x-kom hosting

Uprzejmie prosze o sprawdzenie loga

cezarpiotr
utworzono
utworzono
ComboFix 09-07-14.08 - cezarpiotr 2009-07-18 15:43.2.2 - NTFSx86Microsoft® Windows Vista™ Home Premium   6.0.6001.1.1250.48.1045.18.3070.2062 [GMT 2:00]Uruchomiony z: c:\users\cezarpiotr\Desktop\ComboFix.exeAV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}FW: Zapora osobista *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}SP: ESET Smart Security 3.0 *disabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}.(((((((((((((((((((((((((((((((((((((((   Usunięto   ))))))))))))))))))))))))))))))))))))))))))))))))).c:\windows\Installer\268949.msic:\windows\system32\acovcnt.exe.(((((((((((((((((((((((((   Pliki utworzone od 2009-06-18 do 2009-07-18  ))))))))))))))))))))))))))))))).2009-07-18 13:48 . 2009-07-18 13:48	--------	d-----w-	c:\users\cezarpiotr\AppData\Local\temp2009-07-16 13:38 . 2009-07-16 13:38	--------	d-----w-	c:\program files\DAEMON Tools Toolbar(4)2009-07-15 15:36 . 2009-07-15 15:36	--------	d-----w-	c:\program files\DIFX2009-07-15 15:36 . 2009-07-15 15:36	--------	dc----w-	c:\windows\system32\DRVSTORE2009-07-15 15:26 . 2009-07-15 15:27	--------	d-----w-	c:\program files\Common Files\Corel2009-07-15 15:01 . 2009-07-15 15:01	--------	d-----w-	c:\users\cezarpiotr\AppData\Roaming\Media Player Classic2009-07-15 13:21 . 2009-06-15 15:24	156672	----a-w-	c:\windows\system32\t2embed.dll2009-07-15 13:21 . 2009-06-15 15:20	72704	----a-w-	c:\windows\system32\fontsub.dll2009-07-15 13:21 . 2009-06-15 15:20	10240	----a-w-	c:\windows\system32\dciman32.dll2009-07-15 13:21 . 2009-06-15 12:52	289792	----a-w-	c:\windows\system32\atmfd.dll2009-07-14 17:33 . 2009-07-14 21:19	--------	d-----w-	c:\users\cezarpiotr\AppData\Roaming\gtk-2.02009-07-14 08:40 . 2009-07-14 08:40	11264	----a-w-	c:\users\cezarpiotr\AppData\Roaming\Nowe Gadu-Gadu\_userdata\npgg.1.dll2009-07-13 17:03 . 2009-07-13 17:03	--------	d-----w-	c:\program files\CCleaner2009-07-13 13:11 . 2009-07-13 13:11	--------	d-----w-	c:\program files\Lavalys2009-07-13 08:55 . 2008-12-07 18:08	795648	----a-w-	c:\programdata\ALLPlayer\LIVE\XVID\xvidcore.dll2009-07-13 08:55 . 2008-04-14 21:50	1291776	----a-w-	c:\programdata\ALLPlayer\LIVE\QUARTZ\quartzXP.dll2009-07-13 08:55 . 2007-07-05 02:33	892928	----a-w-	c:\programdata\ALLPlayer\LIVE\DOLBY\iconv.dll2009-07-13 08:55 . 2009-07-13 08:55	--------	d-----w-	c:\programdata\ALLPlayer2009-07-13 08:55 . 2008-10-28 22:35	684032	----a-w-	c:\programdata\ALLPlayer\LIVE\DIVX\divx.dll2009-07-13 08:55 . 2007-07-05 02:33	892928	----a-w-	c:\windows\system32\iconv.dll2009-07-12 21:22 . 2009-07-12 21:22	--------	d-----w-	c:\users\cezarpiotr\AppData\Local\Mozilla2009-07-12 20:10 . 2009-07-12 20:10	--------	d-----w-	c:\windows\Sun2009-07-10 14:28 . 2009-07-10 14:28	--------	d-----w-	c:\users\cezarpiotr\AppData\Roaming\Malwarebytes2009-07-10 14:28 . 2009-06-17 09:27	38160	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys2009-07-10 14:28 . 2009-07-10 14:28	--------	d-----w-	c:\programdata\Malwarebytes2009-07-10 14:28 . 2009-06-17 09:27	19096	----a-w-	c:\windows\system32\drivers\mbam.sys2009-07-10 14:28 . 2009-07-10 15:18	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware2009-07-10 11:13 . 2008-03-03 16:21	568	---ha-w-	c:\windows\nod32fixtemdono.reg2009-07-10 11:13 . 2008-03-03 12:25	5702	---ha-w-	c:\windows\nod32restoretemdono.reg2009-07-10 11:11 . 2009-07-10 11:11	--------	d-----w-	c:\program files\ESET2009-07-10 08:29 . 2009-07-10 08:29	--------	d-----w-	c:\users\cezarpiotr\AppData\Local\ESET2009-07-09 14:21 . 2009-07-09 14:25	2988	----a-w-	c:\windows\desctemp.dat2009-07-09 13:20 . 2009-07-09 14:42	--------	d-----w-	c:\programdata\Kaspersky Lab Setup Files2009-07-06 09:33 . 2009-07-11 13:47	--------	d-----w-	c:\users\cezarpiotr\AppData\Local\Microsoft Games2009-07-02 17:48 . 2009-07-02 17:50	--------	d-----w-	c:\programdata\Bluetooth2009-07-02 17:45 . 2009-07-02 17:45	--------	d-----w-	c:\program files\IVT Corporation2009-07-02 17:27 . 2009-07-17 21:57	12	----a-w-	c:\windows\bthservsdp.dat2009-06-27 07:55 . 2009-06-27 07:55	--------	d-----w-	c:\windows\Options2009-06-25 11:51 . 2007-12-06 16:12	196400	----a-w-	c:\windows\system32\drivers\SynTP.sys2009-06-25 11:51 . 2007-12-06 16:12	110592	----a-w-	c:\windows\system32\SynTPCo4.dll2009-06-25 11:51 . 2007-12-06 15:20	147456	----a-w-	c:\windows\system32\SynTPAPI.dll2009-06-25 11:51 . 2007-12-06 15:09	196608	----a-w-	c:\windows\system32\SynCtrl.dll2009-06-25 11:51 . 2007-12-06 15:08	163840	----a-w-	c:\windows\system32\SynCOM.dll2009-06-25 11:51 . 2006-03-09 07:58	1060424	----a-w-	c:\windows\system32\WdfCoInstaller01000.dll2009-06-22 09:23 . 2009-06-22 09:23	--------	d-----w-	c:\users\cezarpiotr\AppData\Local\Ascaron Entertainment2009-06-22 09:20 . 2008-07-31 08:41	238088	----a-w-	c:\windows\system32\xactengine3_2.dll2009-06-22 09:20 . 2008-07-31 08:41	68616	----a-w-	c:\windows\system32\XAPOFX1_1.dll2009-06-22 09:20 . 2008-07-31 08:40	509448	----a-w-	c:\windows\system32\XAudio2_2.dll2009-06-22 09:20 . 2008-07-12 06:18	467984	----a-w-	c:\windows\system32\d3dx10_39.dll2009-06-22 09:20 . 2008-07-12 06:18	3851784	----a-w-	c:\windows\system32\D3DX9_39.dll2009-06-22 09:20 . 2008-07-12 06:18	1493528	----a-w-	c:\windows\system32\D3DCompiler_39.dll2009-06-22 09:19 . 2009-06-22 09:19	413696	----a-w-	c:\windows\system32\wrap_oal.dll2009-06-22 09:19 . 2009-06-22 09:19	110592	----a-w-	c:\windows\system32\OpenAL32.dll2009-06-20 10:02 . 2009-07-10 07:22	680	----a-w-	c:\users\cezarpiotr\AppData\Local\d3d9caps.dat2009-06-19 17:13 . 2009-06-19 17:16	--------	d-----w-	c:\users\cezarpiotr\AppData\Roaming\Mount&Blade.((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-07-18 13:36 . 2009-05-22 23:47	--------	d--h--w-	c:\program files\InstallShield Installation Information2009-07-17 14:47 . 2009-06-12 09:28	2828	--sha-w-	c:\windows\system32\KGyGaAvL.sys2009-07-16 15:14 . 2009-05-22 21:17	--------	d-----w-	c:\program files\Gadu-Gadu2009-07-16 14:00 . 2009-05-23 10:52	--------	d-----w-	c:\users\cezarpiotr\AppData\Roaming\Winamp2009-07-16 14:00 . 2009-05-23 00:23	--------	d-----w-	c:\programdata\P4G2009-07-16 14:00 . 2009-05-25 13:28	--------	d-----w-	c:\program files\DAEMON Tools Toolbar2009-07-15 15:31 . 2009-06-12 09:28	88	--sh--r-	c:\windows\system32\290071F6DD.sys2009-07-15 15:00 . 2009-07-15 14:59	--------	d-----w-	c:\program files\K-Lite Codec Pack2009-07-15 14:02 . 2006-11-02 11:18	--------	d-----w-	c:\program files\Windows Mail2009-07-15 14:02 . 2009-05-23 10:05	--------	d-----w-	c:\programdata\Microsoft Help2009-07-13 08:55 . 2009-05-25 15:44	--------	d-----w-	c:\program files\NAPI-PROJEKT2009-07-12 14:53 . 2009-05-25 15:35	--------	d-----w-	c:\users\cezarpiotr\AppData\Roaming\uTorrent2009-07-12 12:57 . 2008-04-18 00:01	665404	----a-w-	c:\windows\system32\perfh015.dat2009-07-12 12:57 . 2008-04-18 00:01	128164	----a-w-	c:\windows\system32\perfc015.dat2009-06-30 09:42 . 2009-05-22 17:32	--------	d-----w-	c:\program files\CyberLink2009-06-26 09:36 . 2009-05-23 00:34	--------	d-----w-	c:\program files\Common Files\Adobe2009-06-24 18:45 . 2009-05-23 15:07	--------	d-----w-	c:\users\cezarpiotr\AppData\Roaming\HP2009-06-24 18:45 . 2009-05-23 14:51	--------	d-----w-	c:\programdata\HP2009-06-24 11:18 . 2009-05-22 17:14	99864	----a-w-	c:\users\cezarpiotr\AppData\Local\GDIPFONTCACHEV1.DAT2009-06-22 09:20 . 2009-06-13 16:40	107888	----a-w-	c:\windows\system32\CmdLineExt.dll2009-06-13 16:42 . 2009-06-13 16:42	--------	d--h--r-	c:\users\cezarpiotr\AppData\Roaming\SecuROM2009-06-13 16:38 . 2009-06-13 16:38	22328	----a-w-	c:\users\cezarpiotr\AppData\Roaming\PnkBstrK.sys2009-06-13 16:38 . 2009-06-13 16:38	22328	----a-w-	c:\users\cezarpiotr\AppData\Roaming\PnkBstrK.sys2009-06-12 09:28 . 2009-06-12 09:28	--------	d-----w-	c:\users\cezarpiotr\AppData\Roaming\Corel2009-06-12 09:28 . 