradaTP.exeC:\PROGRA~1\NEOSTR~1\ComComp.exeC:\PROGRA~1\NEOSTR~1\Watch.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\WINDOWS\explorer.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.plR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaR3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLLO2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (file missing)O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO3 - Toolbar: (no name) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - (no file)O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exeO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exeO4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"O4 - HKLM\..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exeO4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\programs\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exeO4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exeO4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exeO4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /iconO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitserviceO4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hiddenO4 - HKCU\..\Run: [Odkurzacz-MCD] C:\Program Files\Odkurzacz\odk_mcd.exeO4 - HKCU\..\Run: [CTZDetec.exe] C:\Program Files\Creative\Creative Media Lite\CTZDetec.exeO4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exeO4 - HKCU\..\Run: [Nowe Gadu-Gadu] "C:\Program Files\Nowe Gadu-Gadu\gg.exe"O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep"O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /backgroundO4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exeO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - Startup: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXEO4 - Global Startup: Action Manager 32.lnk = C:\Program Files\Plustek\OpticPro ST48\AM32.exeO4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exeO4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exeO8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO17 - HKLM\System\CCS\Services\Tcpip\..\{876CA56A-B895-4404-884E-807C22596F21}: NameServer = 194.204.159.1 217.98.63.164O17 - HKLM\System\CCS\Services\Tcpip\..\{B86A7B74-66BA-4D63-A761-20E2ADB3A4C1}: NameServer = 194.204.159.1,194.204.152.34O18 - Protocol: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - "C:\Program Files\Common Files\BinarySense\hlAPP.dll" (file missing)O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exeO23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exeO23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exeO23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exeO23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exeO23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: HDDlife HDD Access service - BinarySense, Inc. - C:\Program Files\Common Files\BinarySense\hldasvc.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exeO23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe--End of file - 10901 bytes
Gość komentarz 2 lipca 2009 komentarz 2 lipca 2009 O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (file missing)O3 - Toolbar: (no name) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - (no file)O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exeO4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\programs\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hiddenO4 - HKCU\..\Run: [Odkurzacz-MCD] C:\Program Files\Odkurzacz\odk_mcd.exeO4 - HKCU\..\Run: [Nowe Gadu-Gadu] "C:\Program Files\Nowe Gadu-Gadu\gg.exe"O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep"O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /backgroundO4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe Te w/w wpisy sfiksuj w Hijacku: >>Hijack>>scan(Do a system scan only)>>zaznacz je >>Fix checked. Daj log z >>> DDS + OTL + RSIT'a. .
consafo komentarz 2 lipca 2009 Autor komentarz 2 lipca 2009 (edytowane) Oto logi: DDS'a: DDS (Ver_09-06-26.01) - NTFSx86 Run by Krzysztof at 16:39:55,12 on 2009-07-02Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_11Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.2046.1257 [GMT 2:00]AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\system32\CTsvcCDA.exeC:\Program Files\Creative\Shared Files\CTDevSrv.exeC:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exeC:\Program Files\Common Files\BinarySense\hldasvc.exeC:\Program Files\Common Files\BinarySense\hldasvc.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\CyberLink\Shared Files\RichVideo.exeC:\WINDOWS\system32\svchost.exe -k imgsvcC:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exeC:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exeC:\Program Files\Canon\CAL\CALMAIN.exeC:\Program Files\Analog Devices\Core\smax4pnp.exeC:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exeC:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exeC:\PROGRA~1\NEOSTR~1\CnxMon.exeC:\PROGRA~1\NEOSTR~1\TaskbarIcon.exeC:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exeC:\Program Files\ESET\ESET NOD32 Antivirus\egui.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Creative\Creative Media Lite\CTZDetec.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exeC:\Program Files\RALINK\Common\RaUI.exeC:\Program Files\Microsoft Office\Office12\ONENOTEM.EXEC:\WINDOWS\system32\wuauclt.exeC:\PROGRA~1\NEOSTR~1\NeostradaTP.exeC:\PROGRA~1\NEOSTR~1\ComComp.exeC:\PROGRA~1\NEOSTR~1\Watch.exeC:\WINDOWS\explorer.exeC:\Documents and Settings\Krzysztof\Pulpit\n4m75qv5.exeC:\DOCUME~1\KRZYSZ~1\USTAWI~1\Temp\RarSFX0\x4krue.exeC:\DOCUME~1\KRZYSZ~1\USTAWI~1\Temp\RarSFX0\2p3p5.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Documents and Settings\Krzysztof\Pulpit\dds.pif============== Pseudo HJT Report ===============uStart Page = hxxp://www.neostrada.pluURLSearchHooks: Search Class: {08c06d61-f1f3-4799-86f8-be1a89362c85} - c:\progra~1\neostr~1\SEARCH~1.DLLBHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dllBHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dlluRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exeuRun: [CTZDetec.exe] c:\program files\creative\creative media lite\CTZDetec.exeuRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exeuRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hiddenmRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exemRun: [WrtMon.exe] c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exemRun: [WooCnxMon] c:\progra~1\neostr~1\CnxMon.exemRun: [WOOWATCH] c:\progra~1\neostr~1\Watch.exemRun: [WOOTASKBARICON] c:\progra~1\neostr~1\TaskbarIcon.exemRun: [speedTouch USB Diagnostics] "c:\program files\thomson\speedtouch usb\Dragdiag.exe" /iconmRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservicedRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXEStartupFolder: c:\docume~1\krzysz~1\menust~1\programy\autost~1\tworze~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXEStartupFolder: c:\docume~1\alluse~1\menust~1\programy\autost~1\action~1.lnk - c:\program files\plustek\opticpro st48\AM32.exeStartupFolder: c:\docume~1\alluse~1\menust~1\programy\autost~1\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exeStartupFolder: c:\docume~1\alluse~1\menust~1\programy\autost~1\dslmon.lnk - c:\program files\sagem\sagem f@st 800-840\dslmon.exeStartupFolder: c:\docume~1\alluse~1\menust~1\programy\autost~1\ralink~1.lnk - c:\program files\ralink\common\RaUI.exeIE: &Winamp SearchIE: Download all links with IDMIE: Download FLV video content with IDMIE: Download with IDMIE: E&ksportuj do programu Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000IE: { - c:\program files\messenger\msmsgs.exeIE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLLIE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dllLSP: %SYSTEMROOT%\system32\nvappfilter.dllTCP: {876CA56A-B895-4404-884E-807C22596F21} = 194.204.159.1 217.98.63.164TCP: {B86A7B74-66BA-4D63-A761-20E2ADB3A4C1} = 194.204.159.1,194.204.152.34Handler: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - c:\program files\common files\binarysense\hlAPP.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLLSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll================= FIREFOX ===================FF - ProfilePath - c:\docume~1\krzysz~1\daneap~1\mozilla\firefox\profiles\9wfu3ejb.default\FF - component: c:\documents and settings\krzysztof\dane aplikacji\mozilla\firefox\profiles\9wfu3ejb.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampPlayer.dllFF - component: c:\documents and settings\krzysztof\dane aplikacji\mozilla\firefox\profiles\9wfu3ejb.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dllFF - plugin: d:\programs\reader\browser\nppdf32.dllFF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}============= SERVICES / DRIVERS ===============R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-8-18 34312]R2 ekrn;Eset Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2008-8-18 468224]R2 HDDlife HDD Access service;HDDlife HDD Access service;c:\program files\common files\binarysense\hldasvc.exe [2008-2-15 832760]=============== Created Last 30 ================2009-07-02 16:31 <DIR> --d-h--- c:\windows\PIF2009-07-02 14:58 <DIR> --d----- c:\program files\Trend Micro2009-06-23 00:43 32,128 ac------ c:\windows\system32\dllcache\usbccgp.sys2009-06-23 00:43 32,128 a------- c:\windows\system32\drivers\usbccgp.sys==================== Find3M ====================2009-07-02 13:14 481,234 a------- c:\windows\system32\perfh015.dat2009-07-02 13:14 89,048 a------- c:\windows\system32\perfc015.dat2009-05-07 17:34 347,648 a------- c:\windows\system32\localspl.dll2009-04-29 06:35 669,184 a------- c:\windows\system32\wininet.dll2009-04-29 06:35 81,920 a------- c:\windows\system32\ieencode.dll2009-04-19 21:51 1,847,424 a------- c:\windows\system32\win32k.sys2009-04-15 16:54 585,216 a------- c:\windows\system32\rpcrt4.dll2008-02-26 00:31 32 a------- c:\docume~1\alluse~1\daneap~1\ezsid.dat============= FINISH: 16:40:43,28 =============== UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH ITDDS (Ver_09-06-26.01)Microsoft Windows XP Home EditionBoot Device: \Device\HarddiskVolume1Install Date: 2008-01-24 17:30:24System Uptime: 2009-07-02 13:09:46 (3 hours ago)Motherboard: ASUSTeK Computer INC. | | P5N32-E SLIProcessor: Intel? Core2 Duo CPU E6850 @ 3.00GHz | Socket 775 | 2999/333mhz==== Disk Partitions =========================C: is FIXED (NTFS) - 117 GiB total, 60,097 GiB free.D: is FIXED (NTFS) - 181 GiB total, 17,021 GiB free.E: is CDROM ()F: is Removable==== Disabled Device Manager Items ================= System Restore Points ===================RP350: 2009-04-02 22:17:10 - Punkt kontrolny systemuRP351: 2009-04-04 12:56:48 - Punkt kontrolny systemuRP352: 2009-04-05 23:05:23 - Punkt kontrolny systemuRP353: 2009-04-06 23:20:43 - Punkt kontrolny systemuRP354: 2009-04-08 13:04:12 - Punkt kontrolny systemuRP355: 2009-04-14 13:52:22 - Punkt kontrolny systemuRP356: 2009-04-15 15:11:38 - Punkt kontrolny systemuRP357: 2009-04-16 09:42:15 - Software Distribution Service 3.0RP358: 2009-04-17 17:49:28 - Punkt kontrolny systemuRP359: 2009-04-18 22:28:02 - Punkt kontrolny systemuRP360: 2009-04-20 10:32:22 - Punkt kontrolny systemuRP361: 2009-04-21 14:06:11 - Punkt kontrolny systemuRP362: 2009-04-22 21:28:31 - Punkt kontrolny systemuRP363: 2009-04-23 23:55:31 - Punkt kontrolny systemuRP364: 2009-04-25 14:40:23 - Punkt kontrolny systemuRP365: 2009-04-26 14:52:36 - Punkt kontrolny systemuRP366: 2009-04-27 15:38:16 - Punkt kontrolny systemuRP367: 2009-04-28 19:01:58 - Punkt kontrolny systemuRP368: 2009-04-29 15:23:09 - Software Distribution Service 3.0RP369: 2009-05-28 17:05:06 - Punkt kontrolny systemuRP370: 2009-04-30 22:29:34 - Punkt kontrolny systemuRP371: 2009-05-05 00:09:39 - Punkt kontrolny systemuRP372: 2009-05-06 00:12:57 - Punkt kontrolny systemuRP373: 2009-05-07 10:09:17 - Punkt kontrolny systemuRP374: 2009-05-08 17:51:58 - Punkt kontrolny systemuRP375: 2009-05-10 10:54:35 - Punkt kontrolny systemuRP376: 2009-05-11 16:35:01 - Punkt kontrolny systemuRP377: 2009-05-12 16:50:01 - Punkt kontrolny systemuRP378: 2009-05-13 20:47:21 - Punkt kontrolny systemuRP379: 2009-05-14 08:40:10 - Software Distribution Service 3.0RP380: 2009-05-16 15:46:19 - Punkt kontrolny systemuRP381: 2009-05-17 15:59:57 - Punkt kontrolny systemuRP382: 2009-05-18 19:15:42 - Punkt kontrolny systemuRP383: 2009-05-19 19:25:57 - Punkt kontrolny systemuRP384: 2009-05-20 20:49:47 - Punkt kontrolny systemuRP385: 2009-05-21 20:53:24 - Punkt kontrolny systemuRP386: 2009-05-23 16:08:02 - Punkt kontrolny systemuRP387: 2009-05-24 19:41:33 - Punkt kontrolny systemuRP388: 2009-05-25 23:16:17 - Punkt kontrolny systemuRP389: 2009-05-27 00:26:55 - Punkt kontrolny systemuRP390: 2009-05-28 00:53:22 - Punkt kontrolny systemuRP391: 2009-05-30 09:29:44 - Punkt kontrolny systemuRP392: 2009-05-31 23:35:41 - Punkt kontrolny systemuRP393: 2009-06-02 12:05:39 - Punkt kontrolny systemuRP394: 2009-06-04 00:20:00 - Punkt kontrolny systemuRP395: 2009-06-05 08:33:12 - Punkt kontrolny systemuRP396: 2009-06-06 10:02:04 - Punkt kontrolny systemuRP397: 2009-06-08 19:59:38 - Punkt kontrolny systemuRP398: 2009-06-09 20:03:14 - Punkt kontrolny systemuRP399: 2009-06-10 22:08:58 - Punkt kontrolny systemuRP400: 2009-06-11 11:32:36 - Software Distribution Service 3.0RP401: 2009-06-11 16:34:57 - Software Distribution Service 3.0RP402: 2009-06-12 19:18:46 - Punkt kontrolny systemuRP403: 2009-06-13 22:42:03 - Punkt kontrolny systemuRP404: 2009-06-14 22:45:55 - Punkt kontrolny systemuRP405: 2009-06-15 23:23:59 - Punkt kontrolny systemuRP406: 2009-06-17 18:51:50 - Punkt kontrolny systemuRP407: 2009-06-19 10:57:57 - Punkt kontrolny systemuRP408: 2009-06-20 12:01:00 - Punkt kontrolny systemuRP409: 2009-06-21 12:02:01 - Punkt kontrolny systemuRP410: 2009-06-22 12:48:46 - Punkt kontrolny systemuRP411: 2009-06-23 12:52:33 - Punkt kontrolny systemuRP412: 2009-06-24 13:41:14 - Punkt kontrolny systemuRP413: 2009-06-25 14:27:54 - Punkt kontrolny systemuRP414: 2009-06-26 20:05:49 - Punkt kontrolny systemuRP415: 2009-06-29 00:18:52 - Punkt kontrolny systemuRP416: 2009-06-30 00:31:46 - Punkt kontrolny systemuRP417: 2009-07-01 20:06:56 - Punkt kontrolny systemuRP418: 2009-07-02 15:10:35 - Removed Dreamweaver MXRP419: 2009-07-02 15:10:53 - Removed Extension ManagerRP420: 2009-07-02 15:11:33 - Removed FireworksRP421: 2009-07-02 15:13:26 - Removed FreeHand==== Installed Programs ======================2007 Microsoft Office Suite Service Pack 1 (SP1)ABBYY FineReader 6.0 SprintAdobe Acrobat 5.0 CEAdobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)Adobe After Effects 5.5Adobe Anchor Service CS3Adobe Asset Services CS3Adobe Bridge CS3Adobe Bridge Start MeetingAdobe Camera Raw 4.0Adobe CMapsAdobe Color - Photoshop SpecificAdobe Color Common SettingsAdobe Color EU Extra SettingsAdobe Color JA Extra SettingsAdobe Color NA Recommended SettingsAdobe Common File InstallerAdobe Default Language CS3Adobe Device Central CS3Adobe ExtendScript Toolkit 2Adobe Flash CS3Adobe Flash Player 10 PluginAdobe Flash Player 9 ActiveXAdobe Flash Video EncoderAdobe Fonts AllAdobe Help Viewer CS3Adobe Illustrator CS2Adobe Linguistics CS3Adobe PDF Library FilesAdobe Photoshop 7.0 CEAdobe Photoshop CS3Adobe Premiere Elements 4.0Adobe Premiere Elements 4.0 TemplatesAdobe Reader 8.1.2Adobe Reader 8.1.2 Security Update 1 (KB403742)Adobe SetupAdobe Stock Photos CS3Adobe SVG Viewer 3.0Adobe Type SupportAdobe Update Manager CS3Adobe Version Cue CS3 ClientAdobe WinSoft Linguistics PluginAdobe XMP Panels CS3Aktualizacja dla systemu Windows XP (KB951072-v2)Aktualizacja dla systemu Windows XP (KB951978)Aktualizacja dla systemu Windows XP (KB955839)Aktualizacja dla systemu Windows XP (KB967715)Aktualizacja krytyczna dla programu Windows Media Player 11 (KB959772)Aktualizacja zabezpieczeń dla programu Windows Media Player (KB911564)Aktualizacja zabezpieczeń dla programu Windows Media Player (KB952069)Aktualizacja zabezpieczeń dla programu Windows Media Player 11 (KB936782)Aktualizacja zabezpieczeń dla programu Windows Media Player 11 (KB954154)Aktualizacja zabezpieczeń dla programu Windows Media Player 6.4 (KB925398)Aktualizacja zabezpieczeń dla programu Windows Media Player 9 (KB936782)Aktualizacja zabezpieczeń dla systemu Windows XP (KB923561)Aktualizacja zabezpieczeń dla systemu Windows XP (KB923789)Aktualizacja zabezpieczeń dla systemu Windows XP (KB938464-v2)Aktualizacja zabezpieczeń dla systemu Windows XP (KB938464)Aktualizacja zabezpieczeń dla systemu Windows XP (KB946648)Aktualizacja zabezpieczeń dla systemu Windows XP (KB950759)Aktualizacja zabezpieczeń dla systemu Windows XP (KB950760)Aktualizacja zabezpieczeń dla systemu Windows XP (KB950762)Aktualizacja zabezpieczeń dla systemu Windows XP (KB950974)Aktualizacja zabezpieczeń dla systemu Windows XP (KB951066)Aktualizacja zabezpieczeń dla systemu Windows XP (KB951376-v2)Aktualizacja zabezpieczeń dla systemu Windows XP (KB951376)Aktualizacja zabezpieczeń dla systemu Windows XP (KB951698)Aktualizacja zabezpieczeń dla systemu Windows XP (KB951748)Aktualizacja zabezpieczeń dla systemu Windows XP (KB952004)Aktualizacja zabezpieczeń dla systemu Windows XP (KB952954)Aktualizacja zabezpieczeń dla systemu Windows XP (KB953838)Aktualizacja zabezpieczeń dla systemu Windows XP (KB953839)Aktualizacja zabezpieczeń dla systemu Windows XP (KB954211)Aktualizacja zabezpieczeń dla systemu Windows XP (KB954459)Aktualizacja zabezpieczeń dla systemu Windows XP (KB954600)Aktualizacja zabezpieczeń dla systemu Windows XP (KB955069)Aktualizacja zabezpieczeń dla systemu Windows XP (KB956390)Aktualizacja zabezpieczeń dla systemu Windows XP (KB956391)Aktualizacja zabezpieczeń dla systemu Windows XP (KB956572)Aktualizacja zabezpieczeń dla systemu Windows XP (KB956802)Aktualizacja zabezpieczeń dla systemu Windows XP (KB956803)Aktualizacja zabezpieczeń dla systemu Windows XP (KB956841)Aktualizacja zabezpieczeń dla systemu Windows XP (KB957095)Aktualizacja zabezpieczeń dla systemu Windows XP (KB957097)Aktualizacja zabezpieczeń dla systemu Windows XP (KB958215)Aktualizacja zabezpieczeń dla systemu Windows XP (KB958644)Aktualizacja zabezpieczeń dla systemu Windows XP (KB958687)Aktualizacja zabezpieczeń dla systemu Windows XP (KB958690)Aktualizacja zabezpieczeń dla systemu Windows XP (KB959426)Aktualizacja zabezpieczeń dla systemu Windows XP (KB960225)Aktualizacja zabezpieczeń dla systemu Windows XP (KB960714)Aktualizacja zabezpieczeń dla systemu Windows XP (KB960715)Aktualizacja zabezpieczeń dla systemu Windows XP (KB960803)Aktualizacja zabezpieczeń dla systemu Windows XP (KB961373)Aktualizacja zabezpieczeń dla systemu Windows XP (KB961501)Aktualizacja zabezpieczeń dla systemu Windows XP (KB963027)Aktualizacja zabezpieczeń dla systemu Windows XP (KB968537)Aktualizacja zabezpieczeń dla systemu Windows XP (KB969897)Aktualizacja zabezpieczeń dla systemu Windows XP (KB969898)Aktualizacja zabezpieczeń dla systemu Windows XP (KB970238)Aktualizacja zabezpieczeń dla Windows XP (KB923689)Aktualizacja zabezpieczeń dla Windows XP (KB941569)ALLPlayer V3.XArchiwizator WinRARCanon Camera Access LibraryCanon Camera Support Core LibraryCanon Camera Window DC_DV 5 for ZoomBrowser EXCanon Camera Window DC_DV 6 for ZoomBrowser EXCanon Camera Window MC 6 for ZoomBrowser EXCanon RAW Image Task for ZoomBrowser EXCanon RemoteCapture Task for ZoomBrowser EXCanon Utilities Digital Photo Professional 2.2Canon Utilities EOS UtilityCanon Utilities PhotoStitchCanon Utilities ZoomBrowser EXCorel ApplicationsCorelDRAW ESSENTIALSCreative Media LiteCreative ZEN Stone User's GuideDeepBurner Pro v1.9.0.228DVD FlickDVD Shrink 3.2DVD SuiteESET NOD32 AntivirusFlash Slideshow Maker Pro 4.87Google Toolbar for Internet ExplorerHDDlife Pro 3.1High Definition Audio Driver Package - KB888111HijackThis 2.0.2Hotfix for Windows Media Format 11 SDK (KB929399)Java 6 Update 11K-Lite Codec Pack 3.7.0 FullLightScribe 1.6.43.1Microsoft .NET Framework 1.1Microsoft .NET Framework 1.1 Hotfix (KB928366)Microsoft .NET Framework 2.0 Service Pack 1Microsoft Compression Client Pack 1.0 for Windows XPMicrosoft Office Excel MUI (Polish) 2007Microsoft Office Home and Student 2007Microsoft Office OneNote MUI (Polish) 2007Microsoft Office PowerPoint MUI (Polish) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (German) 2007Microsoft Office Proof (Polish) 2007Microsoft Office Proofing (Polish) 2007Microsoft Office Shared MUI (Polish) 2007Microsoft Office Word MUI (Polish) 2007Microsoft Software Update for Web Folders (Polish) 12Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)Microsoft User-Mode Driver Framework Feature Pack 1.0Microsoft Visual C++ 2005 RedistributableMozilla Firefox (3.0.11)MSXML 4.0 SP2 (KB936181)MSXML 4.0 SP2 (KB954430)MSXML 6.0 Parser (KB933579)NAPIPROJEKT 1.0.6.2Neostrada TPNero 7 EssentialsneroxmlNowe Gadu-GaduNVIDIA DriversNVIDIA ForceWare Network Access ManagerOdkurzacz 11.2 ProPDF SettingsPinholeDesigner 2.0Plustek OpticPro ST48 V4.0.0Poprawka dla programu Windows Media Player 11 (KB939683)Poprawka dla systemu Windows XP (KB952287)PowerDVDPowerProducerPresto! ImageFolio 4Presto! Mr. Photo 4Presto! PageManager 7.10Ralink Wireless LAN CardRealPlayerSAGEM F@st 800-840SecurDisc ViewerSecurity Update for 2007 Microsoft Office System (KB951550)Security Update for 2007 Microsoft Office System (KB951944)Security Update for 2007 Microsoft Office System (KB969559)Security Update for 2007 Microsoft Office System (KB969679)Security Update for Microsoft Office Excel 2007 (KB969682)Security Update for Microsoft Office OneNote 2007 (KB950130)Security Update for Microsoft Office PowerPoint 2007 (KB957789)Security Update for Microsoft Office system 2007 (KB954326)Security Update for Microsoft Office system 2007 (KB969613)Security Update for Microsoft Office Word 2007 (KB969604)Security Update for Visio 2007 (KB947590)Shut Down-O-MaticSkype? 