cezarpiotr utworzono 18 lipca 2009 utworzono 18 lipca 2009 ComboFix 09-07-14.08 - cezarpiotr 2009-07-18 15:43.2.2 - NTFSx86Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.48.1045.18.3070.2062 [GMT 2:00]Uruchomiony z: c:\users\cezarpiotr\Desktop\ComboFix.exeAV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}FW: Zapora osobista *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}SP: ESET Smart Security 3.0 *disabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}.((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))).c:\windows\Installer\268949.msic:\windows\system32\acovcnt.exe.((((((((((((((((((((((((( Pliki utworzone od 2009-06-18 do 2009-07-18 ))))))))))))))))))))))))))))))).2009-07-18 13:48 . 2009-07-18 13:48 -------- d-----w- c:\users\cezarpiotr\AppData\Local\temp2009-07-16 13:38 . 2009-07-16 13:38 -------- d-----w- c:\program files\DAEMON Tools Toolbar(4)2009-07-15 15:36 . 2009-07-15 15:36 -------- d-----w- c:\program files\DIFX2009-07-15 15:36 . 2009-07-15 15:36 -------- dc----w- c:\windows\system32\DRVSTORE2009-07-15 15:26 . 2009-07-15 15:27 -------- d-----w- c:\program files\Common Files\Corel2009-07-15 15:01 . 2009-07-15 15:01 -------- d-----w- c:\users\cezarpiotr\AppData\Roaming\Media Player Classic2009-07-15 13:21 . 2009-06-15 15:24 156672 ----a-w- c:\windows\system32\t2embed.dll2009-07-15 13:21 . 2009-06-15 15:20 72704 ----a-w- c:\windows\system32\fontsub.dll2009-07-15 13:21 . 2009-06-15 15:20 10240 ----a-w- c:\windows\system32\dciman32.dll2009-07-15 13:21 . 2009-06-15 12:52 289792 ----a-w- c:\windows\system32\atmfd.dll2009-07-14 17:33 . 2009-07-14 21:19 -------- d-----w- c:\users\cezarpiotr\AppData\Roaming\gtk-2.02009-07-14 08:40 . 2009-07-14 08:40 11264 ----a-w- c:\users\cezarpiotr\AppData\Roaming\Nowe Gadu-Gadu\_userdata\npgg.1.dll2009-07-13 17:03 . 2009-07-13 17:03 -------- d-----w- c:\program files\CCleaner2009-07-13 13:11 . 2009-07-13 13:11 -------- d-----w- c:\program files\Lavalys2009-07-13 08:55 . 2008-12-07 18:08 795648 ----a-w- c:\programdata\ALLPlayer\LIVE\XVID\xvidcore.dll2009-07-13 08:55 . 2008-04-14 21:50 1291776 ----a-w- c:\programdata\ALLPlayer\LIVE\QUARTZ\quartzXP.dll2009-07-13 08:55 . 2007-07-05 02:33 892928 ----a-w- c:\programdata\ALLPlayer\LIVE\DOLBY\iconv.dll2009-07-13 08:55 . 2009-07-13 08:55 -------- d-----w- c:\programdata\ALLPlayer2009-07-13 08:55 . 2008-10-28 22:35 684032 ----a-w- c:\programdata\ALLPlayer\LIVE\DIVX\divx.dll2009-07-13 08:55 . 2007-07-05 02:33 892928 ----a-w- c:\windows\system32\iconv.dll2009-07-12 21:22 . 2009-07-12 21:22 -------- d-----w- c:\users\cezarpiotr\AppData\Local\Mozilla2009-07-12 20:10 . 2009-07-12 20:10 -------- d-----w- c:\windows\Sun2009-07-10 14:28 . 2009-07-10 14:28 -------- d-----w- c:\users\cezarpiotr\AppData\Roaming\Malwarebytes2009-07-10 14:28 . 2009-06-17 09:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys2009-07-10 14:28 . 2009-07-10 14:28 -------- d-----w- c:\programdata\Malwarebytes2009-07-10 14:28 . 2009-06-17 09:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys2009-07-10 14:28 . 2009-07-10 15:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2009-07-10 11:13 . 2008-03-03 16:21 568 ---ha-w- c:\windows\nod32fixtemdono.reg2009-07-10 11:13 . 2008-03-03 12:25 5702 ---ha-w- c:\windows\nod32restoretemdono.reg2009-07-10 11:11 . 2009-07-10 11:11 -------- d-----w- c:\program files\ESET2009-07-10 08:29 . 2009-07-10 08:29 -------- d-----w- c:\users\cezarpiotr\AppData\Local\ESET2009-07-09 14:21 . 2009-07-09 14:25 2988 ----a-w- c:\windows\desctemp.dat2009-07-09 13:20 . 2009-07-09 14:42 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files2009-07-06 09:33 . 2009-07-11 13:47 -------- d-----w- c:\users\cezarpiotr\AppData\Local\Microsoft Games2009-07-02 17:48 . 2009-07-02 17:50 -------- d-----w- c:\programdata\Bluetooth2009-07-02 17:45 . 2009-07-02 17:45 -------- d-----w- c:\program files\IVT Corporation2009-07-02 17:27 . 2009-07-17 21:57 12 ----a-w- c:\windows\bthservsdp.dat2009-06-27 07:55 . 2009-06-27 07:55 -------- d-----w- c:\windows\Options2009-06-25 11:51 . 2007-12-06 16:12 196400 ----a-w- c:\windows\system32\drivers\SynTP.sys2009-06-25 11:51 . 2007-12-06 16:12 110592 ----a-w- c:\windows\system32\SynTPCo4.dll2009-06-25 11:51 . 2007-12-06 15:20 147456 ----a-w- c:\windows\system32\SynTPAPI.dll2009-06-25 11:51 . 2007-12-06 15:09 196608 ----a-w- c:\windows\system32\SynCtrl.dll2009-06-25 11:51 . 2007-12-06 15:08 163840 ----a-w- c:\windows\system32\SynCOM.dll2009-06-25 11:51 . 2006-03-09 07:58 1060424 ----a-w- c:\windows\system32\WdfCoInstaller01000.dll2009-06-22 09:23 . 2009-06-22 09:23 -------- d-----w- c:\users\cezarpiotr\AppData\Local\Ascaron Entertainment2009-06-22 09:20 . 2008-07-31 08:41 238088 ----a-w- c:\windows\system32\xactengine3_2.dll2009-06-22 09:20 . 2008-07-31 08:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll2009-06-22 09:20 . 2008-07-31 08:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll2009-06-22 09:20 . 2008-07-12 06:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll2009-06-22 09:20 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll2009-06-22 09:20 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll2009-06-22 09:19 . 2009-06-22 09:19 413696 ----a-w- c:\windows\system32\wrap_oal.dll2009-06-22 09:19 . 2009-06-22 09:19 110592 ----a-w- c:\windows\system32\OpenAL32.dll2009-06-20 10:02 . 2009-07-10 07:22 680 ----a-w- c:\users\cezarpiotr\AppData\Local\d3d9caps.dat2009-06-19 17:13 . 2009-06-19 17:16 -------- d-----w- c:\users\cezarpiotr\AppData\Roaming\Mount&Blade.(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-07-18 13:36 . 2009-05-22 23:47 -------- d--h--w- c:\program files\InstallShield Installation Information2009-07-17 14:47 . 2009-06-12 09:28 2828 --sha-w- c:\windows\system32\KGyGaAvL.sys2009-07-16 15:14 . 