2009-06-12 09:28	--------	d-----w-	c:\programdata\Corel2009-06-08 15:38 . 2009-05-22 23:58	--------	d-----w-	c:\program files\Common Files\InstallShield2009-06-08 13:38 . 2009-05-23 15:37	--------	d-----w-	c:\programdata\OpenFM2009-06-04 14:09 . 2009-06-04 14:09	--------	d-----w-	c:\program files\BearShare Applications2009-06-02 16:11 . 2009-07-15 14:59	85504	----a-w-	c:\windows\system32\ff_vfw.dll2009-05-30 20:22 . 2009-05-23 00:22	--------	d-----w-	c:\programdata\ASUS2009-05-29 21:37 . 2009-07-15 14:59	205824	----a-w-	c:\windows\system32\xvidvfw.dll2009-05-29 21:31 . 2009-07-15 14:59	881664	----a-w-	c:\windows\system32\xvidcore.dll2009-05-28 09:23 . 2009-05-28 09:23	42088	----a-w-	c:\users\cezarpiotr\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll2009-05-27 19:24 . 2009-05-27 19:24	--------	d-----w-	c:\programdata\VistaCodecs2009-05-26 14:42 . 2009-05-22 17:34	--------	d-----w-	c:\programdata\CyberLink2009-05-25 14:09 . 2009-05-25 13:19	--------	d-----w-	c:\users\cezarpiotr\AppData\Roaming\DAEMON Tools Lite2009-05-25 13:28 . 2009-05-25 13:28	--------	d-----w-	c:\programdata\DAEMON Tools Lite2009-05-25 13:19 . 2009-05-25 13:19	721904	----a-w-	c:\windows\system32\drivers\sptd.sys2009-05-24 19:30 . 2006-11-02 10:25	665600	----a-w-	c:\windows\inf\drvindex.dat2009-05-24 16:26 . 2009-05-24 16:26	410984	----a-w-	c:\windows\system32\deploytk.dll2009-05-24 16:26 . 2009-05-24 16:26	--------	d-----w-	c:\program files\Java2009-05-23 15:36 . 2009-05-23 15:36	--------	d-----w-	c:\users\cezarpiotr\AppData\Roaming\OpenFM2009-05-23 15:07 . 2009-05-23 15:07	--------	d-----w-	c:\programdata\WEBREG2009-05-23 15:06 . 2009-05-23 14:51	178218	----a-w-	c:\windows\hpoins28.dat2009-05-23 15:05 . 2009-05-23 15:05	--------	d-----w-	c:\programdata\Hewlett-Packard2009-05-23 15:02 . 2009-05-23 14:54	--------	d-----w-	c:\program files\HP2009-05-23 14:59 . 2009-05-23 14:59	--------	d-----w-	c:\programdata\HP Product Assistant2009-05-23 14:58 . 2009-05-23 14:58	--------	d-----w-	c:\program files\Common Files\HP2009-05-23 14:58 . 2009-05-23 14:58	--------	d-----w-	c:\program files\Hewlett-Packard2009-05-23 14:57 . 2009-05-23 14:57	--------	d-----w-	c:\program files\Common Files\Hewlett-Packard2009-05-23 14:50 . 2009-05-23 00:12	--------	d-----w-	c:\program files\ASUS2009-05-23 10:52 . 2009-05-23 10:52	--------	d-----w-	c:\program files\Winamp2009-05-23 10:52 . 2009-05-23 10:52	--------	d-----w-	c:\program files\Common Files\PX Storage Engine2009-05-23 10:10 . 2009-05-23 10:10	--------	d-----w-	c:\program files\Microsoft Works2009-05-23 10:09 . 2006-11-02 12:37	--------	d-----w-	c:\program files\MSBuild2009-05-23 10:08 . 2009-05-23 10:08	--------	d-----w-	c:\program files\Microsoft.NET2009-05-23 10:06 . 2009-05-23 10:06	--------	d-----w-	c:\program files\Microsoft Visual Studio 82009-05-23 00:41 . 2009-05-23 00:41	0	----a-w-	c:\windows\system32\drivers\1043_ASUSTeK_F5SR.alu2009-05-23 00:25 . 2009-05-23 00:25	33136	----a-w-	c:\windows\ASScrPro.exe2009-05-23 00:25 . 2009-05-23 00:25	4814371	----a-w-	c:\windows\ASUS Camera ScreenSaver.exe2009-05-23 00:25 . 2009-05-23 00:25	47672	----a-w-	c:\windows\AsScrProlog.exe2009-05-23 00:25 . 2009-05-23 00:25	281144	----a-w-	c:\windows\ASUS Camera ScreenSaver Uninstaller.exe2009-05-23 00:25 . 2009-05-23 00:25	520192	----a-w-	c:\windows\system32\Asus_Camera_ScreenSaver.scr2009-05-23 00:23 . 2009-05-23 00:23	--------	d-----w-	c:\program files\P4G2009-05-23 00:17 . 2009-05-23 00:17	--------	d-----w-	c:\program files\ATKGFNEX2009-05-23 00:16 . 2009-05-23 00:16	0	---ha-w-	c:\windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf2009-05-23 00:15 . 2009-05-23 00:15	--------	d-----w-	c:\program files\Synaptics2009-05-23 00:09 . 2009-05-23 00:09	--------	d-----w-	c:\program files\Atheros2009-05-23 00:09 . 2009-05-23 00:09	--------	d-----w-	c:\program files\Cisco2009-05-23 00:09 . 2009-05-23 00:09	--------	d-----w-	c:\programdata\Atheros2009-05-22 23:58 . 2009-05-22 23:58	319456	----a-w-	c:\windows\DIFxAPI.dll2009-05-22 23:58 . 2009-05-22 23:58	--------	d-----w-	c:\program files\Realtek2009-05-22 23:58 . 2009-05-22 23:58	315392	----a-w-	c:\windows\HideWin.exe2009-05-22 23:48 . 2009-05-22 23:48	--------	d-----w-	c:\program files\ATKOSD22009-05-22 23:47 . 2009-05-22 23:47	--------	d-----w-	c:\program files\ATK Hotkey2009-05-22 23:44 . 2009-05-22 23:44	0	----a-w-	c:\windows\ativpsrm.bin2009-05-22 23:41 . 2009-05-22 23:41	--------	d-----w-	c:\programdata\ATI2009-05-22 23:40 . 2009-05-22 23:40	--------	d-----w-	c:\program files\ATK2009-05-22 23:30 . 2009-05-22 23:29	--------	d-----w-	c:\program files\ATI Technologies2009-05-22 23:29 . 2009-05-22 23:29	--------	d-----w-	c:\program files\ATI2009-05-22 21:20 . 2009-05-22 21:17	--------	d-----w-	c:\users\cezarpiotr\AppData\Roaming\Nowe Gadu-Gadu2009-05-22 19:15 . 2009-05-22 19:15	--------	d-----w-	c:\users\cezarpiotr\AppData\Roaming\CyberLink2009-05-22 17:33 . 2009-05-22 17:33	36864	----a-w-	c:\programdata\Temp\{40BF1E83-20EB-11D8-97C5-0009C5020658}\PostBuild.exe2009-05-22 17:33 . 2009-05-22 17:33	--------	d-----w-	c:\program files\Common Files\LightScribe2009-05-22 17:31 . 2009-05-22 17:32	53319	----a-w-	c:\programdata\Temp\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\PostBuild.exe2009-05-22 17:28 . 2009-05-22 17:28	--------	d-----w-	c:\program files\ZTE ZXDSL 8522009-05-22 17:23 . 2009-05-22 23:49	--------	d-----w-	c:\program files\Common Files\Symantec Shared2009-05-22 17:22 . 2009-05-22 23:49	--------	d-----w-	c:\program files\Symantec2009-05-22 17:22 . 2009-05-22 23:49	--------	d-----w-	c:\programdata\Symantec2009-05-22 17:16 . 2009-05-22 17:16	--------	d-----w-	c:\users\cezarpiotr\AppData\Roaming\ATI2009-05-22 17:16 . 2009-05-22 17:16	--------	d-----w-	c:\users\cezarpiotr\AppData\Roaming\Symantec2009-05-01 21:02 . 2009-07-15 14:59	90112	----a-w-	c:\windows\system32\dpl100.dll2009-05-01 21:02 . 2009-07-15 14:59	685056	----a-w-	c:\windows\system32\divx.dll2009-04-30 12:37 . 2009-06-14 09:14	293376	----a-w-	c:\windows\system32\psisdecd.dll2009-04-30 12:37 . 2009-06-14 09:14	428544	----a-w-	c:\windows\system32\EncDec.dll2009-04-24 16:05 . 2009-06-10 12:21	827904	----a-w-	c:\windows\system32\wininet.dll2009-04-24 16:02 . 2009-06-10 12:21	78336	----a-w-	c:\windows\system32\ieencode.dll2009-04-24 13:44 . 2009-06-10 12:21	26624	----a-w-	c:\windows\system32\ieUnatt.exe2009-04-23 12:43 . 2009-06-10 12:21	784896	----a-w-	c:\windows\system32\rpcrt4.dll2009-04-23 12:42 . 2009-06-10 12:21	636928	----a-w-	c:\windows\system32\localspl.dll2009-07-18 10:25 . 2009-07-12 21:22	137208	----a-w-	c:\program files\mozilla firefox\components\brwsrcmp.dll.