Gość utworzono 13 września 2009 utworzono 13 września 2009 (edytowane) Log do sprawdzenia OTL logfile created on: 2009-09-13 17:11:58 - Run 1OTL by OldTimer - Version 3.0.11.0 Folder = C:\Documents and Settings\XP\Moje dokumenty\PobieranieWindows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 7.0.5730.13)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File freePaging file location(s): C:\pagefile.sys 2046 4092 [binary data]%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 146,48 Gb Total Space | 123,52 Gb Free Space | 84,33% Space Free | Partition Type: NTFSDrive D: | 151,60 Gb Total Space | 151,33 Gb Free Space | 99,82% Space Free | Partition Type: NTFSE: Drive not present or media not loadedF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loadedComputer Name: SPECIAL-XPCurrent User Name: XPLogged in as Administrator.Current Boot Mode: NormalScan Mode: All usersCompany Name Whitelist: OnSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard========== Processes (SafeList) ==========PRC - [2007-01-10 07:59:32 | 00,108,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exePRC - [2008-04-14 22:51:18 | 00,977,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXEPRC - [2009-08-03 17:58:24 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exePRC - [2008-08-24 06:11:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exePRC - [2004-09-29 12:14:36 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exePRC - [2008-10-31 07:24:28 | 00,095,528 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exePRC - [2008-10-31 07:24:28 | 01,365,288 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exePRC - [2008-07-16 13:14:00 | 16,806,400 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXEPRC - [2009-08-03 17:58:24 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exePRC - [2007-05-06 17:41:54 | 01,194,496 | ---- | M] () -- C:\Program Files\Kalendarz XP\Kalendarz.exePRC - [2007-01-10 07:59:52 | 00,115,816 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exePRC - [2006-10-27 00:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exePRC - [2005-05-11 23:12:54 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exePRC - [2008-09-30 14:06:50 | 00,485,208 | ---- | M] (Nikon Corporation) -- C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exePRC - [2009-06-30 14:12:58 | 01,032,192 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exePRC - [2007-04-30 03:00:00 | 00,032,768 | R--- | M] (Creative Technology Ltd.) -- C:\WINDOWS\V0420Mon.exePRC - [2007-06-07 14:01:38 | 00,155,648 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exePRC - [2007-03-19 00:05:02 | 00,630,784 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exePRC - [2006-05-21 09:43:08 | 00,180,224 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exePRC - [2006-05-21 09:43:14 | 00,155,648 | ---- | M] (Y'z@Home) -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exePRC - [2008-10-31 07:24:26 | 01,705,256 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exePRC - [2009-09-10 18:54:14 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exePRC - [2009-09-13 16:59:13 | 00,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\HijackThis\HijackThis.exePRC - [2009-09-13 17:11:23 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\XP\Moje dokumenty\Pobieranie\OTL.exe========== Win32 Services (SafeList) ==========SRV - File not found -- -- (AlerterALG [Auto | Stopped])SRV - [2008-07-25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])SRV - [2007-01-10 07:59:32 | 00,108,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr [Auto | Running])SRV - [2007-01-10 07:59:32 | 00,108,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr [Auto | Running])SRV - [2008-07-25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])SRV - [2007-01-10 07:59:32 | 00,108,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService [Auto | Running])SRV - [2007-01-13 05:40:58 | 00,049,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost [On_Demand | Stopped])SRV - [2008-07-29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])SRV - [2009-08-04 12:45:05 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate [Auto | Stopped])SRV - [2008-04-14 22:50:46 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])SRV - [2005-04-04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])SRV - [2008-07-29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Stopped])SRV - [2009-08-03 17:58:24 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])SRV - [2007-09-12 18:27:24 | 02,999,664 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate [On_Demand | Stopped])SRV - [2007-01-10 07:59:32 | 00,108,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice Ex [Auto | Running])SRV - [2008-01-29 17:38:31 | 00,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service [Auto | Stopped])SRV - [2006-10-27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])SRV - [2008-07-29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])SRV - [2008-08-24 06:11:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])SRV - [2004-09-29 12:14:36 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Running])SRV - [2008-10-31 07:24:28 | 00,095,528 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe -- (SbPF.Launcher [Auto | Running])SRV - [2009-06-02 10:10:08 | 00,637,952 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])SRV - [2008-10-31 07:24:28 | 01,365,288 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe -- (SPF4 [Auto | Running])SRV - [2009-08-03 19:16:40 | 01,251,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC [On_Demand | Stopped])SRV - [2006-12-01 11:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])========== Driver Services (SafeList) ==========DRV - [2003-12-08 11:53:48 | 00,053,600 | ---- | M] (THOMSON) -- C:\WINDOWS\System32\DRIVERS\alcan5wn.sys -- (alcan5wn [On_Demand | Running])DRV - [2003-12-08 11:53:46 | 00,070,688 | ---- | M] (THOMSON) -- C:\WINDOWS\System32\DRIVERS\alcaudsl.sys -- (alcaudsl [On_Demand | Running])DRV - [2009-08-04 15:11:32 | 00,278,984 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\atksgt.sys -- (atksgt [Auto | Running])DRV - [2009-08-27 10:00:00 | 00,371,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl [system | Running])DRV - [2009-08-27 10:00:00 | 00,102,448 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv [On_Demand | Running])DRV - [2008-04-17 13:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])DRV - [2008-04-13 22:06:06 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])DRV - [2005-03-08 06:43:25 | 00,051,120 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])DRV - [2005-03-08 06:43:26 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])DRV - [2005-03-08 06:43:27 | 00,021,744 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])DRV - [2008-07-16 12:52:00 | 04,747,776 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])DRV - [2009-08-04 15:11:32 | 00,025,416 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\lirsgt.sys -- (lirsgt [Auto | Running])DRV - [2004-08-13 20:56:20 | 00,005,810 | R--- | M] () -- C:\WINDOWS\System32\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running])DRV - [2009-08-25 10:00:00 | 00,084,912 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090913.004\NAVENG.SYS -- (NAVENG [On_Demand | Running])DRV - [2009-08-25 10:00:00 | 01,323,568 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090913.004\NAVEX15.SYS -- (NAVEX15 [On_Demand | Running])DRV - [2009-02-09 08:37:46 | 00,017,664 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys -- (nmwcd [On_Demand | Stopped])DRV - [2009-02-09 08:37:46 | 00,022,016 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys -- (nmwcdc [On_Demand | Stopped])DRV - [2008-08-24 06:11:00 | 06,128,352 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])DRV - [2008-08-26 10:26:12 | 00,018,816 | ---- | M] (Nokia) -- C:\WINDOWS\System32\DRIVERS\pccsmcfd.sys -- (pccsmcfd [On_Demand | Stopped])DRV - [2001-08-17 23:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])DRV - [2008-08-20 19:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [boot | Running])DRV - [2008-01-03 16:10:16 | 00,105,856 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp [On_Demand | Running])DRV - [2008-10-31 07:09:06 | 00,270,888 | R--- | M] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\SbFw.sys -- (SbFw [system | Running])DRV - [2008-06-21 04:54:54 | 00,065,576 | ---- | M] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\DRIVERS\sbfwim.sys -- (SBFWIMCL [On_Demand | Running])DRV - [2008-06-21 04:54:54 | 00,066,600 | R--- | M] (Sunbelt Software, Inc.) -- C:\WINDOWS\system32\drivers\sbhips.sys -- (sbhips [system | Running])DRV - [2008-04-13 22:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])DRV - [2008-05-02 08:48:55 | 00,062,208 | ---- | M] (Silicon Image, Inc.) -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112 [boot | Running])DRV - [2007-04-14 02:49:32 | 00,418,104 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv [system | Running])DRV - [2009-08-05 19:39:04 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [boot | Running])DRV - [2007-11-30 23:57:12 | 00,279,088 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SRTSP.SYS -- (SRTSP [On_Demand | Running])DRV - [2007-11-30 23:57:12 | 00,317,616 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SRTSPL.SYS -- (SRTSPL [On_Demand | Stopped])DRV - [2007-11-30 23:57:12 | 00,043,696 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SRTSPX.SYS -- (SRTSPX [system | Running])DRV - [2007-01-10 00:32:14 | 00,012,984 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS [On_Demand | Running])DRV - [2009-08-03 19:18:20 | 00,124,464 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMEVENT.SYS -- (SymEvent [On_Demand | Running])DRV - [2007-01-10 00:32:14 | 00,145,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW [On_Demand | Running])DRV - [2007-01-10 00:32:14 | 00,040,120 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS [On_Demand | Running])DRV - [2009-07-03 20:57:36 | 00,251,768 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SymcData\idsdefs\20090826.001\SymIDSco.sys -- (SYMIDSCO [On_Demand | Running])DRV - [2007-01-10 00:32:14 | 00,035,256 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS [On_Demand | Running])DRV - [2007-01-10 00:32:14 | 00,027,576 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV [On_Demand | Running])DRV - [2007-01-10 00:32:14 | 00,191,544 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI [system | Running])DRV - [2009-02-09 08:37:48 | 00,007,808 | ---- | M] (Nokia) -- C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys -- (upperdev [On_Demand | Stopped])DRV - [2008-04-14 00:15:14 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Running])DRV - [2008-04-14 00:15:38 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbser.sys -- (usbser [On_Demand | Stopped])DRV - [2009-02-09 08:37:56 | 00,007,808 | ---- | M] (Nokia) -- C:\WINDOWS\System32\DRIVERS\usbser_lowerfltj.sys -- (UsbserFilt [On_Demand | Stopped])DRV - [2007-05-31 03:32:34 | 00,099,648 | R--- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\DRIVERS\V0420Vid.sys -- (V0420VID [On_Demand | Running])========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://securityresponse.symantec.com/avcenter/fix_homepage/'>http://securityresponse.symantec.com/avcenter/fix_homepage/IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-onsIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRiskIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/'>http://securityresponse.symantec.com/avcenter/fix_homepage/IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.msn.com/spbasic.