2009-05-22 21:17 -------- d-----w- c:\program files\Gadu-Gadu2009-07-16 14:00 . 2009-05-23 10:52 -------- d-----w- c:\users\cezarpiotr\AppData\Roaming\Winamp2009-07-16 14:00 . 2009-05-23 00:23 -------- d-----w- c:\programdata\P4G2009-07-16 14:00 . 2009-05-25 13:28 -------- d-----w- c:\program files\DAEMON Tools Toolbar2009-07-15 15:31 . 2009-06-12 09:28 88 --sh--r- c:\windows\system32\290071F6DD.sys2009-07-15 15:00 . 2009-07-15 14:59 -------- d-----w- c:\program files\K-Lite Codec Pack2009-07-15 14:02 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail2009-07-15 14:02 . 2009-05-23 10:05 -------- d-----w- c:\programdata\Microsoft Help2009-07-13 08:55 . 2009-05-25 15:44 -------- d-----w- c:\program files\NAPI-PROJEKT2009-07-12 14:53 . 2009-05-25 15:35 -------- d-----w- c:\users\cezarpiotr\AppData\Roaming\uTorrent2009-07-12 12:57 . 2008-04-18 00:01 665404 ----a-w- c:\windows\system32\perfh015.dat2009-07-12 12:57 . 2008-04-18 00:01 128164 ----a-w- c:\windows\system32\perfc015.dat2009-06-30 09:42 . 2009-05-22 17:32 -------- d-----w- c:\program files\CyberLink2009-06-26 09:36 . 2009-05-23 00:34 -------- d-----w- c:\program files\Common Files\Adobe2009-06-24 18:45 . 2009-05-23 15:07 -------- d-----w- c:\users\cezarpiotr\AppData\Roaming\HP2009-06-24 18:45 . 2009-05-23 14:51 -------- d-----w- c:\programdata\HP2009-06-24 11:18 . 2009-05-22 17:14 99864 ----a-w- c:\users\cezarpiotr\AppData\Local\GDIPFONTCACHEV1.DAT2009-06-22 09:20 . 2009-06-13 16:40 107888 ----a-w- c:\windows\system32\CmdLineExt.dll2009-06-13 16:42 . 2009-06-13 16:42 -------- d--h--r- c:\users\cezarpiotr\AppData\Roaming\SecuROM2009-06-13 16:38 . 2009-06-13 16:38 22328 ----a-w- c:\users\cezarpiotr\AppData\Roaming\PnkBstrK.sys2009-06-13 16:38 . 2009-06-13 16:38 22328 ----a-w- c:\users\cezarpiotr\AppData\Roaming\PnkBstrK.sys2009-06-12 09:28 . 2009-06-12 09:28 -------- d-----w- c:\users\cezarpiotr\AppData\Roaming\Corel2009-06-12 09:28 . 2009-06-12 09:28 -------- d-----w- c:\programdata\Corel2009-06-08 15:38 . 2009-05-22 23:58 -------- d-----w- c:\program files\Common Files\InstallShield2009-06-08 13:38 . 2009-05-23 15:37 -------- d-----w- c:\programdata\OpenFM2009-06-04 14:09 . 2009-06-04 14:09 -------- d-----w- c:\program files\BearShare Applications2009-06-02 16:11 . 2009-07-15 14:59 85504 ----a-w- c:\windows\system32\ff_vfw.dll2009-05-30 20:22 . 2009-05-23 00:22 -------- d-----w- c:\programdata\ASUS2009-05-29 21:37 . 2009-07-15 14:59 205824 ----a-w- c:\windows\system32\xvidvfw.dll2009-05-29 21:31 . 2009-07-15 14:59 881664 ----a-w- c:\windows\system32\xvidcore.dll2009-05-28 09:23 . 2009-05-28 09:23 42088 ----a-w- c:\users\cezarpiotr\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll2009-05-27 19:24 . 2009-05-27 19:24 -------- d-----w- c:\programdata\VistaCodecs2009-05-26 14:42 . 2009-05-22 17:34 -------- d-----w- c:\programdata\CyberLink2009-05-25 14:09 . 2009-05-25 13:19 -------- d-----w- c:\users\cezarpiotr\AppData\Roaming\DAEMON Tools Lite2009-05-25 13:28 . 2009-05-25 13:28 -------- d-----w- c:\programdata\DAEMON Tools Lite2009-05-25 13:19 . 2009-05-25 13:19 721904 ----a-w- c:\windows\system32\drivers\sptd.sys2009-05-24 19:30 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat2009-05-24 16:26 . 2009-05-24 16:26 410984 ----a-w- c:\windows\system32\deploytk.dll2009-05-24 16:26 . 2009-05-24 16:26 -------- d-----w- c:\program files\Java2009-05-23 15:36 . 2009-05-23 15:36 -------- d-----w- c:\users\cezarpiotr\AppData\Roaming\OpenFM2009-05-23 15:07 . 2009-05-23 15:07 -------- d-----w- c:\programdata\WEBREG2009-05-23 15:06 . 2009-05-23 14:51 178218 ----a-w- c:\windows\hpoins28.dat2009-05-23 15:05 . 2009-05-23 15:05 -------- d-----w- c:\programdata\Hewlett-Packard2009-05-23 15:02 . 2009-05-23 14:54 -------- d-----w- c:\program files\HP2009-05-23 14:59 . 2009-05-23 14:59 -------- d-----w- c:\programdata\HP Product Assistant2009-05-23 14:58 . 2009-05-23 14:58 -------- d-----w- c:\program files\Common Files\HP2009-05-23 14:58 . 2009-05-23 14:58 -------- d-----w- c:\program files\Hewlett-Packard2009-05-23 14:57 . 2009-05-23 14:57 -------- d-----w- c:\program files\Common Files\Hewlett-Packard2009-05-23 14:50 . 2009-05-23 00:12 -------- d-----w- c:\program files\ASUS2009-05-23 10:52 . 2009-05-23 10:52 -------- d-----w- c:\program files\Winamp2009-05-23 10:52 . 2009-05-23 10:52 -------- d-----w- c:\program files\Common Files\PX Storage Engine2009-05-23 10:10 . 2009-05-23 10:10 -------- d-----w- c:\program files\Microsoft Works2009-05-23 10:09 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild2009-05-23 10:08 . 2009-05-23 10:08 -------- d-----w- c:\program files\Microsoft.NET2009-05-23 10:06 . 2009-05-23 10:06 -------- d-----w- c:\program files\Microsoft Visual Studio 82009-05-23 00:41 . 2009-05-23 00:41 0 ----a-w- c:\windows\system32\drivers\1043_ASUSTeK_F5SR.alu2009-05-23 00:25 . 2009-05-23 00:25 33136 ----a-w- c:\windows\ASScrPro.exe2009-05-23 00:25 . 2009-05-23 00:25 4814371 ----a-w- c:\windows\ASUS Camera ScreenSaver.exe2009-05-23 00:25 . 2009-05-23 00:25 47672 ----a-w- c:\windows\AsScrProlog.exe2009-05-23 00:25 . 2009-05-23 00:25 281144 ----a-w- c:\windows\ASUS Camera ScreenSaver Uninstaller.exe2009-05-23 00:25 . 2009-05-23 00:25 520192 ----a-w- c:\windows\system32\Asus_Camera_ScreenSaver.scr2009-05-23 00:23 . 2009-05-23 00:23 -------- d-----w- c:\program files\P4G2009-05-23 00:17 . 2009-05-23 00:17 -------- d-----w- c:\program files\ATKGFNEX2009-05-23 00:16 . 2009-05-23 00:16 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf2009-05-23 00:15 . 2009-05-23 00:15 -------- d-----w- c:\program files\Synaptics2009-05-23 00:09 . 2009-05-23 00:09 -------- d-----w- c:\program files\Atheros2009-05-23 00:09 . 2009-05-23 00:09 -------- d-----w- c:\program files\Cisco2009-05-23 00:09 . 2009-05-23 00:09 -------- d-----w- c:\programdata\Atheros2009-05-22 23:58 . 