(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  REGEDIT4[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]"ASUSTPE"="c:\windows\system32\ASUSTPE.exe" [2007-10-12 106496]"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-05-23 47672]"ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2009-05-23 33136]"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-18 104936]"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152]"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-24 148888]"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-07-01 1447168]"Corel File Shell Monitor"="d:\program filest\Corel Paint\CorelIOMonitor.exe" [2008-01-15 16200]"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-01-07 4853760][HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"EnableUIADesktopToggle"= 0 (0x0)[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"mixer2"=wdmaud.drv[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]@="Service"[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]"DisableMonitoring"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]"DisableMonitoring"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]"DisableMonitoring"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]"AntiVirusOverride"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]"TCP Query User{92690226-4C6F-4052-85EA-4B8F828EFF4F}c:\\program files\\gadu-gadu\\gg.exe"= UDP:c:\program files\gadu-gadu\gg.exe:Nowe Gadu-Gadu"UDP Query User{F77DB33F-3CC1-4287-83E1-99FD3C11A78C}c:\\program files\\gadu-gadu\\gg.exe"= TCP:c:\program files\gadu-gadu\gg.exe:Nowe Gadu-Gadu"{1270573F-8984-46DE-89CB-35695FDC3A75}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook"{C3567E3D-7A71-461F-9C6A-DE3A2F323954}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove"{784FEDE9-7BF7-4771-954B-3400BA3BB226}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove"{BB9ACF6C-0B25-46DC-A342-197FA1891A15}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote"{21178EAF-73AB-4FAE-A9BD-7E7D02DD6D6F}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote"{D19A8D7A-C455-4835-AE60-A798FB91D6B7}"= UDP:c:\program files\Winamp\winamp.exe:Winamp"{06928C0B-5828-4339-9E3A-29D45D75F729}"= TCP:c:\program files\Winamp\winamp.exe:Winamp"{6AD86B09-5B2B-4943-A6AF-8D78B85A7E0E}"= c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe"{2D7DC88B-BC18-470B-8EAF-F49531F3FB01}"= c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe"{CD497C33-9608-4F44-AEA6-57822D9AF5AA}"= c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe"{4A02F306-C59C-441C-A0D6-956CE0A06288}"= c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe"{6224A899-3DDB-4A21-BCDD-FD5AFB241F4F}"= c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe"{2CD42BE9-B753-4216-B117-A3A371AD7396}"= c:\program files\Common Files\HP\Digital Imaging\bin\hpqphotocrm.exe:hpqphotocrm.exe"{EB1D5F57-89DB-4E47-BEAD-A523BFD5860D}"= c:\program files\HP\Digital Imaging\bin\hpqsudi.exe:hpqsudi.exe"{0CEC5693-9139-4C52-B55D-2EB6D5A37CDE}"= c:\program files\HP\Digital Imaging\bin\hpqpsapp.exe:hpqpsapp.exe"{BD668F5D-F1F2-4690-B0AD-FC9C73A2ABAD}"= c:\program files\HP\Digital Imaging\bin\hpqpse.exe:hpqpse.exe"{B3D00879-4751-48D2-8D81-FAAF381C8B0C}"= c:\program files\HP\Digital Imaging\bin\hpqgplgtupl.exe:hpqgplgtupl.exe"{4CD6BBE1-FF6C-443C-9CC7-189EC2E05C3F}"= c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe:hpqgpc01.exe"{57C45CA8-A5EF-4658-8627-D6ACC0DBF1A0}"= UDP:d:\program filest\uTorrent.exe:µTorrent (TCP-In)"{4B17E1A1-78E9-4CE3-B358-3CD9650984DE}"= TCP:d:\program filest\uTorrent.exe:µTorrent (UDP-In)"TCP Query User{6F2E8C3B-004A-4843-8B1C-FAA91396FDD9}c:\\program files\\bearshare applications\\bearshare\\bearshare.exe"= UDP:c:\program files\bearshare applications\bearshare\bearshare.exe:BearShare"UDP Query User{EF0AD38C-48D7-4D07-99B3-1284FFD16029}c:\\program files\\bearshare applications\\bearshare\\bearshare.exe"= TCP:c:\program files\bearshare applications\bearshare\bearshare.exe:BearShare"{0CF6497D-6971-4115-9BEB-884ADAD7B239}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA"{D5850A7E-A245-4368-8DDA-307BD0515871}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA"{B32C2C0A-743F-48D2-AE8E-D6049C005E3F}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB"{77B68B01-7C86-448C-8918-9ED0936F9BF7}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB"TCP Query User{35C7D68F-3BD3-4DA9-BAD8-ADA336BD40CF}d:\\gry\\counter-strike 1.6\\hl.exe"= UDP:d:\gry\counter-strike 1.6\hl.exe:Half-Life Launcher"UDP Query User{CC77C9D2-2881-431E-A4D0-696AA33BBD1A}d:\\gry\\counter-strike 1.6\\hl.exe"= TCP:d:\gry\counter-strike 1.6\hl.exe:Half-Life Launcher"TCP Query User{84C4701E-680D-4C3D-BCEA-2879A81FE5AD}c:\\users\\cezarpiotr\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= UDP:c:\users\cezarpiotr\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe:powersoccer.exe"UDP Query User{FE5A9291-B546-4170-9413-A889BC9925BC}c:\\users\\cezarpiotr\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= TCP:c:\users\cezarpiotr\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe:powersoccer.exe"{00A9BE5A-13FD-48CE-8715-3C2EBDE4D069}"= UDP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleil_.exe:BlueSoleil"{5BBC6D7D-D9DF-4806-848E-BD4C8E9006C2}"= TCP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleil_.exe:BlueSoleil"TCP Query User{E03ACB9E-0648-498A-A973-5E4AA77104BA}c:\\program files\\java\\jre6\\bin\\javaw.exe"= UDP:c:\program files\java\jre6\bin\javaw.exe:Java Platform SE binary"UDP Query User{AD8F86FD-B284-4E36-9EBE-05792353AE5D}c:\\program files\\java\\jre6\\bin\\javaw.exe"= TCP:c:\program files\java\jre6\bin\javaw.exe:Java Platform SE binaryR2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2008-07-01 468224]R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\System32\drivers\SiSGB6.sys [2009-05-23 47616]R3 Stmatm;ATM/ADSL miniport;c:\windows\System32\drivers\stmatm.sys [2009-05-22 60533]R3 TaurusUsb;ADSL Modem USB Service;c:\windows\System32\drivers\torususb.sys [2009-05-22 688864]S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\System32\regedt32.exe [2006-11-02 9216]S3 w900bus;Sony Ericsson 900i driver (WDM);c:\windows\System32\drivers\w900bus.sys [2009-06-08 58256][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvcbthsvcs	REG_MULTI_SZ   	BthServ[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]"c:\program files\Common Files\LightScribe\LSRunOnce.exe"..------- Skan uzupełniający -------.uStart Page = hxxp://www.google.pl/IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000FF - ProfilePath - c:\users\cezarpiotr\AppData\Roaming\Mozilla\Firefox\Profiles\f5xa8sz9.default\FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dllFF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dllFF - plugin: c:\users\cezarpiotr\AppData\Roaming\Nowe Gadu-Gadu\_userdata\npgg.1.dll---- FIREFOX - SPOSÓB POSTĘPOWANIA ----c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota",	  5120);c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history",	 true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata",	true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords",   false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads",   true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies",	 true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache",	   true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions",	true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history",				 true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata",				true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords",			   false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads",			   true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies",				 true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache",				   true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions",				true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps",			 false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings",			false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs",	false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-07-18 15:48Windows 6.0.6001 Service Pack 1 NTFSskanowanie ukrytych procesów ...  skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ...  skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------[HKEY_USERS\S-1-5-21-1182786750-1517702924-562719952-1000\Software\SecuROM\License information*]"datasecu"=hex:a8,a0,06,1d,b3,4f,30,67,27,08,98,89,5d,fb,2e,a1,b3,03,ae,f6,39,   09,9b,cc,e9,d2,10,83,39,be,b2,0e,db,5d,29,3d,e5,5c,ea,45,89,14,54,8a,7e,d6,\"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000"MSCurrentCountry"=dword:000000b5[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.Czas ukończenia: 2009-07-18 15:49ComboFix-quarantined-files.txt  2009-07-18 13:49Przed: 98 124 652 544 bajtów wolnychPo: 98 294 636 544 bajtów wolnych358	--- E O F ---	2009-07-16 21:42