3.6Smart Start UPSonic Foundry 5.1 Surround Plug-In Pack 1.0Sonic Foundry CD Architect 5.0Sony DVD Architect 3.0Sony Media Manager 2.0Sony Sound Forge 8.0Sony Vegas 6.0SoundMAXSpeedTouch USB SoftwareSpybot - Search & DestroyUpdate for 2007 Microsoft Office System (KB967642)VLC media player 0.9.6WebFldrs XPWinampWinamp Toolbar for FirefoxWindows Media Format 11 runtimeWindows Media Player 11Windows XP Service Pack 3==== End Of File =========================== OTL'a : OTL logfile created on: 2009-07-02 16:45:15 - Run 1OTL by OldTimer - Version 3.0.6.1 Folder = C:\Documents and Settings\Krzysztof\PulpitWindows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 6.0.2900.5512)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd2,00 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 58,68% Memory free3,85 Gb Paging File | 3,32 Gb Available in Paging File | 86,20% Paging File freePaging file location(s): C:\pagefile.sys 2046 4092 [binary data]%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 117,19 Gb Total Space | 60,03 Gb Free Space | 51,23% Space Free | Partition Type: NTFSDrive D: | 180,89 Gb Total Space | 17,02 Gb Free Space | 9,41% Space Free | Partition Type: NTFSE: Drive not present or media not loadedF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loadedComputer Name: KRZYSZTO-CC0FC7Current User Name: KrzysztofLogged in as Administrator.Current Boot Mode: NormalScan Mode: All usersCompany Name Whitelist: OffSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard========== Processes (SafeList) ==========PRC - [2006-02-28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exePRC - [1999-12-13 09:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\CTsvcCDA.exePRC - [2007-04-02 14:15:40 | 00,061,440 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTDevSrv.exePRC - [2008-08-18 14:25:10 | 00,468,224 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exePRC - [2008-02-15 14:17:00 | 00,832,760 | ---- | M] (BinarySense, Inc.) -- C:\Program Files\Common Files\BinarySense\hldasvc.exePRC - [2008-02-15 14:17:00 | 00,832,760 | ---- | M] (BinarySense, Inc.) -- C:\Program Files\Common Files\BinarySense\hldasvc.exePRC - [2008-12-30 14:55:04 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exePRC - [2007-04-19 14:35:46 | 00,075,304 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exePRC - [2007-06-28 18:43:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exePRC - [2005-08-08 06:54:00 | 00,167,936 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exePRC - [2006-09-08 14:12:50 | 00,172,032 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exePRC - [2006-09-08 14:10:42 | 00,172,090 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exePRC - [2005-09-30 20:22:50 | 00,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exePRC - [2006-12-18 15:34:36 | 00,868,352 | R--- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exePRC - [2006-09-20 09:35:26 | 00,020,480 | ---- | M] () -- C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exePRC - [2006-10-30 17:59:34 | 00,024,576 | ---- | M] () -- C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtProc.exePRC - [2003-10-16 19:07:10 | 00,024,576 | ---- | M] () -- C:\Program Files\Neostrada TP\CnxMon.exePRC - [2003-10-16 19:07:12 | 00,053,248 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\TaskBarIcon.exePRC - [2004-01-26 11:38:38 | 00,866,816 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exePRC - [2008-08-18 14:23:50 | 01,447,168 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exePRC - [2007-12-18 14:20:00 | 00,401,408 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Creative Media Lite\CTZDetec.exePRC - [2008-08-18 18:41:00 | 01,832,272 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exePRC - [2004-02-26 14:43:16 | 00,962,661 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exePRC - [2006-08-14 15:46:34 | 00,630,784 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\RALINK\Common\RaUI.exePRC - [2007-12-07 20:44:36 | 00,101,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXEPRC - [2003-10-16 19:07:12 | 00,626,688 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\NeostradaTP.exePRC - [2003-10-16 19:07:10 | 00,200,704 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\ComComp.exePRC - [2003-10-16 19:07:12 | 00,020,480 | ---- | M] (France Télécom R&D) -- C:\Program Files\Neostrada TP\Watch.exePRC - [2008-04-14 19:21:16 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exePRC - [2009-07-02 15:01:52 | 14,716,808 | ---- | M] (Doctor Web, Ltd.) -- C:\Documents and Settings\Krzysztof\Pulpit\n4m75qv5.exePRC - [2008-09-15 14:31:56 | 00,116,024 | ---- | M] (Doctor Web, Ltd.) -- C:\Documents and Settings\Krzysztof\Ustawienia lokalne\temp\RarSFX0\x4krue.exePRC - [2009-06-25 09:44:00 | 02,094,320 | ---- | M] () -- C:\Documents and Settings\Krzysztof\Ustawienia lokalne\temp\RarSFX0\2p3p5.exePRC - [2009-06-13 22:25:01 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exePRC - [2009-02-06 12:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\wmiprvse.exePRC - [2009-07-02 16:32:07 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Krzysztof\Pulpit\OTL.exe========== Win32 Services (SafeList) ==========SRV - [2008-04-12 14:39:23 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])SRV - [2007-10-24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])SRV - [2006-02-28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])SRV - [2005-09-30 20:22:50 | 00,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8 [Auto | Running])SRV - [2007-10-24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])SRV - [1999-12-13 09:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\CTsvcCDA.exe -- (Creative Service for CDROM Access [Auto | Running])SRV - [2007-04-02 14:15:40 | 00,061,440 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv [Auto | Running])SRV - [2008-08-18 14:30:58 | 00,019,200 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv [On_Demand | Stopped])SRV - [2008-08-18 14:25:10 | 00,468,224 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn [Auto | Running])SRV - [2008-02-05 19:04:29 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])SRV - [2006-09-08 14:12:50 | 00,172,032 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM) [Auto | Running])SRV - [2008-10-05 16:50:25 | 00,138,168 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])SRV - [2008-02-15 14:17:00 | 00,832,760 | ---- | M] (BinarySense, Inc.) -- C:\Program Files\Common Files\BinarySense\hldasvc.exe -- (HDDlife HDD Access service [Auto | Running])SRV - [2008-04-14 19:20:44 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])SRV - [2008-12-30 14:55:04 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])SRV - [2007-04-19 14:35:46 | 00,075,304 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])SRV - [2002-12-17 17:26:22 | 07,520,337 | ---- | M] (Microsoft Corporation) -- D:\programs\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR [On_Demand | Stopped])SRV - [2002-12-17 17:23:30 | 00,066,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper [On_Demand | Stopped])SRV - [2007-04-13 22:09:56 | 00,792,112 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])SRV - [2007-05-08 20:47:22 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])SRV - [2006-09-08 14:10:42 | 00,172,090 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp [Auto | Running])SRV - [2007-06-28 18:43:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])SRV - [2007-08-24 03:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])SRV - [2006-10-26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])SRV - [2005-08-08 06:54:00 | 00,167,936 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])SRV - [2002-12-17 17:23:30 | 00,311,872 | ---- | M] (Microsoft Corporation) -- D:\programs\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR [On_Demand | Stopped])SRV - [2006-12-01 12:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])========== Driver Services (SafeList) ==========DRV - [2006-12-08 11:06:00 | 00,139,776 | R--- | M] (Analog Devices, Inc.) -- C:\WINDOWS\System32\drivers\adidts.sys -- (ADIDTSFiltService [On_Demand | Running])DRV - [2007-01-16 03:09:06 | 00,293,888 | R--- | M] (Analog Devices, Inc.) -- C:\WINDOWS\System32\drivers\ADIHdAud.sys -- (ADIHdAudAddService [On_Demand | Running])DRV - [2006-08-07 00:57:30 | 00,093,952 | R--- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\System32\drivers\AEAudio.sys -- (AEAudio [On_Demand | Running])DRV - [2008-01-26 21:20:36 | 00,021,275 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\System32\DRIVERS\AegisP.sys -- (AegisP [Auto | Running])DRV - [2003-12-08 11:53:48 | 00,053,600 | ---- | M] (THOMSON) -- C:\WINDOWS\System32\DRIVERS\alcan5wn.sys -- (alcan5wn [On_Demand | Running])DRV - [2003-12-08 11:53:46 | 00,070,688 | ---- | M] (THOMSON) -- C:\WINDOWS\System32\DRIVERS\alcaudsl.sys -- (alcaudsl [On_Demand | Running])DRV - [2008-08-18 14:18:26 | 00,039,944 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\eamon.sys -- (eamon [Auto | Running])DRV - [2008-08-18 14:19:26 | 00,053,256 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\easdrv.sys -- (easdrv [system | Running])DRV - [2008-08-18 14:27:42 | 00,034,312 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\epfwtdir.sys -- (epfwtdir [system | Running])DRV - [2008-04-13 18:36:05 | 00,144,384 | ---- | M] (Windows ? Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])DRV - [2004-08-13 04:56:20 | 00,005,810 | R--- | M] () -- C:\WINDOWS\System32\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running])DRV - [2007-06-28 18:43:00 | 06,807,328 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])DRV - [2006-09-21 09:39:16 | 00,105,344 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata [boot | Running])DRV - [2006-08-07 10:39:22 | 00,052,736 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\NVENETFD.sys -- (NVENETFD [On_Demand | Running])DRV - [2006-08-07 10:39:24 | 00,018,944 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nvnetbus.sys -- (nvnetbus [On_Demand | Running])DRV - [2006-08-07 10:39:14 | 00,110,080 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\NVTcp.sys -- (NVTCP [system | Running])DRV - [2006-03-02 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [boot | Running])DRV - [2006-05-12 11:44:50 | 00,343,168 | ---- | M] (Ralink Technology, Corp.) -- C:\WINDOWS\System32\DRIVERS\rt73.sys -- (RT73 [On_Demand | Stopped])DRV - [2007-11-13 12:25:55 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])DRV - [2001-08-17 22:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=homeIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htmIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearchIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhomeIE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearchIE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhomeIE - HKU\S-1-5-21-1547161642-2147023141-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htmIE - HKU\S-1-5-21-1547161642-2147023141-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearchIE - HKU\S-1-5-21-1547161642-2147023141-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.plIE - URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Neostrada TP\SearchPageURL.dll ()IE - HKU\S-1-5-21-1547161642-2147023141-839522115-1004\S-1-5-21-1547161642-2147023141-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0========== FireFox ==========FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.5.1.1FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2008-12-30 14:55:05 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-06-13 22:25:07 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-06-13 22:25:07 | 00,000,000 | ---D | M][2009-01-11 17:22:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Krzysztof\Dane aplikacji\mozilla\Extensions[2009-01-11 17:22:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Krzysztof\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}[2009-07-02 16:29:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Krzysztof\Dane aplikacji\mozilla\Firefox\Profiles\9wfu3ejb.default\extensions[2008-10-18 14:56:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Krzysztof\Dane aplikacji\mozilla\Firefox\Profiles\9wfu3ejb.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}[2009-07-02 13:45:36 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions[2009-06-13 22:25:07 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}[2008-02-26 00:29:19 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}[2008-12-30 14:55:16 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}[2009-06-13 22:25:01 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll[2009-06-13 22:25:01 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll[2008-12-30 14:55:05 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll[2009-06-13 22:25:04 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll[2007-05-10 22:52:34 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll[2008-10-05 16:50:25 | 00,144,984 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll[2008-10-05 16:50:30 | 00,024,576 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll[2008-10-05 16:50:22 | 00,081,920 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll[2009-01-11 17:22:47 | 00,000,896 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml[2009-01-11 17:22:47 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml[2009-01-11 17:22:47 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml[2009-01-11 17:22:47 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml[2009-01-11 17:22:47 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml[2009-01-11 17:22:47 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml[2009-01-11 17:22:47 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xmlO1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\HostsO1 - Hosts: 127.0.0.1 localhostO2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)O4 - HKLM..\Run: [speedTouch USB Diagnostics] C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe (THOMSON Telecom Belgium)O4 - HKLM..\Run: [WooCnxMon] C:\Program Files\Neostrada TP\CnxMon.exe ()O4 - HKLM..\Run: [WOOTASKBARICON] C:\Program Files\Neostrada TP\TaskBarIcon.exe (France Télécom R&D)O4 - HKLM..\Run: [WOOWATCH] C:\Program Files\Neostrada TP\Watch.exe (France Télécom R&D)O4 - HKLM..\Run: [WrtMon.exe] C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe ()O4 - HKU\S-1-5-21-1547161642-2147023141-839522115-1004..\Run: [CTZDetec.exe] C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe (Creative Technology Ltd.)O4 - HKU\S-1-5-21-1547161642-2147023141-839522115-1004..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)O4 - HKU\S-1-5-21-1547161642-2147023141-839522115-1004..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Action Manager 32.lnk = C:\Program Files\Plustek\OpticPro ST48\AM32.exe ()O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe ()O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe (Ralink Technology, Corp.)O4 - Startup: C:\Documents and Settings\Krzysztof\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-1547161642-2147023141-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-1547161642-2147023141-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-21-1547161642-2147023141-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O7 - HKU\S-1-5-21-1547161642-2147023141-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0O7 - HKU\S-1-5-21-1547161642-2147023141-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0O7 - HKU\S-1-5-21-1547161642-2147023141-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1O7 - HKU\S-1-5-21-1547161642-2147023141-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0O7 - HKU\S-1-5-21-1547161642-2147023141-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0O7 - HKU\S-1-5-21-1547161642-2147023141-839522115-1004_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO8 - Extra context menu item: &Winamp Search - Reg Error: Value error. File not foundO8 - Extra context menu item: Download all links with IDM - Reg Error: Value error. File not foundO8 - Extra context menu item: Download FLV video content with IDM - Reg Error: Value error. File not foundO8 - Extra context menu item: Download with IDM - Reg Error: Value error. File not foundO8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O9 - Extra Button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\nvappfilter.dll (NVIDIA)O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\nvappfilter.dll (NVIDIA)O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\nvappfilter.dll (NVIDIA)O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\nvappfilter.dll (NVIDIA)O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.O18 - Protocol\Handler\hddlife {BD758015-47D9-477A-8873-4B688A2BC0E2} - C:\Program Files\Common Files\BinarySense\hlAPP.dll (BinarySense, Inc.)O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\ipp - No CLSID value foundO18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp - No CLSID value foundO18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:HomeO31 - SafeBoot: AlternateShell - cmd.exeO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2008-01-24 18:29:21 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O33 - MountPoints2\{438cfc16-e4d1-11dd-9788-0008a1b74304}\Shell\AutoRun\command - "" = G:\8paf1d.com -- File not foundO33 - MountPoints2\{438cfc16-e4d1-11dd-9788-0008a1b74304}\Shell\open\Command - "" = G:\8paf1d.com -- File not foundO33 - MountPoints2\{54df829e-e25f-11dd-977d-0008a1b74304}\Shell\AutoRun\command - "" = G:\q9.cmd -- File not foundO33 - MountPoints2\{54df829e-e25f-11dd-977d-0008a1b74304}\Shell\open\Command - "" = G:\q9.cmd -- File not foundO33 - MountPoints2\{5b718a39-0bbd-11dd-959d-0008a1b74304}\Shell - "" = AutorunO33 - MountPoints2\{5b718a39-0bbd-11dd-959d-0008a1b74304}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\setup.exe -- [2008-04-14 19:21:39 | 00,023,040 | ---- | M] (Microsoft Corporation)O33 - MountPoints2\{685724cc-d703-11dc-9500-0008a1b74304}\Shell\Auto\command - "" = G:\activexdebugger32.exe -- File not foundO33 - MountPoints2\{685724cc-d703-11dc-9500-0008a1b74304}\Shell\explore\Command - "" = G:\activexdebugger32.exe -- File not foundO33 - MountPoints2\{685724cc-d703-11dc-9500-0008a1b74304}\Shell\open\Command - "" = G:\activexdebugger32.exe -- File not foundO33 - MountPoints2\{6af0e491-11e1-11dd-95b1-0008a1b74304}\Shell\AutoRun\command - "" = G:\8de.bat -- File not foundO33 - MountPoints2\{6af0e491-11e1-11dd-95b1-0008a1b74304}\Shell\explore\Command - "" = G:\8de.bat -- File not foundO33 - MountPoints2\{6af0e491-11e1-11dd-95b1-0008a1b74304}\Shell\open\Command - "" = G:\8de.bat -- File not foundO33 - MountPoints2\{813096d0-d411-11dc-94f7-0008a1b74304}\Shell\Auto\command - "" = activexdebugger32.exe fO33 - MountPoints2\{813096d0-d411-11dc-94f7-0008a1b74304}\Shell\explore\Command - "" = activexdebugger32.exe fO33 - MountPoints2\{813096d0-d411-11dc-94f7-0008a1b74304}\Shell\open\Command - "" = activexdebugger32.exe fO34 - HKLM BootExecute: (autocheck) - File not foundO34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)O34 - HKLM BootExecute: (*) - File not found========== Files/Folders - Created Within 30 Days ==========[1 C:\WINDOWS\*.tmp files][2009-07-02 16:33:37 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Krzysztof\Pulpit\backup.1.07.part2.rar[2009-07-02 16:33:36 | 11,734,2372 | ---- | C] () -- C:\Documents and Settings\Krzysztof\Pulpit\backup.1.07.part2.rar.part[2009-07-02 