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htmIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepageIE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepageIE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepageIE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htmIE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htmIE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepageIE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htmIE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htmIE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = IE - HKU\S-1-5-21-1644491937-1417001333-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\S-1-5-21-1644491937-1417001333-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htmIE - HKU\S-1-5-21-1644491937-1417001333-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\S-1-5-21-1644491937-1417001333-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepageIE - HKU\S-1-5-21-1644491937-1417001333-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htmIE - HKU\S-1-5-21-1644491937-1417001333-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htmIE - HKU\S-1-5-21-1644491937-1417001333-682003330-1003\S-1-5-21-1644491937-1417001333-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0========== FireFox ==========FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-10 18:54:19 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-10 20:21:09 | 00,000,000 | ---D | M][2009-08-03 19:55:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dane aplikacji\mozilla\Extensions[2009-08-03 19:55:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}[2009-09-12 18:39:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dane aplikacji\mozilla\Firefox\Profiles\fwonz3jw.default\extensions[2009-09-02 12:48:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dane aplikacji\mozilla\Firefox\Profiles\fwonz3jw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}[2009-08-19 18:02:39 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions[2009-09-10 18:54:14 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}[2009-09-10 18:54:14 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll[2009-09-10 18:54:14 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll[2009-09-10 18:54:15 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll[2009-02-27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll[2009-07-15 21:00:25 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml[2009-07-15 21:00:25 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml[2009-07-15 21:00:25 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml[2009-07-15 21:00:25 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml[2009-07-15 21:00:25 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml[2009-07-15 21:00:25 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml[2009-07-15 21:00:25 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xmlO1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\HostsO1 - Hosts: 127.0.0.1 localhostO2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll (Symantec Corporation)O2 - BHO: (no name) - {66d1d225-798b-4ca0-ada3-a7801f4046f6} - C:\WINDOWS\System32\vijohato.dll ()O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\XP\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll (Symantec Corporation)O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [bawibumuz] C:\WINDOWS\System32\davafuhu.DLL File not foundO4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co.)O4 - HKLM..\Run: [Kalendarz XP] C:\Program Files\Kalendarz XP\Kalendarz.exe ()O4 - HKLM..\Run: [mevuzejoje] C:\WINDOWS\System32\juneteyo.DLL ()O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe (Nokia)O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)O4 - HKLM..\Run: [speedTouch USB Diagnostics] C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe (THOMSON Telecom Belgium)O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)O4 - HKLM..\Run: [symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)O4 - HKLM..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software)O4 - HKLM..\Run: [V0420Mon.exe] C:\WINDOWS\V0420Mon.exe (Creative Technology Ltd.)O4 - HKU\S-1-5-21-1644491937-1417001333-682003330-1003..\Run: [Creative Live! Cam Manager] C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe (Creative Technology Ltd.)O4 - HKU\S-1-5-21-1644491937-1417001333-682003330-1003..\Run: [skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)O4 - HKU\.DEFAULT..\RunOnce: [] File not foundO4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not foundO4 - HKU\.DEFAULT..\RunOnce: [nltide_3] C:\WINDOWS\System32\advpack.DLL (Microsoft Corporation)O4 - HKU\S-1-5-18..\RunOnce: [] File not foundO4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not foundO4 - HKU\S-1-5-18..\RunOnce: [nltide_3] C:\WINDOWS\System32\advpack.DLL (Microsoft Corporation)O4 - HKU\S-1-5-19..\RunOnce: [] File not foundO4 - HKU\S-1-5-20..