oczywiście plus za sprawdzenie... :D

Gość
komentarz
komentarz

Jest OK.

Proszę nie używać ComboFixa, jeżeli ktoś Ciebie - to wtedy dawaj. ;)

1. Posprzątaj po ComboFixie i różnych narzędziach >>> OTCleanIt.

2. Użyj programu Malwarebytes.

Wciskamy Skanuj, wybieramy dyski do skanowania i Rozpoczynamy skanowanie, na końcu wciskamy Usuń zaznaczone jak będą i Ok.

Wrzuć wygenerowany raport po usuwaniu MBAMem.

.

cezarpiotr
komentarz
komentarz
Proszę nie używać ComboFixa, jeżeli ktoś Ciebie - to wtedy dawaj.

spoko, ale możesz mi powiedzieć, co miałeś na myśli, bo nie skapowałem.... :huh:

Psycholandia
komentarz
komentarz

Jeśli ktoś Ciebie o loga z Combofixa poprosi, wtedy używaj. Kamil zjadł wyraz ;)

cezarpiotr
komentarz
komentarz

aha..okej...:)

to przez co mam robić skany komputera ??

MarekM25
komentarz
komentarz

do wyboru do koloru: otl/rsit i dodatkowo możesz zamieścić z GMERa i DDS (instrukcję znajdziesz w poradnikach)

  • 2 tygodnie później...
cezarpiotr
komentarz
komentarz (edytowane)

potrzebuję przeskanować kompa....:)

więc jakiego lub jakich programów użyć, aby otrzymać te logi jak z ComboFixa....:) ???

czytałem poradniki, ale tam trochę tego jest,,...:)

REF....