2009-05-22 23:58 319456 ----a-w- c:\windows\DIFxAPI.dll2009-05-22 23:58 . 2009-05-22 23:58 -------- d-----w- c:\program files\Realtek2009-05-22 23:58 . 2009-05-22 23:58 315392 ----a-w- c:\windows\HideWin.exe2009-05-22 23:48 . 2009-05-22 23:48 -------- d-----w- c:\program files\ATKOSD22009-05-22 23:47 . 2009-05-22 23:47 -------- d-----w- c:\program files\ATK Hotkey2009-05-22 23:44 . 2009-05-22 23:44 0 ----a-w- c:\windows\ativpsrm.bin2009-05-22 23:41 . 2009-05-22 23:41 -------- d-----w- c:\programdata\ATI2009-05-22 23:40 . 2009-05-22 23:40 -------- d-----w- c:\program files\ATK2009-05-22 23:30 . 2009-05-22 23:29 -------- d-----w- c:\program files\ATI Technologies2009-05-22 23:29 . 2009-05-22 23:29 -------- d-----w- c:\program files\ATI2009-05-22 21:20 . 2009-05-22 21:17 -------- d-----w- c:\users\cezarpiotr\AppData\Roaming\Nowe Gadu-Gadu2009-05-22 19:15 . 2009-05-22 19:15 -------- d-----w- c:\users\cezarpiotr\AppData\Roaming\CyberLink2009-05-22 17:33 . 2009-05-22 17:33 36864 ----a-w- c:\programdata\Temp\{40BF1E83-20EB-11D8-97C5-0009C5020658}\PostBuild.exe2009-05-22 17:33 . 2009-05-22 17:33 -------- d-----w- c:\program files\Common Files\LightScribe2009-05-22 17:31 . 2009-05-22 17:32 53319 ----a-w- c:\programdata\Temp\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\PostBuild.exe2009-05-22 17:28 . 2009-05-22 17:28 -------- d-----w- c:\program files\ZTE ZXDSL 8522009-05-22 17:23 . 2009-05-22 23:49 -------- d-----w- c:\program files\Common Files\Symantec Shared2009-05-22 17:22 . 2009-05-22 23:49 -------- d-----w- c:\program files\Symantec2009-05-22 17:22 . 2009-05-22 23:49 -------- d-----w- c:\programdata\Symantec2009-05-22 17:16 . 2009-05-22 17:16 -------- d-----w- c:\users\cezarpiotr\AppData\Roaming\ATI2009-05-22 17:16 . 2009-05-22 17:16 -------- d-----w- c:\users\cezarpiotr\AppData\Roaming\Symantec2009-05-01 21:02 . 2009-07-15 14:59 90112 ----a-w- c:\windows\system32\dpl100.dll2009-05-01 21:02 . 2009-07-15 14:59 685056 ----a-w- c:\windows\system32\divx.dll2009-04-30 12:37 . 2009-06-14 09:14 293376 ----a-w- c:\windows\system32\psisdecd.dll2009-04-30 12:37 . 2009-06-14 09:14 428544 ----a-w- c:\windows\system32\EncDec.dll2009-04-24 16:05 . 2009-06-10 12:21 827904 ----a-w- c:\windows\system32\wininet.dll2009-04-24 16:02 . 2009-06-10 12:21 78336 ----a-w- c:\windows\system32\ieencode.dll2009-04-24 13:44 . 2009-06-10 12:21 26624 ----a-w- c:\windows\system32\ieUnatt.exe2009-04-23 12:43 . 2009-06-10 12:21 784896 ----a-w- c:\windows\system32\rpcrt4.dll2009-04-23 12:42 . 2009-06-10 12:21 636928 ----a-w- c:\windows\system32\localspl.dll2009-07-18 10:25 . 2009-07-12 21:22 137208 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll.((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]"ASUSTPE"="c:\windows\system32\ASUSTPE.exe" [2007-10-12 106496]"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-05-23 47672]"ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2009-05-23 33136]"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-18 104936]"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152]"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-24 148888]"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-07-01 1447168]"Corel File Shell Monitor"="d:\program filest\Corel Paint\CorelIOMonitor.exe" [2008-01-15 16200]"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-01-07 4853760][HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"EnableUIADesktopToggle"= 0 (0x0)[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"mixer2"=wdmaud.drv[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]@="Service"[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]"DisableMonitoring"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]"DisableMonitoring"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]"DisableMonitoring"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]"AntiVirusOverride"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]"TCP Query User{92690226-4C6F-4052-85EA-4B8F828EFF4F}c:\\program files\\gadu-gadu\\gg.exe"= UDP:c:\program files\gadu-gadu\gg.exe:Nowe Gadu-Gadu"UDP Query User{F77DB33F-3CC1-4287-83E1-99FD3C11A78C}c:\\program files\\gadu-gadu\\gg.exe"= TCP:c:\program files\gadu-gadu\gg.exe:Nowe Gadu-Gadu"{1270573F-8984-46DE-89CB-35695FDC3A75}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook"{C3567E3D-7A71-461F-9C6A-DE3A2F323954}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove"{784FEDE9-7BF7-4771-954B-3400BA3BB226}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove"{BB9ACF6C-0B25-46DC-A342-197FA1891A15}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote"{21178EAF-73AB-4FAE-A9BD-7E7D02DD6D6F}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote"{D19A8D7A-C455-4835-AE60-A798FB91D6B7}"= UDP:c:\program files\Winamp\winamp.exe:Winamp"{06928C0B-5828-4339-9E3A-29D45D75F729}"= TCP:c:\program files\Winamp\winamp.exe:Winamp"{6AD86B09-5B2B-4943-A6AF-8D78B85A7E0E}"= c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe"{2D7DC88B-BC18-470B-8EAF-F49531F3FB01}"= c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe"{CD497C33-9608-4F44-AEA6-57822D9AF5AA}"= c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe"{4A02F306-C59C-441C-A0D6-956CE0A06288}"= c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe"{6224A899-3DDB-4A21-BCDD-FD5AFB241F4F}"= c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe"{2CD42BE9-B753-4216-B117-A3A371AD7396}"= c:\program files\Common Files\HP\Digital Imaging\bin\hpqphotocrm.exe:hpqphotocrm.exe"{EB1D5F57-89DB-4E47-BEAD-A523BFD5860D}"= c:\program files\HP\Digital Imaging\bin\hpqsudi.exe:hpqsudi.exe"{0CEC5693-9139-4C52-B55D-2EB6D5A37CDE}"= c:\program files\HP\Digital Imaging\bin\hpqpsapp.exe:hpqpsapp.exe"{BD668F5D-F1F2-4690-B0AD-FC9C73A2ABAD}"= c:\program files\HP\Digital