16:32:15 | 00,781,909 | ---- | C] () -- C:\Documents and Settings\Krzysztof\Pulpit\RSIT.exe[2009-07-02 16:31:49 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Krzysztof\Pulpit\OTL.exe[2009-07-02 16:31:31 | 00,359,929 | ---- | C] () -- C:\Documents and Settings\Krzysztof\Pulpit\dds.pif[2009-07-02 16:31:03 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF[2009-07-02 14:58:50 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Krzysztof\Pulpit\HijackThis.lnk[2009-07-02 14:58:49 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro[2009-07-02 14:58:13 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Krzysztof\Pulpit\HJTInstall.exe[2009-07-02 14:58:11 | 14,716,808 | ---- | C] (Doctor Web, Ltd.) -- C:\Documents and Settings\Krzysztof\Pulpit\n4m75qv5.exe[2009-07-02 14:48:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Krzysztof\Pulpit\malu[2009-07-02 13:43:51 | 10,737,41824 | ---- | C] () -- C:\Documents and Settings\Krzysztof\Pulpit\backup.1.07.part1.rar[2009-07-02 13:36:03 | 00,900,944 | ---- | C] () -- C:\Documents and Settings\Krzysztof\Pulpit\3danalyzer-v236.exe[2009-06-30 18:30:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Krzysztof\Pulpit\1[2009-06-24 09:47:38 | 00,019,812 | ---- | C] () -- C:\Documents and Settings\Krzysztof\Moje dokumenty\MARCEL DUCHAMP, dali surrealizm.docx[2009-06-24 00:18:27 | 00,031,209 | ---- | C] () -- C:\Documents and Settings\Krzysztof\Moje dokumenty\FOWIZM.docx[2009-06-24 00:05:00 | 00,020,534 | ---- | C] () -- C:\Documents and Settings\Krzysztof\Moje dokumenty\ASAMBLAŻ, pop art mal materii.docx[2009-06-23 10:01:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Krzysztof\Moje dokumenty\sens zycia[2009-06-23 00:43:32 | 00,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbccgp.sys[2009-06-23 00:43:32 | 00,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys[2009-06-18 10:08:13 | 00,032,768 | ---- | C] () -- C:\Documents and Settings\Krzysztof\Moje dokumenty\POSTIMPRESJONIZM.doc[2008-10-05 16:52:59 | 00,000,506 | ---- | C] () -- C:\WINDOWS\cdplayer.ini[2008-08-31 13:40:29 | 00,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll[2008-08-31 13:38:58 | 00,000,021 | ---- | C] () -- C:\WINDOWS\kit.ini[2008-08-31 13:08:42 | 00,000,077 | ---- | C] () -- C:\WINDOWS\adidsl.ini[2008-08-31 13:08:42 | 00,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini[2008-08-31 13:08:37 | 00,000,342 | ---- | C] () -- C:\WINDOWS\adiras.ini[2008-08-31 13:08:36 | 00,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll[2008-08-31 13:08:35 | 00,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll[2008-08-18 14:27:42 | 00,034,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\epfwtdir.sys[2008-05-05 22:16:46 | 02,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll[2008-04-19 15:37:20 | 00,112,688 | ---- | C] () -- C:\WINDOWS\System32\shw32.dll[2008-02-27 22:52:34 | 00,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini[2008-02-05 23:33:30 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI[2008-02-01 23:29:56 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll[2008-02-01 23:29:50 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll[2008-02-01 23:29:50 | 01,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll[2008-02-01 23:29:50 | 00,282,624 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll[2008-02-01 23:29:45 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll[2008-02-01 23:29:45 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest[2008-01-27 16:32:53 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini[2008-01-26 21:20:52 | 00,000,020 | ---- | C] () -- C:\WINDOWS\RaUI.INI[2008-01-26 21:20:23 | 00,303,234 | ---- | C] () -- C:\WINDOWS\System32\Install7x.dll[2008-01-26 21:16:36 | 00,001,809 | ---- | C] () -- C:\WINDOWS\if42le.ini[2008-01-26 21:16:36 | 00,000,299 | ---- | C] () -- C:\WINDOWS\Pexplore.ini[2008-01-26 21:14:34 | 00,000,124 | ---- | C] () -- C:\WINDOWS\SCNDRVU.INI[2008-01-26 21:13:41 | 00,015,360 | R--- | C] () -- C:\WINDOWS\System32\GetInst32.dll[2008-01-24 18:37:13 | 00,000,804 | R--- | C] () -- C:\WINDOWS\System32\AsusSetup.ini[2008-01-24 18:37:13 | 00,000,400 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini[2008-01-24 18:36:52 | 00,025,980 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini[2008-01-24 18:36:19 | 00,025,801 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini[2008-01-24 18:36:19 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys[2008-01-24 18:36:05 | 00,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS[2007-06-28 18:43:00 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll[2007-06-28 18:43:00 | 01,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll[2007-06-28 18:43:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll[2007-06-28 18:43:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll[2007-06-28 18:43:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll[2006-03-02 14:00:00 | 00,000,599 | ---- | C] () -- C:\WINDOWS\win.ini[2006-03-02 14:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini[2005-02-03 02:50:28 | 00,004,224 | ---- | C] () -- C:\WINDOWS\System32\StarOpen.sys========== Files - Modified Within 30 Days ==========[1 C:\WINDOWS\System32\*.tmp files][1 C:\WINDOWS\*.tmp files][2009-07-02 16:49:28 | 11,809,6036 | ---- | M] () -- C:\Documents and Settings\Krzysztof\Pulpit\backup.1.07.part2.rar.part[2009-07-02 16:33:37 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Krzysztof\Pulpit\backup.1.07.part2.rar[2009-07-02 16:32:21 | 00,781,909 | ---- | M] () -- C:\Documents and Settings\Krzysztof\Pulpit\RSIT.exe[2009-07-02 16:32:07 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Krzysztof\Pulpit\OTL.exe[2009-07-02 16:31:32 | 00,359,929 | ---- | M] () -- C:\Documents and Settings\Krzysztof\Pulpit\dds.pif[2009-07-02 16:14:04 | 10,737,41824 | ---- | M] () -- C:\Documents and Settings\Krzysztof\Pulpit\backup.1.07.part1.rar[2009-07-02 15:01:52 | 14,716,808 | ---- | M] (Doctor Web, Ltd.) -- C:\Documents and Settings\Krzysztof\Pulpit\n4m75qv5.exe[2009-07-02 14:58:50 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Krzysztof\Pulpit\HijackThis.lnk[2009-07-02 14:58:39 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Krzysztof\Pulpit\HJTInstall.exe[2009-07-02 14:26:41 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini[2009-07-02 13:36:11 | 00,900,944 | ---- | M] () -- C:\Documents and Settings\Krzysztof\Pulpit\3danalyzer-v236.exe[2009-07-02 13:33:40 | 00,209,920 | ---- | M] () -- C:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2009-07-02 13:14:19 | 00,481,234 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat[2009-07-02 13:14:19 | 00,423,718 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat[2009-07-02 13:14:19 | 00,089,048 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat[2009-07-02 13:14:19 | 00,071,154 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat[2009-07-02 13:14:18 | 01,079,008 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI[2009-07-02 13:10:26 | 00,759,992 | ---- | M] () -- C:\WINDOWS\System32\nvdb02.adghz[2009-07-02 13:10:22 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT[2009-07-02 13:10:21 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2009-07-01 18:57:48 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2009-06-24 10:16:16 | 00,019,812 | ---- | M] () -- C:\Documents and Settings\Krzysztof\Moje dokumenty\MARCEL DUCHAMP, dali surrealizm.docx[2009-06-24 09:44:14 | 00,020,534 | ---- | M] () -- C:\Documents and Settings\Krzysztof\Moje dokumenty\ASAMBLAŻ, pop art mal materii.docx[2009-06-24 02:46:45 | 00,031,209 | ---- | M] () -- C:\Documents and Settings\Krzysztof\Moje dokumenty\FOWIZM.docx[2009-06-18 10:08:13 | 00,032,768 | ---- | M] () -- C:\Documents and Settings\Krzysztof\Moje dokumenty\POSTIMPRESJONIZM.doc[2009-06-18 09:52:08 | 00,000,004 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx[2009-06-18 09:52:07 | 00,000,156 | ---- | M] () -- C:\WINDOWS\Twunk001.MTX[2009-06-11 17:15:21 | 02,019,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT========== LOP Check ==========[2009-03-15 02:13:04 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji[2008-01-24 18:55:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ahead[2008-07-13 11:18:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CyberLink[2008-04-12 14:38:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DVD Shrink[2008-01-25 12:02:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET[2008-09-11 21:57:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet[2008-01-27 19:23:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe[2008-01-26 21:16:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Newsoft[2008-04-13 00:18:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony[2009-07-02 13:10:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP[2008-01-27 16:30:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ZoomBrowser[2008-01-24 19:04:39 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji[2009-04-04 21:36:49 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Krzysztof\Dane aplikacji[2008-02-04 09:51:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Krzysztof\Dane aplikacji\Ahead[2008-04-18 22:04:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Krzysztof\Dane aplikacji\BinarySense[2008-02-07 22:30:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Krzysztof\Dane aplikacji\Canon[2008-07-10 15:15:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Krzysztof\Dane aplikacji\Corel[2008-07-13 11:18:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Krzysztof\Dane aplikacji\CyberLink[2009-03-07 22:33:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Krzysztof\Dane aplikacji\DeepBurner Pro[2009-05-09 20:10:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Krzysztof\Dane aplikacji\DMCache[2009-01-10 12:39:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Krzysztof\Dane aplikacji\DVD Flick[2008-07-10 12:12:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Krzysztof\Dane aplikacji\Gadu-Gadu[2009-05-10 09:17:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Krzysztof\Dane aplikacji\IDM[2008-02-27 22:52:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Krzysztof\Dane aplikacji\InterTrust[2008-02-19 21:19:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Krzysztof\Dane