MarekM25
komentarz
komentarz

już pisałem, ale moja odpowiedź chyba zginęła :P

zrób loga z otl

  • Dobra wypowiedź 1
cezarpiotr
komentarz
komentarz

ale to otl to czego jest skrót...??

bo w poradnikach nie mogę nic n ten temat znaleźć ...:/

cezarpiotr
komentarz
komentarz (edytowane)

oto log z OTL :

OTL logfile created on: 2009-08-02 13:16:47 - Run 1OTL by OldTimer - Version 3.0.10.4     Folder = C:\Users\cezarpiotr\DesktopWindows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstationInternet Explorer (Version = 7.0.6001.18000)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File freePaging file location(s): ?:\pagefile.sys [binary data]%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program FilesDrive C: | 133,87 Gb Total Space | 90,94 Gb Free Space | 67,93% Space Free | Partition Type: NTFSDrive D: | 89,25 Gb Total Space | 39,68 Gb Free Space | 44,46% Space Free | Partition Type: NTFSE: Drive not present or media not loadedDrive F: | 256,13 Mb Total Space | 255,98 Mb Free Space | 99,95% Space Free | Partition Type: FATG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loadedComputer Name: CEZARPIOTR-PCCurrent User Name: cezarpiotrLogged in as Administrator.Current Boot Mode: NormalScan Mode: All usersCompany Name Whitelist: OnSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard========== Processes (SafeList) ==========PRC - [2008-06-10 16:11:02 | 00,692,224 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exePRC - [2008-06-10 16:11:02 | 00,692,224 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exePRC - [2007-02-06 03:13:14 | 00,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\ASLDRSrv.exePRC - [2007-08-08 09:08:40 | 00,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exePRC - [2008-03-18 06:27:12 | 00,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exePRC - [2006-02-28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exePRC - [2008-07-01 09:02:28 | 00,468,224 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exePRC - [2008-06-09 10:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exePRC - [2007-06-05 13:20:32 | 00,177,704 | ---- | M] () -- C:\Windows\System32\PSIService.exePRC - [2007-08-03 21:24:54 | 00,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exePRC - [2008-01-21 04:24:59 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exePRC - [2008-10-29 08:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXEPRC - [2008-01-21 04:23:32 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exePRC - [2008-01-07 10:25:14 | 04,853,760 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exePRC - [2007-10-12 06:44:28 | 00,106,496 | ---- | M] (ASUS) -- C:\Windows\System32\ASUSTPE.exePRC - [2009-05-23 02:25:12 | 00,033,136 | ---- | M] () -- C:\Windows\ASScrPro.exePRC - [2007-04-19 20:32:08 | 00,225,280 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\Hcontrol.exePRC - [2007-01-18 04:26:36 | 07,708,672 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exePRC - [2008-06-04 02:29:08 | 00,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exePRC - [2008-07-09 18:14:06 | 00,191,032 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exePRC - [2005-07-07 00:43:42 | 00,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exePRC - [2008-07-18 19:52:16 | 00,104,936 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exePRC - [2006-10-27 00:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exePRC - [2009-05-24 18:26:15 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exePRC - [2007-12-06 18:12:44 | 01,029,416 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exePRC - [2008-07-01 09:01:04 | 01,447,168 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exePRC - [2008-01-15 15:18:10 | 00,016,200 | R--- | M] () -- D:\Program Filest\Corel Paint\CorelIOMonitor.exePRC - [2008-03-25 21:27:58 | 00,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exePRC - [2008-03-25 20:40:42 | 00,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exePRC - [2006-12-19 02:26:26 | 02,420,736 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exePRC - [2007-04-17 22:39:42 | 00,077,824 | ---- | M] () -- C:\Program Files\ATK Hotkey\KBFiltr.exePRC - [2008-01-21 04:23:32 | 00,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exePRC - [2007-12-06 18:12:58 | 00,095,528 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exePRC - [2008-03-25 20:49:02 | 00,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exePRC - [2008-03-25 20:49:00 | 00,569,344 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exePRC - [2008-03-26 02:25:18 | 00,286,720 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exePRC - [2008-02-09 19:06:00 | 00,238,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exePRC - [2009-08-02 13:11:57 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\cezarpiotr\Desktop\OTL.exe========== Win32 Services (SafeList) ==========SRV - [2008-03-18 06:27:12 | 00,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio [Auto | Running])SRV - [2007-02-06 03:13:14 | 00,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService [Auto | Running])SRV - [2008-06-10 16:11:02 | 00,692,224 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe -- (Ati External Event Utility [Auto | Running])SRV - [2007-08-08 09:08:40 | 00,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv [Auto | Running])SRV - [2008-02-09 19:06:00 | 00,238,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler [Auto | Running])SRV - [2006-02-28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])SRV - [2008-07-27 20:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])SRV - [2008-01-21 04:25:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])SRV - [2006-11-02 14:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])SRV - [2006-11-02 14:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])SRV - [2008-07-01 09:08:00 | 00,019,200 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv [On_Demand | Stopped])SRV - [2008-07-01 09:02:28 | 00,468,224 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn [Auto | Running])SRV - [2008-01-21 04:23:49 | 01,013,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])SRV - [2009-07-20 13:30:44 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])SRV - [2008-06-20 03:14:44 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])SRV - [2008-03-25 20:38:24 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08 [On_Demand | Running])SRV - [2008-03-25 21:27:36 | 00,135,168 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc [Auto | Running])SRV - [2008-06-20 03:14:31 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Stopped])SRV - [2008-06-09 10:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])SRV - [2008-02-09 19:06:00 | 03,220,856 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate [On_Demand | Stopped])SRV - [2006-10-27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])SRV - [2008-02-28 11:53:18 | 00,043,520 | ---- | M] (Hewlett-Packard) -- C:\Windows\System32\HPZinw12.dll -- (Net Driver HPZ12 [Auto | Running])SRV - [2008-06-20 03:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])SRV - [2006-11-02 11:45:35 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\regedt32.exe -- (NOD32FiXTemDono [Auto | Stopped])SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])SRV - [2008-02-28 11:53:18 | 00,053,248 | ---- | M] (Hewlett-Packard) -- C:\Windows\System32\HPZipm12.dll -- (Pml Driver HPZ12 [Auto | Running])SRV - [2007-06-05 13:20:32 | 00,177,704 | ---- | M] () -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing [Auto | Running])SRV - [2007-08-03 21:24:54 | 00,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr [Auto | Running])SRV - [2008-01-21 04:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])SRV - [2008-01-21 04:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])========== Driver Services (SafeList) ==========DRV - [2008-01-21 04:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])DRV - [2008-01-21 04:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])DRV - [2008-01-21 04:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])DRV - [2008-01-21 04:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])DRV - [2008-03-21 06:13:00 | 01,203,776 | ---- | M] (Agere Systems) -- C:\Windows\System32\DRIVERS\AGRSM.sys -- (AgereSoftModem [On_Demand | Running])DRV - [2006-11-02 11:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])DRV - [2008-01-21 04:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])DRV - [2008-01-21 04:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])DRV - [2008-01-21 04:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])DRV - [2007-07-24 20:09:04 | 00,013,880 | ---- | M] () -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP [Auto | Running])DRV - [2008-04-06 03:56:08 | 00,908,800 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\System32\DRIVERS\athr.sys -- (athr [On_Demand | Running])DRV - [2008-06-10 18:35:54 | 03,839,488 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\DRIVERS\atikmdag.sys -- (atikmdag [On_Demand | Running])DRV - [2007-05-11 03:10:50 | 00,034,704 | ---- | M] (IVT Corporation.) -- C:\Windows\System32\DRIVERS\blueletaudio.sys -- (BlueletAudio [On_Demand | Running])DRV - [2007-03-05 06:00:04 | 00,027,792 | ---- | M] (IVT Corporation.) -- C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys -- (BlueletSCOAudio [On_Demand | Running])DRV - [2006-11-02 10:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])DRV - [2006-11-02 10:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])DRV - [2006-11-02 10:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])DRV - [2006-11-02 10:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])DRV - [2006-11-02 10:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])DRV - [2006-11-02 10:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])DRV - [2007-03-05 05:59:04 | 00,018,320 | ---- | M] (IVT Corporation.) -- C:\Windows\System32\DRIVERS\btnetdrv.sys -- (BT [On_Demand | Running])DRV - [2007-05-09 01:59:40 | 00,036,496 | ---- | M] (IVT Corporation.) -- C:\Windows\System32\Drivers\btcusb.sys -- (Btcsrusb [On_Demand | Stopped])DRV - [2007-03-05 05:55:12 | 00,020,880 | ---- | M] (IVT Corporation.) -- C:\Windows\System32\Drivers\vbtenum.sys -- (BTHidEnum [boot | Running])DRV - [2007-03-05 05:56:18 | 00,035,600 | ---- | M] (IVT Corporation.) -- C:\Windows\System32\Drivers\BTHidMgr.sys -- (BTHidMgr [boot | Running])DRV - [2008-01-21 04:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])DRV - [2008-01-21 04:23:24 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])DRV - [2008-07-01 08:56:22 | 00,039,944 | ---- | M] (ESET) -- C:\Windows\System32\DRIVERS\eamon.sys -- (eamon [Auto | Running])DRV - [2008-07-01 08:57:14 | 00,053,256 | ---- | M] (ESET) -- C:\Windows\System32\DRIVERS\easdrv.sys -- (easdrv [system | Running])DRV - [2008-01-21 04:23:22 | 00,342,584 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])DRV - [2008-07-01 09:04:34 | 00,071,688 | ---- | M] (ESET) -- C:\Windows\System32\DRIVERS\epfw.sys -- (epfw [Auto | Running])DRV - [2008-07-01 09:04:36 | 00,030,728 | ---- | M] (ESET) -- C:\Windows\System32\DRIVERS\Epfwndis.sys -- (Epfwndis [On_Demand | Running])DRV - [2008-07-01 09:04:38 | 00,054,280 | ---- | M] (ESET) -- C:\Windows\System32\DRIVERS\epfwtdi.sys -- (epfwtdi [system | Running])DRV - [2007-08-03 06:26:22 | 00,020,936 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio [Auto | Running])DRV - [2008-01-21 04:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])DRV - [2008-01-21 04:23:23 | 00,235,064 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])DRV - [2006-11-02 11:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])DRV - [2008-01-08 11:06:04 | 02,044,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])DRV - [2006-11-02 11:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])DRV - [2006-11-02 11:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])DRV - [2008-06-03 08:41:52 | 00,015,928 | ---- | M] ( ) -- C:\Windows\System32\DRIVERS\kbfiltr.sys -- (kbfiltr [On_Demand | Running])DRV - [2008-01-21 04:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])DRV - [2008-01-21 04:23:25 | 00,089,656 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])DRV - [2008-01-21 04:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])DRV - [2008-01-21 04:23:27 | 00,031,288 | ---- | M] (LSI Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])DRV - [2008-01-21 04:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR [Disabled | Stopped])DRV - [2008-01-21 04:23:26 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Running])DRV - [2006-11-02 11:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])DRV - [2006-12-14 09:11:58 | 00,007,680 | ---- | M] (ATK0100) -- C:\Windows\System32\DRIVERS\ATKACPI.sys -- (MTsensor [On_Demand | Running])DRV - [2006-11-02 11:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])DRV - [2006-11-02 09:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])DRV - [2008-01-21 04:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])DRV - [2008-01-21 04:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])DRV - [2008-01-21 04:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])DRV - [2006-11-02 11:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])DRV - [2008-01-21 04:24:49 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Drivers\RootMdm.sys -- (ROOTMODEM [On_Demand | Running])DRV - [2007-11-10 07:30:22 | 00,057,856 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTSTOR.SYS -- (RTSTOR [On_Demand | Running])DRV - [2006-11-02 08:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])DRV - [2007-06-20 05:12:18 | 00,047,616 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\System32\DRIVERS\SiSGB6.sys -- (SiSGbeLH [On_Demand | Running])DRV - [2008-01-21 04:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])DRV - [2006-11-02 09:41:49 | 01,010,560 | ---- | M] (Motorola Inc.) -- C:\Windows\System32\DRIVERS\smserial.sys -- (smserial [On_Demand | Stopped])DRV - [2008-05-22 01:41:00 | 01,772,544 | ---- | M] () -- C:\Windows\System32\DRIVERS\snp2uvc.sys -- (SNP2UVC [On_Demand | Running])DRV - [2009-05-25 15:19:39 | 00,721,904 | ---- | M] () -- C:\Windows\System32\Drivers\sptd.sys -- (sptd [boot | Running])DRV - [2007-01-22 12:52:56 | 00,060,533 | ---- | M] (STMicroelectronics              ) -- C:\Windows\System32\DRIVERS\stmatm.sys -- (Stmatm [On_Demand | Running])DRV - [2006-11-02 11:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])DRV - [2006-11-02 11:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])DRV - [2006-11-02 11:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])DRV - [2007-12-06 18:12:48 | 00,196,400 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])DRV - [2007-04-13 14:15:34 | 00,688,864 | ---- | M] () -- C:\Windows\System32\DRIVERS\torususb.sys -- (TaurusUsb [On_Demand | Running])DRV - [2008-01-21 04:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])DRV - [2006-11-02 11:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])DRV - [2008-01-21 04:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])DRV - [2007-03-05 05:52:18 | 00,034,448 | ---- | M] (IVT Corporation.) -- C:\Windows\System32\DRIVERS\VComm.sys -- (VComm [On_Demand | Running])DRV - [2007-03-05 05:53:18 | 00,044,304 | ---- | M] (IVT Corporation.) -- C:\Windows\System32\Drivers\VcommMgr.sys -- (VcommMgr [On_Demand | Running])DRV - [2007-03-05 05:57:14 | 00,019,472 | ---- | M] (IVT Corporation.) -- C:\Windows\System32\drivers\VHIDMini.sys -- (VHidMinidrv [On_Demand | Stopped])DRV - [2008-01-21 04:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])DRV - [2008-01-21 04:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])DRV - [2005-09-27 12:52:40 | 00,058,256 | ---- | M] (MCCI) -- C:\Windows\System32\DRIVERS\w900bus.sys -- (w900bus [On_Demand | Stopped])DRV - [2006-11-02 09:30:56 | 00,194,048 | ---- | M] (Marvell) -- C:\Windows\System32\DRIVERS\yk60x86.sys -- (yukonwlh [On_Demand | Stopped])========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-onsIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRiskIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htmIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhomeIE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhomeIE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-21-1182786750-1517702924-562719952-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htmIE - HKU\S-1-5-21-1182786750-1517702924-562719952-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\S-1-5-21-1182786750-1517702924-562719952-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/IE - HKU\S-1-5-21-1182786750-1517702924-562719952-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1IE - HKU\S-1-5-21-1182786750-1517702924-562719952-1000\S-1-5-21-1182786750-1517702924-562719952-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0========== FireFox ==========FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.8.0552FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.1FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-05-22 21:56:15 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009-07-21 12:13:43 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.5.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-07-18 12:25:06 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.5.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-07-18 12:25:06 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird[2009-07-12 23:22:44 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\mozilla\Extensions[2009-07-12 23:22:44 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}[2009-08-01 23:51:28 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\mozilla\Firefox\Profiles\f5xa8sz9.default\extensions[2009-07-19 22:44:05 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\mozilla\Firefox\Profiles\f5xa8sz9.default\extensions\DTToolbar@toolbarnet.com[2009-07-12 23:22:24 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions[2009-07-18 12:25:06 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}[2009-07-18 12:25:03 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll[2009-07-18 12:25:03 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll[2009-07-18 12:25:04 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll[2008-09-10 21:56:44 | 00,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll[2008-09-10 21:37:54 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll[2009-06-24 14:27:26 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml[2009-06-24 14:27:26 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml[2009-06-24 14:27:26 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml[2009-06-24 14:27:26 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml[2009-06-24 14:27:26 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml[2009-06-24 14:27:26 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml[2009-06-24 14:27:26 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xmlO1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\HostsO1 - Hosts: 127.0.0.1       localhostO1 - Hosts: ::1             localhostO2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\cezarpiotr\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()O3 - HKU\S-1-5-21-1182786750-1517702924-562719952-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe ()O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe ()O4 - HKLM..\Run: [ASUSTPE] C:\Windows\System32\ASUSTPE.exe (ASUS)O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)O4 - HKLM..\Run: [Corel File Shell Monitor] D:\Program Filest\Corel Paint\CorelIOMonitor.exe ()O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe (Hewlett-Packard)O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)O4 - HKLM..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)O4 - HKU\S-1-5-21-1182786750-1517702924-562719952-1000..\Run: [AQQ] C:\Program Files\WapSter\WapSter AQQ\AQQ.exe (Creative Team S.A.)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-1182786750-1517702924-562719952-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-1182786750-1517702924-562719952-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O7 - HKU\S-1-5-21-1182786750-1517702924-562719952-1000_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)O9 - Extra Button: Zaznaczanie HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)O13 - gopher Prefix: missingO16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)O18 - Protocol\Filter:  - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\Explorer.exe (Microsoft Corporation)O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not foundO28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)O31 - SafeBoot: AlternateShell - cmd.exeO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2006-09-18 23:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]O33 - MountPoints2\{f12f00e0-492e-11de-954d-0023547142e0}\Shell - "" = AutoRunO33 - MountPoints2\{f12f00e0-492e-11de-954d-0023547142e0}\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not foundO34 - HKLM BootExecute: (autocheck) -  File not foundO34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)O34 - HKLM BootExecute: (*) -  File not found========== Files/Folders - Created Within 30 Days ==========[1 C:\Windows\*.tmp files][2009-08-02 13:11:36 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Users\cezarpiotr\Desktop\OTL.exe[2009-07-30 19:58:36 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\Documents\My Received Files[2009-07-30 15:45:10 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\AppData\Roaming\AIMP[2009-07-30 15:44:44 | 00,000,000 | ---D | C] -- C:\Program Files\AIMP2[2009-07-30 15:20:52 | 00,000,000 | ---D | C] -- C:\Program Files\WapSter[2009-07-30 14:16:07 | 00,016,852 | ---- | C] () -- C:\Users\cezarpiotr\Desktop\Jak zainstalować Windows XP by AndrzejSnk.docx[2009-07-29 13:28:47 | 03,583,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll[2009-07-29 13:28:47 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll[2009-07-29 13:28:44 | 06,069,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll[2009-07-29 13:28:42 | 01,166,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll[2009-07-29 13:28:41 | 00,827,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll[2009-07-29 13:28:41 | 00,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll[2009-07-29 13:28:40 | 00,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll[2009-07-29 13:28:40 | 00,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll[2009-07-29 13:28:39 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec[2009-07-29 13:28:39 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll[2009-07-29 13:28:39 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe[2009-07-29 13:28:38 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb[2009-07-29 13:28:38 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll[2009-07-29 13:28:38 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll[2009-07-29 13:28:38 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll[2009-07-22 23:11:47 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\Documents\NFS Most Wanted[2009-07-22 09:32:47 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\AppData\Local\Plus500[2009-07-21 17:31:22 | 00,000,000 | ---D | C] -- C:\Windows\USB Vibration[2009-07-21 17:30:55 | 00,000,000 | ---D | C] -- C:\Program Files\USB Vibration[2009-07-21 14:03:26 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\Documents\Euro Truck Simulator[2009-07-21 12:10:04 | 00,002,002 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk[2009-07-21 12:07:09 | 00,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant[2009-07-21 11:57:44 | 00,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\difxapi.dll[2009-07-21 11:43:02 | 00,178,218 | ---- | C] () -- C:\Windows\hpoins28.dat[2009-07-20 14:16:49 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\Documents\My PSP Files[2009-07-20 13:59:56 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\Documents\Version Cue[2009-07-20 13:59:55 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\Documents\AdobeStockPhotos[2009-07-20 