Imaging\bin\hpqpse.exe:hpqpse.exe"{B3D00879-4751-48D2-8D81-FAAF381C8B0C}"= c:\program files\HP\Digital Imaging\bin\hpqgplgtupl.exe:hpqgplgtupl.exe"{4CD6BBE1-FF6C-443C-9CC7-189EC2E05C3F}"= c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe:hpqgpc01.exe"{57C45CA8-A5EF-4658-8627-D6ACC0DBF1A0}"= UDP:d:\program filest\uTorrent.exe:µTorrent (TCP-In)"{4B17E1A1-78E9-4CE3-B358-3CD9650984DE}"= TCP:d:\program filest\uTorrent.exe:µTorrent (UDP-In)"TCP Query User{6F2E8C3B-004A-4843-8B1C-FAA91396FDD9}c:\\program files\\bearshare applications\\bearshare\\bearshare.exe"= UDP:c:\program files\bearshare applications\bearshare\bearshare.exe:BearShare"UDP Query User{EF0AD38C-48D7-4D07-99B3-1284FFD16029}c:\\program files\\bearshare applications\\bearshare\\bearshare.exe"= TCP:c:\program files\bearshare applications\bearshare\bearshare.exe:BearShare"{0CF6497D-6971-4115-9BEB-884ADAD7B239}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA"{D5850A7E-A245-4368-8DDA-307BD0515871}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA"{B32C2C0A-743F-48D2-AE8E-D6049C005E3F}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB"{77B68B01-7C86-448C-8918-9ED0936F9BF7}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB"TCP Query User{35C7D68F-3BD3-4DA9-BAD8-ADA336BD40CF}d:\\gry\\counter-strike 1.6\\hl.exe"= UDP:d:\gry\counter-strike 1.6\hl.exe:Half-Life Launcher"UDP Query User{CC77C9D2-2881-431E-A4D0-696AA33BBD1A}d:\\gry\\counter-strike 1.6\\hl.exe"= TCP:d:\gry\counter-strike 1.6\hl.exe:Half-Life Launcher"TCP Query User{84C4701E-680D-4C3D-BCEA-2879A81FE5AD}c:\\users\\cezarpiotr\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= UDP:c:\users\cezarpiotr\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe:powersoccer.exe"UDP Query User{FE5A9291-B546-4170-9413-A889BC9925BC}c:\\users\\cezarpiotr\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= TCP:c:\users\cezarpiotr\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe:powersoccer.exe"{00A9BE5A-13FD-48CE-8715-3C2EBDE4D069}"= UDP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleil_.exe:BlueSoleil"{5BBC6D7D-D9DF-4806-848E-BD4C8E9006C2}"= TCP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleil_.exe:BlueSoleil"TCP Query User{E03ACB9E-0648-498A-A973-5E4AA77104BA}c:\\program files\\java\\jre6\\bin\\javaw.exe"= UDP:c:\program files\java\jre6\bin\javaw.exe:Java Platform SE binary"UDP Query User{AD8F86FD-B284-4E36-9EBE-05792353AE5D}c:\\program files\\java\\jre6\\bin\\javaw.exe"= TCP:c:\program files\java\jre6\bin\javaw.exe:Java Platform SE binaryR2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2008-07-01 468224]R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\System32\drivers\SiSGB6.sys [2009-05-23 47616]R3 Stmatm;ATM/ADSL miniport;c:\windows\System32\drivers\stmatm.sys [2009-05-22 60533]R3 TaurusUsb;ADSL Modem USB Service;c:\windows\System32\drivers\torususb.sys [2009-05-22 688864]S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\System32\regedt32.exe [2006-11-02 9216]S3 w900bus;Sony Ericsson 900i driver (WDM);c:\windows\System32\drivers\w900bus.sys [2009-06-08 58256][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvcbthsvcs REG_MULTI_SZ BthServ[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]"c:\program files\Common Files\LightScribe\LSRunOnce.exe"..------- Skan uzupełniający -------.uStart Page = hxxp://www.google.pl/IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000FF - ProfilePath - c:\users\cezarpiotr\AppData\Roaming\Mozilla\Firefox\Profiles\f5xa8sz9.default\FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dllFF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dllFF - plugin: c:\users\cezarpiotr\AppData\Roaming\Nowe Gadu-Gadu\_userdata\npgg.1.dll---- FIREFOX - SPOSÓB POSTĘPOWANIA ----c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-07-18 15:48Windows 6.0.6001 Service Pack 1 NTFSskanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------[HKEY_USERS\S-1-5-21-1182786750-1517702924-562719952-1000\Software\SecuROM\License information*]"datasecu"=hex:a8,a0,06,1d,b3,4f,30,67,27,08,98,89,5d,fb,2e,a1,b3,03,ae,f6,39, 09,9b,cc,e9,d2,10,83,39,be,b2,0e,db,5d,29,3d,e5,5c,ea,45,89,14,54,8a,7e,d6,\"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000"MSCurrentCountry"=dword:000000b5[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.Czas ukończenia: 2009-07-18 15:49ComboFix-quarantined-files.txt 2009-07-18 13:49Przed: 98 124 652 544 bajtów wolnychPo: 98 294 636 544 bajtów wolnych358 --- E O F --- 2009-07-16 21:42 oczywiście plus za sprawdzenie...
Gość komentarz 18 lipca 2009 komentarz 18 lipca 2009 Jest OK. Proszę nie używać ComboFixa, jeżeli ktoś Ciebie - to wtedy dawaj. 1. Posprzątaj po ComboFixie i różnych narzędziach >>> OTCleanIt. 2. Użyj programu Malwarebytes. Wciskamy Skanuj, wybieramy dyski do skanowania i Rozpoczynamy skanowanie, na końcu wciskamy Usuń zaznaczone jak będą i Ok. Wrzuć wygenerowany raport po usuwaniu MBAMem. .
cezarpiotr komentarz 18 lipca 2009 Autor komentarz 18 lipca 2009 Proszę nie używać ComboFixa, jeżeli ktoś Ciebie - to wtedy dawaj. spoko, ale możesz mi powiedzieć, co miałeś na myśli, bo nie skapowałem....
Psycholandia komentarz 18 lipca 2009 komentarz 18 lipca 2009 Jeśli ktoś Ciebie o loga z Combofixa poprosi, wtedy używaj. Kamil zjadł wyraz
cezarpiotr komentarz 18 lipca 2009 Autor komentarz 18 lipca 2009 aha..okej... to przez co mam robić skany komputera ??
MarekM25 komentarz 18 lipca 2009 komentarz 18 lipca 2009 do wyboru do koloru: otl/rsit i dodatkowo możesz zamieścić z GMERa i DDS (instrukcję znajdziesz w poradnikach)
cezarpiotr komentarz 30 lipca 2009 Autor komentarz 30 lipca 2009 (edytowane) potrzebuję przeskanować kompa.... więc jakiego lub jakich programów użyć, aby otrzymać te logi jak z ComboFixa.... ??? czytałem poradniki, ale tam trochę tego jest,,... REF....