aplikacji\Micrografx[2008-02-04 01:24:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Krzysztof\Dane aplikacji\NewSoft[2009-01-07 15:14:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Krzysztof\Dane aplikacji\Nowe Gadu-Gadu[2008-04-13 00:23:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Krzysztof\Dane aplikacji\Publish Providers[2008-04-13 00:31:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Krzysztof\Dane aplikacji\Sony[2009-03-16 22:57:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Krzysztof\Dane aplikacji\uTorrent[2008-01-24 18:32:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji[2008-01-24 18:31:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji[2006-03-02 14:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini[2009-07-02 13:10:22 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT========== Purity Check ==================== Alternate Data Streams ==========@Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:0A8E2C33@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:2BE9FEFC< End of report > RSIT'a : Logfile of random's system information tool 1.06 (written by random/random)Run by Krzysztof at 2009-07-02 16:52:01Microsoft Windows XP Home Edition Dodatek Service Pack 3System drive C: has 61 GB (51%) free of 120 GBTotal RAM: 2046 MB (55% free)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 16:52:11, on 2009-07-02Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\system32\CTsvcCDA.exeC:\Program Files\Creative\Shared Files\CTDevSrv.exeC:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exeC:\Program Files\Common Files\BinarySense\hldasvc.exeC:\Program Files\Common Files\BinarySense\hldasvc.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\CyberLink\Shared Files\RichVideo.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exeC:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exeC:\Program Files\Canon\CAL\CALMAIN.exeC:\Program Files\Analog Devices\Core\smax4pnp.exeC:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exeC:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exeC:\PROGRA~1\NEOSTR~1\CnxMon.exeC:\PROGRA~1\NEOSTR~1\TaskbarIcon.exeC:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exeC:\Program Files\ESET\ESET NOD32 Antivirus\egui.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Creative\Creative Media Lite\CTZDetec.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exeC:\Program Files\RALINK\Common\RaUI.exeC:\Program Files\Microsoft Office\Office12\ONENOTEM.EXEC:\WINDOWS\system32\wuauclt.exeC:\PROGRA~1\NEOSTR~1\NeostradaTP.exeC:\PROGRA~1\NEOSTR~1\ComComp.exeC:\PROGRA~1\NEOSTR~1\Watch.exeC:\WINDOWS\explorer.exeC:\Documents and Settings\Krzysztof\Pulpit\n4m75qv5.exeC:\DOCUME~1\KRZYSZ~1\USTAWI~1\Temp\RarSFX0\x4krue.exeC:\DOCUME~1\KRZYSZ~1\USTAWI~1\Temp\RarSFX0\2p3p5.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Documents and Settings\Krzysztof\Pulpit\OTL.exeC:\Documents and Settings\Krzysztof\Pulpit\RSIT.exeC:\Program Files\Trend Micro\HijackThis\Krzysztof.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.plR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaR3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLLO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exeO4 - HKLM\..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exeO4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exeO4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exeO4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exeO4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /iconO4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitserviceO4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [CTZDetec.exe] C:\Program Files\Creative\Creative Media Lite\CTZDetec.exeO4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exeO4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hiddenO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - Startup: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXEO4 - Global Startup: Action Manager 32.lnk = C:\Program Files\Plustek\OpticPro ST48\AM32.exeO4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exeO4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exeO8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO17 - HKLM\System\CCS\Services\Tcpip\..\{876CA56A-B895-4404-884E-807C22596F21}: NameServer = 194.204.159.1 217.98.63.164O17 - HKLM\System\CCS\Services\Tcpip\..\{B86A7B74-66BA-4D63-A761-20E2ADB3A4C1}: NameServer = 194.204.159.1,194.204.152.34O18 - Protocol: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - "C:\Program Files\Common Files\BinarySense\hlAPP.dll" (file missing)O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exeO23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exeO23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exeO23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exeO23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exeO23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: HDDlife HDD Access service - BinarySense, Inc. - C:\Program Files\Common Files\BinarySense\hldasvc.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exeO23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe--End of file - 9398 bytes======Registry dump======[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-07-07 1562448][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-12-18 868352]"WrtMon.exe"=C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe [2006-09-20 20480]"WooCnxMon"=C:\PROGRA~1\NEOSTR~1\CnxMon.exe [2003-10-16 24576]"WOOWATCH"=C:\PROGRA~1\NEOSTR~1\Watch.exe [2003-10-16 20480]"WOOTASKBARICON"=C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe [2003-10-16 53248]"SpeedTouch USB Diagnostics"=C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [2004-01-26 866816]"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-08-18 1447168][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]"CTZDetec.exe"=C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe [2007-12-18 401408]"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-08-18 1832272]"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-04-19 484904]C:\Documents and Settings\All Users\Menu Start\Programy\AutostartAction Manager 32.lnk - C:\Program Files\Plustek\OpticPro ST48\AM32.exeAdobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeDSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exeRalink Wireless Utility.lnk - C:\Program Files\RALINK\Common\RaUI.exeC:\Documents and Settings\Krzysztof\Menu Start\Programy\AutostartTworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]"dontdisplaylastusername"=0"legalnoticecaption"="legalnoticetext"="shutdownwithoutlogon"=1"undockwithoutlogon"=1[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]"NoDriveTypeAutoRun"=145"NoDrives"=0[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]"NoDriveAutoRun"="NoDriveTypeAutoRun"="NoDrives"="HonorAutoRunSetting"=[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019""C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote""C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour""%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000""C:\Program Files\Gadu-Gadu\gg.exe"="C:\Program Files\Gadu-Gadu\gg.exe:*:Disabled:Gadu-Gadu - program główny""C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb""C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray""C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client""C:\Program Files\Nowe Gadu-Gadu\gg.exe"="C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Disabled:Nowe Gadu-Gadu beta""F:\setup.exe"="F:\setup.exe:*:Enabled:setup.exe""C:\WINDOWS\system\services.exe"="C:\WINDOWS\system\services.exe:*:Enabled:services.exe""G:\setup.exe"="G:\setup.exe:*:Enabled:setup.exe""C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019""%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{438cfc16-e4d1-11dd-9788-0008a1b74304}]shell\AutoRun\command - G:\8paf1d.comshell\open\command - G:\8paf1d.com[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{54df829e-e25f-11dd-977d-0008a1b74304}]shell\AutoRun\command - G:\q9.cmdshell\open\command - G:\q9.cmd[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5b718a39-0bbd-11dd-959d-0008a1b74304}]shell\AutoRun\command - setup.exe[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{685724cc-d703-11dc-9500-0008a1b74304}]shell\Auto\command - G:\activexdebugger32.exe fshell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL activexdebugger32.exe fshell\explore\command - G:\activexdebugger32.exe fshell\open\command - G:\activexdebugger32.exe f[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6af0e491-11e1-11dd-95b1-0008a1b74304}]shell\AutoRun\command - G:\8de.batshell\explore\command - G:\8de.batshell\open\command - G:\8de.bat[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{813096d0-d411-11dc-94f7-0008a1b74304}]shell\Auto\command - activexdebugger32.exe fshell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL activexdebugger32.exe fshell\explore\command - activexdebugger32.exe fshell\open\command - activexdebugger32.exe f======List of files/folders created in the last 1 months======2009-07-02 16:52:01 ----D---- C:\rsit2009-07-02 16:31:03 ----HD---- C:\WINDOWS\PIF2009-07-02 14:58:49 ----D---- C:\Program Files\Trend Micro2009-06-11 16:35:26 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$2009-06-11 16:35:21 ----HDC---- C:\WINDOWS\$NtUninstallKB969897$2009-06-11 16:35:18 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$2009-06-11 16:35:14 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$2009-06-11 11:34:26 ----HDC---- C:\WINDOWS\$NtUninstallKB969898$======List of files/folders modified in the last 1 months======2009-07-02 16:50:08 ----D---- C:\WINDOWS\temp2009-07-02 16:31:03 ----D---- C:\WINDOWS2009-07-02 16:29:20 ----D---- C:\Program Files\Mozilla Firefox2009-07-02 15:13:46 ----RSD---- C:\WINDOWS\Fonts2009-07-02 15:13:46 ----HD---- C:\Program Files\InstallShield Installation Information2009-07-02 15:11:33 ----D---- C:\Program Files\Common Files\Macromedia2009-07-02 15:11:29 ----D---- C:\Documents and Settings\Krzysztof\Dane aplikacji\Macromedia2009-07-02 14:58:49 ----RD---- C:\Program Files2009-07-02 14:26:41 ----A---- C:\WINDOWS\NeroDigital.ini2009-07-02 14:24:52 ----D---- C:\WINDOWS\Prefetch2009-07-02 13:20:55 ----D---- C:\Program Files\Odkurzacz2009-07-02 13:14:19 ----D---- C:\WINDOWS\system322009-07-02 