13:50:07 | 00,000,000 | ---D | C] -- C:\ProgramData\FLEXnet[2009-07-20 13:41:01 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour[2009-07-20 13:30:44 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared[2009-07-19 17:56:25 | 00,196,608 | ---- | C] () -- C:\Windows\System32\Ikeext.etl[2009-07-18 15:49:57 | 00,000,000 | ---D | C] -- C:\Windows\temp[2009-07-18 15:49:57 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\AppData\Local\temp(47)[2009-07-16 15:38:42 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar(4)[2009-07-15 17:36:50 | 00,000,000 | ---D | C] -- C:\Program Files\DIFX[2009-07-15 17:36:48 | 00,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE[2009-07-15 17:33:12 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\Documents\Moje pokazy Corel Show[2009-07-15 17:26:56 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel[2009-07-15 17:01:00 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\AppData\Roaming\Media Player Classic[2009-07-15 16:59:49 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll[2009-07-15 16:59:47 | 00,168,448 | ---- | C] () -- C:\Windows\System32\unrar.dll[2009-07-15 16:59:46 | 00,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini[2009-07-15 16:59:41 | 00,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm[2009-07-15 16:59:41 | 00,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml[2009-07-15 16:59:40 | 00,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll[2009-07-15 16:59:40 | 00,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll[2009-07-15 16:59:40 | 00,118,784 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm[2009-07-15 16:59:39 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll[2009-07-15 16:59:39 | 00,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll[2009-07-15 16:59:39 | 00,090,112 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\dpl100.dll[2009-07-15 16:59:31 | 00,685,056 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\divx.dll[2009-07-15 16:59:28 | 00,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll[2009-07-15 16:59:28 | 00,060,273 | ---- | C] (Open Source Software community project) -- C:\Windows\System32\pthreadGC2.dll[2009-07-15 16:59:25 | 00,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack[2009-07-15 15:21:05 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll[2009-07-15 15:21:05 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll[2009-07-15 15:21:05 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll[2009-07-14 19:33:30 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\AppData\Roaming\gtk-2.0[2009-07-13 19:03:58 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner[2009-07-13 15:11:49 | 00,000,000 | ---D | C] -- C:\Program Files\Lavalys[2009-07-13 10:55:05 | 00,000,000 | ---D | C] -- C:\ProgramData\ALLPlayer[2009-07-13 10:55:04 | 00,892,928 | ---- | C] (Free Software Foundation) -- C:\Windows\System32\iconv.dll[2009-07-13 10:55:04 | 00,675,840 | ---- | C] () -- C:\Windows\System32\ac3filter.ax[2009-07-12 23:22:32 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\AppData\Roaming\Mozilla[2009-07-12 23:22:32 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\AppData\Local\Mozilla[2009-07-12 22:10:04 | 00,000,000 | ---D | C] -- C:\Windows\Sun[2009-07-10 19:04:11 | 00,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe[2009-07-10 16:28:50 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\AppData\Roaming\Malwarebytes[2009-07-10 16:28:47 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys[2009-07-10 16:28:45 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys[2009-07-10 16:28:45 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes[2009-07-10 16:28:44 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware[2009-07-10 14:30:23 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\AppData\Local\temp[2009-07-10 14:30:21 | 00,000,000 | -HSD | C] -- C:\$RECYCLE.BIN[2009-07-10 14:24:22 | 00,155,136 | ---- | C] () -- C:\Windows\PEV.exe[2009-07-10 14:22:31 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT[2009-07-10 13:13:40 | 00,005,702 | -H-- | C] () -- C:\Windows\nod32restoretemdono.reg[2009-07-10 13:13:40 | 00,000,568 | -H-- | C] () -- C:\Windows\nod32fixtemdono.reg[2009-07-10 13:11:56 | 00,000,000 | ---D | C] -- C:\Program Files\ESET[2009-07-10 10:29:40 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\AppData\Local\ESET[2009-07-10 10:29:23 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\AppData\Roaming\ESET[2009-07-10 10:27:48 | 00,000,000 | ---D | C] -- C:\ProgramData\ESET[2009-07-09 16:21:31 | 00,002,988 | ---- | C] () -- C:\Windows\desctemp.dat[2009-07-09 15:20:23 | 00,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files[2009-07-06 11:33:10 | 00,000,000 | ---D | C] -- C:\Users\cezarpiotr\AppData\Local\Microsoft Games[2009-06-25 13:51:15 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll[2009-06-12 11:28:23 | 00,002,828 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys[2009-06-12 11:28:23 | 00,000,088 | RHS- | C] () -- C:\Windows\System32\290071F6DD.sys[2009-05-25 15:19:38 | 00,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys[2009-05-23 02:19:09 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll[2009-05-23 02:13:57 | 00,015,928 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys[2009-05-23 02:13:03 | 01,772,544 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys[2009-05-23 02:13:03 | 00,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini[2009-05-23 02:13:02 | 00,176,128 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll[2009-05-23 02:13:02 | 00,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys[2009-05-22 19:29:03 | 00,688,864 | ---- | C] () -- C:\Windows\System32\drivers\torususb.sys[2009-05-22 19:29:03 | 00,000,161 | ---- | C] () -- C:\Windows\DSLSetup.ini[2008-09-12 16:21:02 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest[2008-07-29 17:33:22 | 00,057,344 | ---- | C] () -- C:\Windows\System32\BtwNamespaceExt2.dll[2008-04-18 01:45:31 | 00,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini[2006-11-02 14:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll[2006-11-02 12:23:31 | 00,000,254 | ---- | C] () -- C:\Windows\win.ini[2006-11-02 12:23:31 | 00,000,215 | ---- | C] () -- C:\Windows\system.ini[2006-11-02 09:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini========== Files - Modified Within 30 Days ==========[1 C:\Windows\*.tmp files][2009-08-02 13:11:57 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\cezarpiotr\Desktop\OTL.exe[2009-08-02 13:05:54 | 00,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0[2009-08-02 13:05:54 | 00,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0[2009-08-02 13:05:45 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT[2009-08-02 13:05:41 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat[2009-08-02 13:05:32 | 32,204,63616 | -HS- | M] () -- C:\hiberfil.sys[2009-08-02 00:35:15 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat[2009-08-02 00:35:03 | 03,357,462 | -H-- | M] () -- C:\Users\cezarpiotr\AppData\Local\IconCache.db[2009-08-01 18:47:44 | 00,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe[2009-07-30 18:56:15 | 00,042,496 | ---- | M] () -- C:\Users\cezarpiotr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2009-07-30 15:02:57 | 00,002,828 | -HS- | M] () -- C:\Windows\System32\KGyGaAvL.sys[2009-07-30 14:16:08 | 00,016,852 | ---- | M] () -- C:\Users\cezarpiotr\Desktop\Jak zainstalować Windows XP by AndrzejSnk.docx[2009-07-21 12:22:59 | 00,178,218 | ---- | M] () -- C:\Windows\hpoins28.dat[2009-07-21 12:20:41 | 00,000,254 | ---- | M] () -- C:\Windows\win.ini[2009-07-21 12:10:04 | 00,002,002 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk[2009-07-20 18:10:24 | 01,715,912 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT[2009-07-20 13:59:59 | 00,099,864 | ---- | M] () -- C:\Users\cezarpiotr\AppData\Local\GDIPFONTCACHEV1.DAT[2009-07-19 17:59:56 | 00,196,608 | ---- | M] () -- C:\Windows\System32\Ikeext.etl[2009-07-18 18:06:20 | 00,827,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll[2009-07-18 18:06:05 | 01,166,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll[2009-07-18 18:04:41 | 00,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\occache.dll[2009-07-18 18:03:16 | 00,671,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll[2009-07-18 18:02:53 | 03,583,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll[2009-07-18 18:02:50 | 00,458,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll[2009-07-18 18:02:05 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll[2009-07-18 18:01:49 | 06,069,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll[2009-07-18 18:01:49 | 00,270,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll[2009-07-18 18:01:48 | 00,389,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll[2009-07-18 18:01:48 | 00,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll[2009-07-18 18:01:48 | 00,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll[2009-07-18 12:16:01 | 00,389,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec[2009-07-18 11:46:14 | 00,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe[2009-07-18 11:45:19 | 01,383,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb[2009-07-15 17:31:05 | 00,000,088 | RHS- | M] () -- C:\Windows\System32\290071F6DD.sys[2009-07-12 14:57:30 | 00,665,404 | ---- | M] () -- C:\Windows\System32\perfh015.dat[2009-07-12 14:57:30 | 00,590,082 | ---- | M] () -- C:\Windows\System32\perfh009.dat[2009-07-12 14:57:30 | 00,128,164 | ---- | M] () -- C:\Windows\System32\perfc015.dat[2009-07-12 14:57:30 | 00,102,094 | ---- | M] () -- C:\Windows\System32\perfc009.dat[2009-07-12 14:57:29 | 01,477,664 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI[2009-07-10 14:29:08 | 00,000,215 | ---- | M] () -- C:\Windows\system.ini[2009-07-10 09:22:20 | 00,000,680 | ---- | M] () -- C:\Users\cezarpiotr\AppData\Local\d3d9caps.dat[2009-07-09 16:25:52 | 00,002,988 | ---- | M] () -- C:\Windows\desctemp.dat[2009-07-07 17:10:56 | 24,539,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe========== LOP Check ==========[2009-07-30 15:47:09 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming[2009-08-01 18:29:54 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\AIMP[2009-05-22 19:16:45 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\ATI[2009-06-12 11:28:24 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\Corel[2009-05-22 21:15:22 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\CyberLink[2009-05-25 16:09:19 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\DAEMON Tools Lite[2009-07-10 10:29:23 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\ESET[2009-07-14 23:19:45 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\gtk-2.0[2006-11-02 14:37:34 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\Media Center Programs[2009-06-19 19:16:26 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\Mount&Blade[2009-05-22 23:20:46 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\Nowe Gadu-Gadu[2009-05-23 17:36:56 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\OpenFM[2009-06-13 18:42:12 | 00,000,000 | RH-D | M] -- C:\Users\cezarpiotr\AppData\Roaming\SecuROM[2009-07-12 16:53:29 | 00,000,000 | ---D | M] -- C:\Users\cezarpiotr\AppData\Roaming\uTorrent[2006-11-02 14:37:34 | 00,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming[2006-11-02 14:37:34 | 00,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Media Center Programs[2006-11-02 14:37:34 | 00,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming[2006-11-02 14:37:34 | 00,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Media Center Programs[2009-08-02 13:05:45 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT[2009-08-02 00:35:15 | 00,032,544 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT========== Purity Check ==================== Alternate Data Streams ==========@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:DFC5A2B2@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:7E95B6FD< End of report >