MarekM25 komentarz 1 sierpnia 2009 komentarz 1 sierpnia 2009 już pisałem, ale moja odpowiedź chyba zginęła zrób loga z otl 1
cezarpiotr komentarz 1 sierpnia 2009 Autor komentarz 1 sierpnia 2009 ale to otl to czego jest skrót...?? bo w poradnikach nie mogę nic n ten temat znaleźć ...:/
MarekM25 komentarz 2 sierpnia 2009 komentarz 2 sierpnia 2009 proszę: http://www.forumpc.pl/index.php?showtopic=104338 1
cezarpiotr komentarz 2 sierpnia 2009 Autor komentarz 2 sierpnia 2009 (edytowane) oto log z OTL : OTL logfile created on: 2009-08-02 13:16:47 - Run 1OTL by OldTimer - Version 3.0.10.4 Folder = C:\Users\cezarpiotr\DesktopWindows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstationInternet Explorer (Version = 7.0.6001.18000)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File freePaging file location(s): ?:\pagefile.sys [binary data]%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program FilesDrive C: | 133,87 Gb Total Space | 90,94 Gb Free Space | 67,93% Space Free | Partition Type: NTFSDrive D: | 89,25 Gb Total Space | 39,68 Gb Free Space | 44,46% Space Free | Partition Type: NTFSE: Drive not present or media not loadedDrive F: | 256,13 Mb Total Space | 255,98 Mb Free Space | 99,95% Space Free | Partition Type: FATG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loadedComputer Name: CEZARPIOTR-PCCurrent User Name: cezarpiotrLogged in as Administrator.Current Boot Mode: NormalScan Mode: All usersCompany Name Whitelist: OnSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard========== Processes (SafeList) ==========PRC - [2008-06-10 16:11:02 | 00,692,224 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exePRC - [2008-06-10 16:11:02 | 00,692,224 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exePRC - [2007-02-06 03:13:14 | 00,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\ASLDRSrv.exePRC - [2007-08-08 09:08:40 | 00,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exePRC - [2008-03-18 06:27:12 | 00,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exePRC - [2006-02-28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exePRC - [2008-07-01 09:02:28 | 00,468,224 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exePRC - [2008-06-09 10:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exePRC - [2007-06-05 13:20:32 | 00,177,704 | ---- | M] () -- C:\Windows\System32\PSIService.exePRC - [2007-08-03 21:24:54 | 00,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exePRC - [2008-01-21 04:24:59 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exePRC - [2008-10-29 08:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXEPRC - [2008-01-21 04:23:32 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exePRC - [2008-01-07 10:25:14 | 04,853,760 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exePRC - [2007-10-12 06:44:28 | 00,106,496 | ---- | M] (ASUS) -- C:\Windows\System32\ASUSTPE.exePRC - [2009-05-23 02:25:12 | 00,033,136 | ---- | M] () -- C:\Windows\ASScrPro.exePRC - [2007-04-19 20:32:08 | 00,225,280 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\Hcontrol.exePRC - [2007-01-18 04:26:36 | 07,708,672 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exePRC - [2008-06-04 02:29:08 | 00,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exePRC - [2008-07-09 18:14:06 | 00,191,032 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exePRC - [2005-07-07 00:43:42 | 00,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exePRC - [2008-07-18 19:52:16 | 00,104,936 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exePRC - [2006-10-27 00:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exePRC - [2009-05-24 18:26:15 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exePRC - [2007-12-06 18:12:44 | 01,029,416 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exePRC - [2008-07-01 09:01:04 | 01,447,168 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exePRC - [2008-01-15 15:18:10 | 00,016,200 | R--- | M] () -- D:\Program Filest\Corel Paint\CorelIOMonitor.exePRC - [2008-03-25 21:27:58 | 00,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exePRC - [2008-03-25 20:40:42 | 00,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exePRC - [2006-12-19 02:26:26 | 02,420,736 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exePRC - [2007-04-17 22:39:42 | 00,077,824 | ---- | M] () -- C:\Program Files\ATK Hotkey\KBFiltr.exePRC - [2008-01-21 04:23:32 | 00,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exePRC - [2007-12-06 18:12:58 | 00,095,528 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exePRC - [2008-03-25 20:49:02 | 00,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exePRC - [2008-03-25 20:49:00 | 00,569,344 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exePRC - [2008-03-26 02:25:18 | 00,286,720 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exePRC - [2008-02-09 19:06:00 | 00,238,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exePRC - [2009-08-02 13:11:57 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\cezarpiotr\Desktop\OTL.exe========== Win32 Services (SafeList) ==========SRV - [2008-03-18 06:27:12 | 00,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio [Auto | Running])SRV - [2007-02-06 03:13:14 | 00,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService [Auto | Running])SRV - [2008-06-10 16:11:02 | 00,692,224 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe -- (Ati External Event Utility [Auto | Running])SRV - [2007-08-08 09:08:40 | 00,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv [Auto | Running])SRV - [2008-02-09 19:06:00 | 00,238,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler [Auto | Running])SRV - [2006-02-28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])SRV - [2008-07-27 20:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])SRV - [2008-01-21 04:25:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])SRV - [2006-11-02 14:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])SRV - [2006-11-02 14:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])SRV - [2008-07-01 09:08:00 | 00,019,200 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv [On_Demand | Stopped])SRV - [2008-07-01 09:02:28 | 00,468,224 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn [Auto | Running])SRV - [2008-01-21 04:23:49 | 01,013,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])SRV - [2009-07-20 13:30:44 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])SRV - [2008-06-20 03:14:44 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])SRV - [2008-03-25 20:38:24 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08 [On_Demand | Running])SRV - [2008-03-25 21:27:36 | 00,135,168 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc [Auto | Running])SRV - [2008-06-20 03:14:31 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Stopped])SRV - [2008-06-09 10:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])SRV - [2008-02-09 19:06:00 | 03,220,856 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate [On_Demand | Stopped])SRV - [2006-10-27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])SRV - [2008-02-28 11:53:18 | 00,043,520 | ---- | M] (Hewlett-Packard) -- C:\Windows\System32\HPZinw12.dll -- (Net Driver HPZ12 [Auto | Running])SRV - [2008-06-20 03:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])SRV - [2006-11-02 11:45:35 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\regedt32.exe -- (NOD32FiXTemDono [Auto | Stopped])SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])SRV - [2008-02-28 11:53:18 | 00,053,248 | ---- | M] (Hewlett-Packard) -- C:\Windows\System32\HPZipm12.dll -- (Pml Driver HPZ12 [Auto | Running])SRV - [2007-06-05 13:20:32 | 00,177,704 | ---- | M] () -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing [Auto | Running])SRV - [2007-08-03 21:24:54 | 00,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr [Auto | Running])SRV - [2008-01-21 04:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])SRV - [2008-01-21 04:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])========== Driver Services (SafeList) ==========DRV - [2008-01-21 04:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])DRV - [2008-01-21 04:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])DRV - [2008-01-21 04:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])DRV - [2008-01-21 04:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])DRV - [2008-03-21 06:13:00 | 01,203,776 | ---- | M] (Agere Systems) -- C:\Windows\System32\DRIVERS\AGRSM.sys -- (AgereSoftModem [On_Demand | Running])DRV - [2006-11-02 11:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])DRV - [2008-01-21 04:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])DRV - [2008-01-21 04:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])DRV - [2008-01-21 04:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])DRV - [2007-07-24 20:09:04 | 00,013,880 | ---- | M] () -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP [Auto | Running])DRV - [2008-04-06 03:56:08 | 00,908,800 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\System32\DRIVERS\athr.sys -- (athr [On_Demand | Running])DRV - [2008-06-10 18:35:54 | 03,839,488 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\DRIVERS\atikmdag.sys -- (atikmdag [On_Demand | Running])DRV - [2007-05-11 03:10:50 | 00,034,704 | ---- | M] (IVT Corporation.) -- C:\Windows\System32\DRIVERS\blueletaudio.sys -- (BlueletAudio [On_Demand | Running])DRV - [2007-03-05 06:00:04 | 00,027,792 | ---- | M] (IVT Corporation.) -- C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys -- (BlueletSCOAudio [On_Demand | Running])DRV - [2006-11-02 10:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])DRV - [2006-11-02 10:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])DRV - [2006-11-02 10:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])DRV - [2006-11-02 10:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])DRV - [2006-11-02 10:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])DRV - [2006-11-02 10:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])DRV - [2007-03-05 05:59:04 | 00,018,320 | ---- | M] (IVT Corporation.) -- C:\Windows\System32\DRIVERS\btnetdrv.sys -- (BT [On_Demand | Running])DRV - [2007-05-09 01:59:40 | 00,036,496 | ---- | M] (IVT Corporation.) -- C:\Windows\System32\Drivers\btcusb.sys -- (Btcsrusb [On_Demand | Stopped])DRV - [2007-03-05 05:55:12 | 00,020,880 | ---- | M] (IVT Corporation.) -- C:\Windows\System32\Drivers\vbtenum.sys -- (BTHidEnum [boot | Running])DRV - [2007-03-05 05:56:18 | 00,035,600 | ---- | M] (IVT Corporation.) -- C:\Windows\System32\Drivers\BTHidMgr.sys -- (BTHidMgr [boot | Running])DRV - [2008-01-21 04:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])DRV - [2008-01-21 04:23:24 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])DRV - [2008-07-01 08:56:22 | 00,039,944 | ---- | M] (ESET) -- C:\Windows\System32\DRIVERS\eamon.sys -- (eamon [Auto | Running])DRV - [2008-07-01 08:57:14 | 00,053,256 | ---- | M] (ESET) -- C:\Windows\System32\DRIVERS\easdrv.sys -- (easdrv [system | Running])DRV - [2008-01-21 04:23:22 | 00,342,584 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])DRV - [2008-07-01 09:04:34 | 00,071,688 | ---- | M] (ESET) -- C:\Windows\System32\DRIVERS\epfw.sys -- (epfw [Auto | Running])DRV - [2008-07-01 09:04:36 | 00,030,728 | ---- | M] (ESET) -- C:\Windows\System32\DRIVERS\Epfwndis.sys -- (Epfwndis [On_Demand | Running])DRV - [2008-07-01 09:04:38 | 00,054,280 | ---- | M] (ESET) -- C:\Windows\System32\DRIVERS\epfwtdi.sys -- (epfwtdi [system | Running])DRV - [2007-08-03 06:26:22 | 00,020,936 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio [Auto | Running])DRV - [2008-01-21 04:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])DRV - [2008-01-21 04:23:23 | 00,235,064 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])DRV - [2006-11-02 11:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])DRV - [2008-01-08 11:06:04 | 02,044,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])DRV - [2006-11-02 11:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])DRV - [2006-11-02 11:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])DRV - [2008-06-03 08:41:52 | 00,015,928 | ---- | M] ( ) -- C:\Windows\System32\DRIVERS\kbfiltr.sys -- (kbfiltr [On_Demand | Running])DRV - [2008-01-21 04:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])DRV - [2008-01-21 04:23:25 | 00,089,656 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])DRV - [2008-01-21 04:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])DRV - [2008-01-21 04:23:27 | 00,031,288 | ---- | M] (LSI Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])DRV - [2008-01-21 04:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR [Disabled | Stopped])DRV - [2008-01-21 04:23:26 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Running])DRV - [2006-11-02 11:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])DRV - [2006-12-14 09:11:58 | 00,007,680 | ---- | M] (ATK0100) -- C:\Windows\System32\DRIVERS\ATKACPI.sys -- (MTsensor [On_Demand | Running])DRV - [2006-11-02 11:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])DRV - [2006-11-02 09:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])DRV - [2008-01-21 04:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])DRV - [2008-01-21 04:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])DRV - [2008-01-21 04:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])DRV - [2006-11-02 11:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])DRV - [2008-01-21 04:24:49 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Drivers\RootMdm.sys -- (ROOTMODEM [On_Demand | Running])DRV - [2007-11-10 07:30:22 | 00,057,856 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTSTOR.SYS -- (RTSTOR [On_Demand | Running])DRV - [2006-11-02 08:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])DRV - [2007-06-20 05:12:18 | 00,047,616 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\System32\DRIVERS\SiSGB6.sys -- (SiSGbeLH [On_Demand | Running])DRV - [2008-01-21 04:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])DRV - [2006-11-02 09:41:49 | 01,010,560 | ---- | M] (Motorola Inc.) -- C:\Windows\System32\DRIVERS\smserial.sys -- (smserial [On_Demand | Stopped])DRV - [2008-05-22 01:41:00 | 01,772,544 | ---- | M] () -- C:\Windows\System32\DRIVERS\snp2uvc.sys -- (SNP2UVC [On_Demand | Running])DRV - [2009-05-25 15:19:39 | 00,721,904 | ---- | M] () -- C:\Windows\System32\Drivers\sptd.sys -- (sptd [boot | Running])DRV - [2007-01-22 12:52:56 | 00,060,533 | ---- | M] (STMicroelectronics ) -- C:\Windows\System32\DRIVERS\stmatm.sys -- (Stmatm [On_Demand | Running])DRV - [2006-11-02 11:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])DRV - [2006-11-02 11:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])DRV - [2006-11-02 11:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])DRV - [2007-12-06 18:12:48 | 00,196,400 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])DRV - [2007-04-13 14:15:34 | 00,688,864 | ---- | M] () -- C:\Windows\System32\DRIVERS\torususb.sys -- (TaurusUsb [On_Demand | Running])DRV - [2008-01-21 04:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])DRV - [2006-11-02 11:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])DRV - [2008-01-21 04:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])DRV - [2007-03-05 05:52:18 | 00,034,448 | ---- | M] (IVT Corporation.) -- C:\Windows\System32\DRIVERS\VComm.sys -- (VComm [On_Demand | Running])DRV - [2007-03-05 05:53:18 | 00,044,304 | ---- | M] (IVT Corporation.) -- C:\Windows\System32\Drivers\VcommMgr.sys -- (VcommMgr [On_Demand | Running])DRV - [2007-03-05 05:57:14 | 00,019,472 | ---- | M] (IVT Corporation.) -- C:\Windows\System32\drivers\VHIDMini.sys -- (VHidMinidrv [On_Demand | Stopped])DRV - [2008-01-21 04:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])DRV - [2008-01-21 04:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])DRV - [2005-09-27 12:52:40 | 00,058,256 | ---- | M] (MCCI) -- C:\Windows\System32\DRIVERS\w900bus.sys -- (w900bus [On_Demand | Stopped])DRV - [2006-11-02 09:30:56 | 00,194,048 | ---- | M] (Marvell) -- C:\Windows\System32\DRIVERS\yk60x86.sys -- (yukonwlh [On_Demand | Stopped])========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-onsIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRiskIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htmIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhomeIE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhomeIE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-21-1182786750-1517702924-562719952-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htmIE - HKU\S-1-5-21-1182786750-1517702924-562719952-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\S-1-5-21-1182786750-1517702924-562719952-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/IE - HKU\S-1-5-21-1182786750-1517702924-562719952-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1IE - HKU\S-1-5-21-1182786750-1517702924-562719952-1000\S-1-5-21-1182786750-1517702924-562719952-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0========== FireFox ==========FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.8.0552FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.1FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-05-22 21:56:15 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009-07-21 12:13:43 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.5.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-07-18 12:25:06 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.5.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-07-18 12:25:06 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird[2009-07-12 23:22:44 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\mozilla\Extensions[2009-07-12 23:22:44 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}[2009-08-01 23:51:28 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\mozilla\Firefox\Profiles\f5xa8sz9.default\extensions[2009-07-19 22:44:05 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\mozilla\Firefox\Profiles\f5xa8sz9.default\extensions\DTToolbar@toolbarnet.com[2009-07-12 23:22:24 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions[2009-07-18 12:25:06 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}[2009-07-18 12:25:03 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll[2009-07-18 12:25:03 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll[2009-07-18 12:25:04 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll[2008-09-10 21:56:44 | 00,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll[2008-09-10 21:37:54 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll[2009-06-24 14:27:26 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml[2009-06-24 14:27:26 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml[2009-06-24 14:27:26 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml[2009-06-24 14:27:26 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml[2009-06-24 14:27:26 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml[2009-06-24 14:27:26 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml[2009-06-24 14:27:26 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xmlO1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\HostsO1 - Hosts: 127.0.0.1 localhostO1 - Hosts: ::1 localhostO2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\cezarpiotr\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()O3 - HKU\S-1-5-21-1182786750-1517702924-562719952-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe ()O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe ()O4 - HKLM..