13:14:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI2009-07-02 13:13:37 ----D---- C:\Program Files\Neostrada TP2009-07-02 13:10:26 ----AD---- C:\Documents and Settings\All Users\Dane aplikacji\TEMP2009-07-01 20:08:21 ----A---- C:\WINDOWS\SchedLgU.Txt2009-06-23 10:17:44 ----D---- C:\Documents and Settings\Krzysztof\Dane aplikacji\skypePM2009-06-23 00:43:40 ----RSHDC---- C:\WINDOWS\system32\dllcache2009-06-23 00:43:35 ----D---- C:\WINDOWS\system32\drivers2009-06-23 00:43:17 ----D---- C:\WINDOWS\system32\CatRoot22009-06-22 16:47:39 ----D---- C:\Documents and Settings\Krzysztof\Dane aplikacji\Skype2009-06-16 20:33:27 ----HD---- C:\WINDOWS\inf2009-06-11 21:19:44 ----D---- C:\Program Files\ALLPlayer2009-06-11 16:36:01 ----SHD---- C:\WINDOWS\Installer2009-06-11 16:36:01 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help2009-06-11 11:35:16 ----HD---- C:\WINDOWS\$hf_mig$======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-08-18 53256]R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-08-18 34312]R1 intelppm;Sterownik procesora Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]R1 NVTCP;NVIDIA TCP/IP Protocol Driver; C:\WINDOWS\System32\DRIVERS\NVTcp.sys [2006-08-07 110080]R1 WS2IFSL;Środowisko wspomagające dostawcę usług innych niż IFS - Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-01-26 21275]R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-08-18 39944]R3 ADIDTSFiltService;ADI DTS Filter Service; C:\WINDOWS\system32\drivers\adidts.sys [2006-12-08 139776]R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-01-16 293888]R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-08-07 93952]R3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\system32\DRIVERS\alcan5wn.sys [2003-12-08 53600]R3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2003-12-08 70688]R3 Arp1394;Protokół klienta 1394 ARP; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]R3 HDAudBus;Sterownik magistrali Microsoft UAA dla High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]R3 NIC1394;Sterownik sieci 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-06-28 6807328]R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-08-07 52736]R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-08-07 18944]R3 usbehci;Sterownik Miniport rozszerzonego kontrolera hosta USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]R3 usbhub;Koncentrator z obsługą USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]R3 usbohci;Sterownik Miniport otwartego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]R3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]S1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []S3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]S3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]S3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-05-12 343168]S3 SONYPVU1;Sterownik filtru USB Sony (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]S3 usbscan;Sterownik skanera USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2005-09-30 96341]R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]R2 CTDevice_Srv;CT Device Query service; C:\Program Files\Creative\Shared Files\CTDevSrv.exe [2007-04-02 61440]R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-08-18 468224]R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe [2006-09-08 172032]R2 HDDlife HDD Access service;HDDlife HDD Access service; C:\Program Files\Common Files\BinarySense\hldasvc.exe [2008-02-15 832760]R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-30 152984]R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-04-19 75304]R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [2006-09-08 172090]R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-06-28 155716]R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-04-12 72704]S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-08-18 19200]S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-02-05 654848]S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-05 138168]S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; D:\programs\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-08 271920]S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; D:\programs\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016]S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]-----------------EOF----------------- info.txt logfile of random's system information tool 1.06 2009-07-02 16:52:13======Uninstall list======-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1A99CB37-AEB0-492F-A85A-8A2536D22393}\setup.exe" -l0x9 -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4}2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4}2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4}2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0415-0000-0000000FF1CE} /uninstall {2D1F88C2-ADAE-47C4-8648-6EA8F7E6EB2D}2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0415-0000-0000000FF1CE} /uninstall {94A4609B-0414-4427-81F3-0FD282A2D0D3}2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0415-0000-0000000FF1CE} /uninstall {72776234-19F1-4688-9312-85FAF07143F4}2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}ABBYY FineReader 6.0 Sprint-->MsiExec.exe /X{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}Adobe Acrobat 5.0 CE-->C:\WINDOWS\ISUN0415.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0 CE\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0 CE\NT\Uninst.dll"Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}Adobe After Effects 5.5-->MsiExec.exe /I{31851B85-C98E-44DE-8750-9843BCD63963}Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}Adobe Color Common Settings-->C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exeAdobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5102}Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exeAdobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}Adobe Flash CS3-->MsiExec.exe /I{6B52140A-F189-4945-BFFC-DB3F00B8C589}Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exeAdobe Flash Player 9 ActiveX-->MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}Adobe Flash Video Encoder-->MsiExec.exe /I{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}Adobe Illustrator CS2-->msiexec /I {B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}Adobe Photoshop 7.0 CE-->C:\WINDOWS\ISUN0415.EXE -f"C:\Program Files\Adobe\Photoshop 7.0 CE\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0 CE\Uninst.dll"Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\719d6f144d0c086a0dfa7ff76bb9ac1\Setup.exeAdobe Photoshop CS3-->MsiExec.exe /I{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}Adobe Premiere Elements 4.0 Templates-->msiexec /I {F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}Adobe Premiere Elements 4.0 Templates-->MsiExec.exe /I{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}Adobe Premiere Elements 4.0-->msiexec /I {3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}Adobe Premiere Elements 4.0-->MsiExec.exe /I{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}Adobe Setup-->MsiExec.exe /I{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}Adobe SVG Viewer 3.0-->C:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.logAdobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}Aktualizacja dla systemu Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"Aktualizacja dla systemu Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"Aktualizacja dla systemu Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"Aktualizacja dla systemu Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"Aktualizacja krytyczna dla programu Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla programu Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla programu Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla programu Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.infAktualizacja zabezpieczeń dla systemu Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla systemu Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"Aktualizacja zabezpieczeń dla Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"ALLPlayer V3.X-->"C:\Program Files\ALLPlayer\unins000.exe"Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exeCanon Camera Access Library-->"C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"Canon Camera Support Core Library-->"C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"Canon Camera Window DC_DV 5 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "D:\CameraWindow\CameraWindowDVC\Uninst.ini"Canon Camera Window DC_DV 6 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "D:\CameraWindow\CameraWindowDVC6\Uninst.ini"Canon Camera Window MC 6 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "D:\CameraWindow\CameraWindowMC\Uninst.ini"Canon RAW Image Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "D:\RAW Image Task\Uninst.ini"Canon RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "D:\CameraWindow\RemoteCaptureTask DC\Uninst.ini"Canon Utilities Digital Photo Professional 2.2-->"C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "D:\Digital Photo Professional\Uninst.ini"Canon Utilities EOS Utility-->"C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "D:\EOS Utility\Uninst.ini"Canon Utilities PhotoStitch-->"C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "D:\PhotoStitch\Uninst.ini"Canon Utilities ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "D:\ZoomBrowser EX\Program\Uninst.ini"Corel Applications-->C:\WINDOWS\Corel\Uninst32.exeCorelDRAW ESSENTIALS-->MsiExec.exe /I{CFE78643-3CDB-46EF-9677-795415937ABB}Creative Media Lite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1A99CB37-AEB0-492F-A85A-8A2536D22393}\setup.exe" -l0x9 /removeCreative ZEN Stone User's Guide-->"C:\Program Files\Creative\Creative ZEN Stone\UGRemove.exe" /Product_Name:ZENStoneUGDeepBurner Pro v1.9.0.228-->"C:\Program Files\Astonsoft\DeepBurner Pro\Uninstall.exe" "C:\Program Files\Astonsoft\DeepBurner Pro\install.log" -uDVD Flick-->"C:\Program Files\DVD Flick\unins000.exe"DVD Shrink 3.2-->"D:\programs\DVD Shrink\unins000.exe"DVD Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstallESET NOD32 Antivirus-->MsiExec.exe /I{20E26A4C-07BA-4BED-9FB3-145CF0304383}Flash Slideshow Maker Pro 4.87-->C:\Program Files\Flash Slideshow Maker Professional\uninst.exeGoogle Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"HDDlife Pro 3.1-->MsiExec.exe /X{E81D9FF6-B45F-4DD4-9673-86B08AF6F705}High Definition Audio Driver Package - KB888111-->C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exeHijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstallHotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}K-Lite Codec Pack 3.7.0 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"Microsoft Office Excel MUI (Polish) 2007-->MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE}Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLLMicrosoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}Microsoft Office OneNote MUI (Polish) 2007-->MsiExec.exe /X{90120000-00A1-0415-0000-0000000FF1CE}Microsoft Office PowerPoint MUI (Polish) 2007-->MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE}Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE}Microsoft Office Proofing (Polish) 2007-->MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE}Microsoft Office Shared MUI (Polish) 2007-->MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE}Microsoft Office Word MUI (Polish) 2007-->MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE}Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)-->MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}Mozilla Firefox (3.0.