PROSZĘ O SPRAWDZENIE...:)

Gość
komentarz
komentarz

Jest OK.

.

  • Dobra wypowiedź 1
cezarpiotr
komentarz
komentarz

kurczę, to już nie kapuje....:/

komputer zaczął mi się ścinać, czasami, co jakiś czas podczas włączania go nie włącza mi się, muszę go zrestartować i dopiero wtedy się odpala....:/

jak skanuję komputer moim ESETEM to stanie na 58% i dalej nie ruszy...:/

coś jest jednak nie tak...:/

MarekM25
komentarz
komentarz

Log jest w miarę czysty, więc to nie są na pewno wirusy ;)

Usuń jeszcze ręcznie ten plik: C:\Windows\PEV.exe

I co do wirusów to myślę, że będzie na tyle.

Teraz musimy dalej posprawdzać.

Wykonaj optymalizację komputera: http://www.forumpc.pl/index.php?showtopic=17478

Sądzę, że nie dużo da albo wgl. Myślę, że problem może leżeć w sprzęcie, więc powinnieneś się skierować do działu sprzętowego może tam czegoś się dowiesz;)

  • Dobra wypowiedź 1
cezarpiotr
komentarz
komentarz

usunąłem go...:)

co do tej optymalizacji ja mam Windowsa Vistę, a nie xp...:/

????

ale jak problem ze sprzętem, nie kapuje, o co może chodzić ??

MarekM25
komentarz
komentarz

procedura optymalizacji mniej więcej ta sama

spytaj w dziale sprzęt;)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.