\Run: [ASUSTPE] C:\Windows\System32\ASUSTPE.exe (ASUS)O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)O4 - HKLM..\Run: [Corel File Shell Monitor] D:\Program Filest\Corel Paint\CorelIOMonitor.exe ()O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe (Hewlett-Packard)O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)O4 - HKLM..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)O4 - HKU\S-1-5-21-1182786750-1517702924-562719952-1000..\Run: [AQQ] C:\Program Files\WapSter\WapSter AQQ\AQQ.exe (Creative Team S.A.)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-1182786750-1517702924-562719952-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-1182786750-1517702924-562719952-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O7 - HKU\S-1-5-21-1182786750-1517702924-562719952-1000_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)O9 - Extra Button: Zaznaczanie HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)O13 - gopher Prefix: missingO16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\Explorer.exe (Microsoft Corporation)O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not foundO28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)O31 - SafeBoot: AlternateShell - cmd.exeO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2006-09-18 23:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]O33 - MountPoints2\{f12f00e0-492e-11de-954d-0023547142e0}\Shell - "" = AutoRunO33 - MountPoints2\{f12f00e0-492e-11de-954d-0023547142e0}\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not foundO34 - HKLM BootExecute: (autocheck) - File not foundO34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)O34 - HKLM BootExecute: (*) - File not found========== Files/Folders - Created Within 30 Days ==========[1 C:\Windows\*.tmp files][2009-08-02 13:11:36 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Users\cezarpiotr\Desktop\OTL.exe[2009-07-30 19:58:36 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\Documents\My Received Files[2009-07-30 15:45:10 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\AppData\Roaming\AIMP[2009-07-30 15:44:44 | 00,000,000 | ---D | C] -- C:\Program Files\AIMP2[2009-07-30 15:20:52 | 00,000,000 | ---D | C] -- C:\Program Files\WapSter[2009-07-30 14:16:07 | 00,016,852 | ---- | C] () -- C:\Users\cezarpiotr\Desktop\Jak zainstalować Windows XP by AndrzejSnk.docx[2009-07-29 13:28:47 | 03,583,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll[2009-07-29 13:28:47 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll[2009-07-29 13:28:44 | 06,069,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll[2009-07-29 13:28:42 | 01,166,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll[2009-07-29 13:28:41 | 00,827,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll[2009-07-29 13:28:41 | 00,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll[2009-07-29 13:28:40 | 00,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll[2009-07-29 13:28:40 | 00,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll[2009-07-29 13:28:39 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec[2009-07-29 13:28:39 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll[2009-07-29 13:28:39 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe[2009-07-29 13:28:38 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb[2009-07-29 13:28:38 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll[2009-07-29 13:28:38 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll[2009-07-29 13:28:38 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll[2009-07-22 23:11:47 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\Documents\NFS Most Wanted[2009-07-22 09:32:47 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\AppData\Local\Plus500[2009-07-21 17:31:22 | 00,000,000 | ---D | C] -- C:\Windows\USB Vibration[2009-07-21 17:30:55 | 00,000,000 | ---D | C] -- C:\Program Files\USB Vibration[2009-07-21 14:03:26 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\Documents\Euro Truck Simulator[2009-07-21 12:10:04 | 00,002,002 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk[2009-07-21 12:07:09 | 00,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant[2009-07-21 11:57:44 | 00,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\difxapi.dll[2009-07-21 11:43:02 | 00,178,218 | ---- | C] () -- C:\Windows\hpoins28.dat[2009-07-20 14:16:49 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\Documents\My PSP Files[2009-07-20 13:59:56 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\Documents\Version Cue[2009-07-20 13:59:55 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\Documents\AdobeStockPhotos[2009-07-20 13:50:07 | 00,000,000 | ---D | C] -- C:\ProgramData\FLEXnet[2009-07-20 13:41:01 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour[2009-07-20 13:30:44 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared[2009-07-19 17:56:25 | 00,196,608 | ---- | C] () -- C:\Windows\System32\Ikeext.etl[2009-07-18 15:49:57 | 00,000,000 | ---D | C] -- C:\Windows\temp[2009-07-18 15:49:57 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\AppData\Local\temp(47)[2009-07-16 15:38:42 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar(4)[2009-07-15 17:36:50 | 00,000,000 | ---D | C] -- C:\Program Files\DIFX[2009-07-15 17:36:48 | 00,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE[2009-07-15 17:33:12 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\Documents\Moje pokazy Corel Show[2009-07-15 17:26:56 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel[2009-07-15 17:01:00 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\AppData\Roaming\Media Player Classic[2009-07-15 16:59:49 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll[2009-07-15 16:59:47 | 00,168,448 | ---- | C] () -- C:\Windows\System32\unrar.dll[2009-07-15 16:59:46 | 00,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini[2009-07-15 16:59:41 | 00,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm[2009-07-15 16:59:41 | 00,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml[2009-07-15 16:59:40 | 00,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll[2009-07-15 16:59:40 | 00,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll[2009-07-15 16:59:40 | 00,118,784 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm[2009-07-15 16:59:39 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll[2009-07-15 16:59:39 | 00,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll[2009-07-15 16:59:39 | 00,090,112 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\dpl100.dll[2009-07-15 16:59:31 | 00,685,056 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\divx.dll[2009-07-15 16:59:28 | 00,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll[2009-07-15 16:59:28 | 00,060,273 | ---- | C] (Open Source Software community project) -- C:\Windows\System32\pthreadGC2.dll[2009-07-15 16:59:25 | 00,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack[2009-07-15 15:21:05 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll[2009-07-15 15:21:05 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll[2009-07-15 15:21:05 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll[2009-07-14 19:33:30 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\AppData\Roaming\gtk-2.0[2009-07-13 19:03:58 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner[2009-07-13 15:11:49 | 00,000,000 | ---D | C] -- C:\Program Files\Lavalys[2009-07-13 10:55:05 | 00,000,000 | ---D | C] -- C:\ProgramData\ALLPlayer[2009-07-13 10:55:04 | 00,892,928 | ---- | C] (Free Software Foundation) -- C:\Windows\System32\iconv.dll[2009-07-13 10:55:04 | 00,675,840 | ---- | C] () -- C:\Windows\System32\ac3filter.ax[2009-07-12 23:22:32 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\AppData\Roaming\Mozilla[2009-07-12 23:22:32 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\AppData\Local\Mozilla[2009-07-12 22:10:04 | 00,000,000 | ---D | C] -- C:\Windows\Sun[2009-07-10 19:04:11 | 00,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe[2009-07-10 16:28:50 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\AppData\Roaming\Malwarebytes[2009-07-10 16:28:47 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys[2009-07-10 16:28:45 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys[2009-07-10 16:28:45 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes[2009-07-10 16:28:44 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware[2009-07-10 14:30:23 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\AppData\Local\temp[2009-07-10 14:30:21 | 00,000,000 | -HSD | C] -- C:\$RECYCLE.BIN[2009-07-10 14:24:22 | 00,155,136 | ---- | C] () -- C:\Windows\PEV.exe[2009-07-10 14:22:31 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT[2009-07-10 13:13:40 | 00,005,702 | -H-- | C] () -- C:\Windows\nod32restoretemdono.reg[2009-07-10 13:13:40 | 00,000,568 | -H-- | C] () -- C:\Windows\nod32fixtemdono.reg[2009-07-10 13:11:56 | 00,000,000 | ---D | C] -- C:\Program Files\ESET[2009-07-10 10:29:40 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\AppData\Local\ESET[2009-07-10 10:29:23 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\AppData\Roaming\ESET[2009-07-10 10:27:48 | 00,000,000 | ---D | C] -- C:\ProgramData\ESET[2009-07-09 16:21:31 | 00,002,988 | ---- | C] () -- C:\Windows\desctemp.dat[2009-07-09 15:20:23 | 00,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files[2009-07-06 11:33:10 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\AppData\Local\Microsoft Games[2009-06-25 13:51:15 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll[2009-06-12 11:28:23 | 00,002,828 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys[2009-06-12 11:28:23 | 00,000,088 | RHS- | C] () -- C:\Windows\System32\290071F6DD.sys[2009-05-25 15:19:38 | 00,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys[2009-05-23 02:19:09 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll[2009-05-23 02:13:57 | 00,015,928 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys[2009-05-23 02:13:03 | 01,772,544 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys[2009-05-23 02:13:03 | 00,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini[2009-05-23 02:13:02 | 00,176,128 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll[2009-05-23 02:13:02 | 00,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys[2009-05-22 19:29:03 | 00,688,864 | ---- | C] () -- C:\Windows\System32\drivers\torususb.sys[2009-05-22 19:29:03 | 00,000,161 | ---- | C] () -- C:\Windows\DSLSetup.ini[2008-09-12 16:21:02 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest[2008-07-29 17:33:22 | 00,057,344 | ---- | C] () -- C:\Windows\System32\BtwNamespaceExt2.dll[2008-04-18 01:45:31 | 00,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini[2006-11-02 14:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll[2006-11-02 12:23:31 | 00,000,254 | ---- | C] () -- C:\Windows\win.ini[2006-11-02 12:23:31 | 00,000,215 | ---- | C] () -- C:\Windows\system.ini[2006-11-02 09:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini========== Files - Modified Within 30 Days ==========[1 C:\Windows\*.tmp files][2009-08-02 13:11:57 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\cezarpiotr\Desktop\OTL.exe[2009-08-02 13:05:54 | 00,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0[2009-08-02 13:05:54 | 00,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0[2009-08-02 13:05:45 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT[2009-08-02 13:05:41 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat[2009-08-02 13:05:32 | 32,204,63616 | -HS- | M] () -- C:\hiberfil.sys[2009-08-02 00:35:15 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat[2009-08-02 00:35:03 | 03,357,462 | -H-- | M] () -- C:\Users\cezarpiotr\AppData\Local\IconCache.db[2009-08-01 18:47:44 | 00,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe[2009-07-30 18:56:15 | 00,042,496 | ---- | M] () -- C:\Users\cezarpiotr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2009-07-30 15:02:57 | 00,002,828 | -HS- | M] () -- C:\Windows\System32\KGyGaAvL.sys[2009-07-30 14:16:08 | 00,016,852 | ---- | M] () -- C:\Users\cezarpiotr\Desktop\Jak zainstalować Windows XP by AndrzejSnk.docx[2009-07-21 12:22:59 | 00,178,218 | ---- | M] () -- C:\Windows\hpoins28.dat[2009-07-21 12:20:41 | 00,000,254 | ---- | M] () -- C:\Windows\win.ini[2009-07-21 12:10:04 | 00,002,002 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk[2009-07-20 18:10:24 | 01,715,912 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT[2009-07-20 13:59:59 | 00,099,864 | ---- | M] () -- C:\Users\cezarpiotr\AppData\Local\GDIPFONTCACHEV1.DAT[2009-07-19 17:59:56 | 00,196,608 | ---- | M] () -- C:\Windows\System32\Ikeext.etl[2009-07-18 18:06:20 | 00,827,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll[2009-07-18 18:06:05 | 01,166,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll[2009-07-18 18:04:41 | 00,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\occache.dll[2009-07-18 18:03:16 | 00,671,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll[2009-07-18 18:02:53 | 03,583,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll[2009-07-18 18:02:50 | 00,458,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll[2009-07-18 18:02:05 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll[2009-07-18 18:01:49 | 06,069,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll[2009-07-18 18:01:49 | 00,270,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll[2009-07-18 18:01:48 | 00,389,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll[2009-07-18 18:01:48 | 00,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll[2009-07-18 18:01:48 | 00,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll[2009-07-18 12:16:01 | 00,389,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec[2009-07-18 11:46:14 | 00,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe[2009-07-18 11:45:19 | 01,383,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb[2009-07-15 17:31:05 | 00,000,088 | RHS- | M] () -- C:\Windows\System32\290071F6DD.sys[2009-07-12 14:57:30 | 00,665,404 | ---- | M] () -- C:\Windows\System32\perfh015.dat[2009-07-12 14:57:30 | 00,590,082 | ---- | M] () -- C:\Windows\System32\perfh009.dat[2009-07-12 14:57:30 | 00,128,164 | ---- | M] () -- C:\Windows\System32\perfc015.dat[2009-07-12 14:57:30 | 00,102,094 | ---- | M] () -- C:\Windows\System32\perfc009.dat[2009-07-12 14:57:29 | 01,477,664 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI[2009-07-10 14:29:08 | 00,000,215 | ---- | M] () -- C:\Windows\system.ini[2009-07-10 09:22:20 | 00,000,680 | ---- | M] () -- C:\Users\cezarpiotr\AppData\Local\d3d9caps.dat[2009-07-09 16:25:52 | 00,002,988 | ---- | M] () -- C:\Windows\desctemp.dat[2009-07-07 17:10:56 | 24,539,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe========== LOP Check ==========[2009-07-30 15:47:09 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming[2009-08-01 18:29:54 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\AIMP[2009-05-22 19:16:45 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\ATI[2009-06-12 11:28:24 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\Corel[2009-05-22 21:15:22 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\CyberLink[2009-05-25 16:09:19 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\DAEMON Tools Lite[2009-07-10 10:29:23 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\ESET[2009-07-14 23:19:45 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\gtk-2.0[2006-11-02 14:37:34 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\Media Center Programs[2009-06-19 19:16:26 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\Mount&Blade[2009-05-22 23:20:46 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\Nowe Gadu-Gadu[2009-05-23 17:36:56 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\OpenFM[2009-06-13 18:42:12 | 00,000,000 | RH-D | M] -- C:\Users\cezarpiotr\AppData\Roaming\SecuROM[2009-07-12 16:53:29 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\uTorrent[2006-11-02 14:37:34 | 00,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming[2006-11-02 14:37:34 | 00,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Media Center Programs[2006-11-02 14:37:34 | 00,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming[2006-11-02 14:37:34 | 00,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Media Center Programs[2009-08-02 13:05:45 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT[2009-08-02 00:35:15 | 00,032,544 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT========== Purity Check ==================== Alternate Data Streams ==========@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:DFC5A2B2@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:7E95B6FD< End of report > PROSZĘ O SPRAWDZENIE...
cezarpiotr komentarz 2 sierpnia 2009 Autor komentarz 2 sierpnia 2009 kurczę, to już nie kapuje....:/ komputer zaczął mi się ścinać, czasami, co jakiś czas podczas włączania go nie włącza mi się, muszę go zrestartować i dopiero wtedy się odpala....:/ jak skanuję komputer moim ESETEM to stanie na 58% i dalej nie ruszy...:/ coś jest jednak nie tak...:/
MarekM25 komentarz 2 sierpnia 2009 komentarz 2 sierpnia 2009 Log jest w miarę czysty, więc to nie są na pewno wirusy Usuń jeszcze ręcznie ten plik: C:\Windows\PEV.exe I co do wirusów to myślę, że będzie na tyle. Teraz musimy dalej posprawdzać. Wykonaj optymalizację komputera: http://www.forumpc.pl/index.php?showtopic=17478 Sądzę, że nie dużo da albo wgl. Myślę, że problem może leżeć w sprzęcie, więc powinnieneś się skierować do działu sprzętowego może tam czegoś się dowiesz;) 1
cezarpiotr komentarz 2 sierpnia 2009 Autor komentarz 2 sierpnia 2009 usunąłem go... co do tej optymalizacji ja mam Windowsa Vistę, a nie xp...:/ ???? ale jak problem ze sprzętem, nie kapuje, o co może chodzić ??
MarekM25 komentarz 2 sierpnia 2009 komentarz 2 sierpnia 2009 procedura optymalizacji mniej więcej ta sama spytaj w dziale sprzęt;)
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.