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exeMSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}NAPIPROJEKT 1.0.6.2-->"C:\Program Files\NAPI-PROJEKT\unins000.exe"Neostrada TP-->C:\PROGRA~1\NEOSTR~1\SondageDesinstallation.exeNero 7 Essentials-->MsiExec.exe /X{A2104078-AAA5-449E-95DD-55C9443A1045}neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}Nowe Gadu-Gadu-->C:\Program Files\Nowe Gadu-Gadu\Uninstall.exeNVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUINVIDIA ForceWare Network Access Manager-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{1F6423DE-7959-4178-80E0-023C7EAA5347} /l1045 Odkurzacz 11.2 Pro-->"C:\Program Files\Odkurzacz\unins000.exe"PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}PinholeDesigner 2.0-->"C:\Program Files\PinholeDesigner\unins000.exe"Plustek OpticPro ST48 V4.0.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5265664F-6128-405C-9225-9782A85954FD}\setup.exe" -l0x15 Poprawka dla programu Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"Poprawka dla systemu Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstallPowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstallPresto! ImageFolio 4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{783033B0-D8E6-11D5-9293-0050BA073EEC}\Setup.exe" -l0x9 -uninst -removeonlyPresto! Mr. Photo 4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAF7A270-55D5-455F-B0D1-6C51EADC1C3A}\Setup.exe" -l0x9 -uninst -removeonlyPresto! PageManager 7.10-->C:\Program Files\InstallShield Installation Information\{99D5EF59-CF6F-4030-901B-4DDDB7F99403}\Setup.exe -runfromtemp -l0x0009 -anything -removeonlyRalink Wireless LAN Card-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E91E8912-769D-42F0-8408-0E329443BABC}\setup.exe" -l0x9 -removeonlyRealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0SAGEM F@st 800-840-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe" -l0x15 SecurDisc Viewer-->MsiExec.exe /X{ABD1DC2F-0D20-4C44-BEB9-3EEFA0EA1045}Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73}Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780}Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}Security Update for Visio 2007 (KB947590)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}Shut Down-O-Matic-->C:\Program Files\Shut Down-O-Matic\Uninstall.exeSkype? 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}Smart Start UP-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C9241DC-E141-4BB9-99F2-0BC54D81862F}\setup.exe" -l0x9 -removeonlySonic Foundry 5.1 Surround Plug-In Pack 1.0-->MsiExec.exe /I{10BE781F-8317-4500-A283-D30E7FB0763F}Sonic Foundry CD Architect 5.0-->MsiExec.exe /I{28C80CD6-14DF-42E7-B460-CBF194A6439C}Sony DVD Architect 3.0-->MsiExec.exe /X{41B9A86B-390C-49AC-B900-F68420867D99}Sony Media Manager 2.0-->MsiExec.exe /X{C589B6DE-F7BF-4E22-8524-53E115EF6AB4}Sony Sound Forge 8.0-->MsiExec.exe /X{767572FD-4D01-4FA3-B0A6-4B09FB2CFC37}Sony Vegas 6.0-->MsiExec.exe /X{5FCE0BF9-A1AA-4FA3-A28C-F62431CD52C4}SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe" -l0x15 -removeonlySpeedTouch USB Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}\Setup.exe" /l0009 -Control_PanelSpybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}VLC media player 0.9.6-->C:\Program Files\VideoLAN\VLC\uninstall.exeWinamp Toolbar for Firefox-->"C:\Documents and Settings\Krzysztof\Dane aplikacji\Mozilla\Firefox\Profiles\9wfu3ejb.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\uninstall.exe"Winamp-->"C:\Program Files\Winamp\UninstWA.exe"Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAllWindows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /UninstallWindows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"=====HijackThis Backups=====O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [2009-07-02]O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot [2009-07-02]O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" [2009-07-02]O4 - HKCU\..\Run: [Odkurzacz-MCD] C:\Program Files\Odkurzacz\odk_mcd.exe [2009-07-02]O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2009-07-02]O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\programs\Reader\Reader_sl.exe" [2009-07-02]O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [2009-07-02]O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2009-07-02]O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background [2009-07-02]O4 - HKCU\..\Run: [Nowe Gadu-Gadu] "C:\Program Files\Nowe Gadu-Gadu\gg.exe" [2009-07-02]O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" [2009-07-02]O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2009-07-02]O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" [2009-07-02]O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [2009-07-02]O3 - Toolbar: (no name) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - (no file) [2009-07-02]O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2009-07-02]O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (file missing) [2009-07-02]O4 - HKLM\..\Run: [nwiz] nwiz.exe /install [2009-07-02]======System event log======Computer Name: KRZYSZTO-CC0FC7Event Code: 7036Message: Usługa Menedżer połączeń usługi Dostęp zdalny weszła w stan uruchomienia.Record Number: 28768Source Name: Service Control ManagerTime Written: 20090523144906.000000+120Event Type: informacjeUser: Computer Name: KRZYSZTO-CC0FC7Event Code: 7035Message: Do usługi Menedżer połączeń usługi Dostęp zdalny został pomyślnie wysłany kod sterowania uruchom.Record Number: 28767Source Name: Service Control ManagerTime Written: 20090523144906.000000+120Event Type: informacjeUser: ZARZĄDZANIE NT\SYSTEMComputer Name: KRZYSZTO-CC0FC7Event Code: 7036Message: Usługa Telefonia weszła w stan uruchomienia.Record Number: 28766Source Name: Service Control ManagerTime Written: 20090523144906.000000+120Event Type: informacjeUser: Computer Name: KRZYSZTO-CC0FC7Event Code: 7036Message: Usługa Usługa bramy warstwy aplikacji weszła w stan uruchomienia.Record Number: 28765Source Name: Service Control ManagerTime Written: 20090523144906.000000+120Event Type: informacjeUser: Computer Name: KRZYSZTO-CC0FC7Event Code: 7035Message: Do usługi Usługa bramy warstwy aplikacji został pomyślnie wysłany kod sterowania uruchom.Record Number: 28764Source Name: Service Control ManagerTime Written: 20090523144906.000000+120Event Type: informacjeUser: ZARZĄDZANIE NT\SYSTEM=====Application event log=====Computer Name: KRZYSZTO-CC0FC7Event Code: 1Message: Record Number: 2932Source Name: Bonjour ServiceTime Written: 20081001110622.000000+120Event Type: informacjeUser: Computer Name: KRZYSZTO-CC0FC7Event Code: 105Message: The service was started.Record Number: 2931Source Name: Creative Service for CDROM AccessTime Written: 20081001110622.000000+120Event Type: informacjeUser: Computer Name: KRZYSZTO-CC0FC7Event Code: 1000Message: Liczniki wydajności dla usługi WmiApRpl (WmiApRpl) zostały pomyślnie załadowane.Dane rekordu zawierają nowe wartości indeksu przypisanedo tej usługi.Record Number: 2930Source Name: LoadPerfTime Written: 20080930163130.000000+120Event Type: informacjeUser: Computer Name: KRZYSZTO-CC0FC7Event Code: 1001Message: Liczniki wydajności dla usługi WmiApRpl (WmiApRpl) zostały pomyślnie usunięte.Dane rekordu zawierają nowe wartości wpisów Last Counter (ostatni licznik)i Last Help (ostatnia Pomoc) do Rejestru systemowego.Record Number: 2929Source Name: LoadPerfTime Written: 20080930163130.000000+120Event Type: informacjeUser: Computer Name: KRZYSZTO-CC0FC7Event Code: 1800Message: Usługa Centrum zabezpieczeń systemu Windows została uruchomiona.Record Number: 2928Source Name: SecurityCenterTime Written: 20080930162729.000000+120Event Type: informacjeUser: ======Environment variables======"ComSpec"=%SystemRoot%\system32\cmd.exe"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\Microsoft SQL Server\80\Tools\Binn"windir"=%SystemRoot%"FP_NO_HOST_CHECK"=NO"OS"=Windows_NT"PROCESSOR_ARCHITECTURE"=x86"PROCESSOR_LEVEL"=6"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel"PROCESSOR_REVISION"=0f0b"NUMBER_OF_PROCESSORS"=2"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH"TEMP"=%SystemRoot%\TEMP"TMP"=%SystemRoot%\TEMP-----------------EOF----------------- i to chyba wszystko...
Gość komentarz 2 lipca 2009 komentarz 2 lipca 2009 W logach widać tylko szkodliwe podklucze "MountPoints2". 1. Do Notatnika wklej: Windows Registry Editor Version 5.00[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] Z menu Notatnika >>> Plik >>> Zapisz jako >>> Ustaw rozszerzenie na: "Wszystkie pliki" >>> Zapisz jako FIX.REG>>> plik uruchom (dwuklik i OK- zgódź się na dodanie do Rejestru). Zrestartuj komputer. 2. Posprzątaj po DDS i różnych narzędziach >>> OTCleanIt. 3. Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum. 4. Użyj programu Malwarebytes. Wciskamy Skanuj, wybieramy dyski do skanowania i Rozpoczynamy skanowanie, na końcu wciskamy Usuń zaznaczone jak będą i Ok. Wrzuć wygenerowany raport po usuwaniu MBAMem. .
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.