\RunOnce: [] File not foundO4 - Startup: C:\Documents and Settings\XP\Menu Start\Programy\Autostart\RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ()O4 - Startup: C:\Documents and Settings\XP\Menu Start\Programy\Autostart\TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe (AKSoftware)O4 - Startup: C:\Documents and Settings\XP\Menu Start\Programy\Autostart\UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe ()O4 - Startup: C:\Documents and Settings\XP\Menu Start\Programy\Autostart\Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe (Y'z@Home)O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\main presentO6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCMD = 0O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 0O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NofolderOptions = 0O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCMD = 0O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 0O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NofolderOptions = 0O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCMD = 0O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 0O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NofolderOptions = 0O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 0O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NofolderOptions = 0O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-1644491937-1417001333-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-1644491937-1417001333-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149O7 - HKU\S-1-5-21-1644491937-1417001333-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0O7 - HKU\S-1-5-21-1644491937-1417001333-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O7 - HKU\S-1-5-21-1644491937-1417001333-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0O7 - HKU\S-1-5-21-1644491937-1417001333-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0O7 - HKU\S-1-5-21-1644491937-1417001333-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 0O7 - HKU\S-1-5-21-1644491937-1417001333-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NofolderOptions = 0O7 - HKU\S-1-5-21-1644491937-1417001333-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0O7 - HKU\S-1-5-21-1644491937-1417001333-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0O7 - HKU\S-1-5-21-1644491937-1417001333-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0O7 - HKU\S-1-5-21-1644491937-1417001333-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0O7 - HKU\S-1-5-21-1644491937-1417001333-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0O7 - HKU\S-1-5-21-1644491937-1417001333-682003330-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\ipp - No CLSID value foundO18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp - No CLSID value foundO18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)O20 - AppInit_DLLs: (c:\windows\system32\davafuhu.dll) - C:\WINDOWS\System32\davafuhu.dll File not foundO20 - AppInit_DLLs: (yotetefu.dll) - C:\WINDOWS\System32\yotetefu.dll ()O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)O21 - SSODL: lahamayes - {1ff33e0f-8ef7-4f9c-b405-e3e90728d4c8} - C:\WINDOWS\System32\davafuhu.dll File not foundO22 - SharedTaskScheduler: {1ff33e0f-8ef7-4f9c-b405-e3e90728d4c8} - tokatiluy - C:\WINDOWS\System32\davafuhu.dll File not foundO24 - Desktop Components:0 (My Current Home Page) - About:HomeO28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not foundO28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)O31 - SafeBoot: AlternateShell - cmd.exeO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2009-08-08 14:28:05 | 00,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O34 - HKLM BootExecute: ('autocheck) - File not foundO34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)O34 - HKLM BootExecute: (*') - File not found========== Files/Folders - Created Within 30 Days ==========[1 C:\WINDOWS\System32\*.tmp files][3 C:\WINDOWS\*.tmp files][2009-09-13 16:59:13 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\XP\Pulpit\HijackThis.lnk[2009-09-13 16:55:37 | 00,000,000 | ---D | C] -- C:\VundoFix Backups[2009-09-13 16:30:01 | 00,049,664 | -HS- | C] () -- C:\WINDOWS\System32\lorizuzu.dll[2009-09-13 16:29:58 | 00,037,888 | -HS- | C] () -- C:\WINDOWS\System32\pidizowi.dll[2009-09-13 13:53:30 | 00,270,888 | R--- | C] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\SbFw.sys[2009-09-13 13:53:26 | 00,000,000 | ---D | C] -- C:\Program Files\Sunbelt Software[2009-09-13 13:52:47 | 00,065,576 | ---- | C] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\SbFwIm.sys[2009-09-13 13:36:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ime[2009-09-13 13:19:34 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP[2009-09-13 10:34:28 | 00,000,000 | RHSD | C] -- C:\RECYCLER[2009-09-13 10:33:15 | 00,000,000 | ---D | C] -- C:\Program Files\xerox[2009-09-13 10:33:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom[2009-09-13 10:33:14 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage[2009-09-13 10:29:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp[2009-09-13 10:17:34 | 00,000,211 | ---- | C] () -- C:\Boot.bak[2009-09-13 10:17:31 | 00,262,400 | ---- | C] () -- C:\cmldr[2009-09-13 10:17:30 | 00,000,000 | RHSD | C] -- C:\cmdcons[2009-09-13 10:02:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XP\Moje dokumenty\Simply Super Software[2009-09-13 10:02:33 | 00,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll[2009-09-13 10:02:33 | 00,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll[2009-09-13 10:02:33 | 00,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll[2009-09-13 10:02:33 | 00,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll[2009-09-13 10:02:33 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ztvcabinet.dll[2009-09-13 10:02:32 | 00,000,000 | ---D | C] -- C:\Program Files\Trojan Remover[2009-09-13 10:02:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dane aplikacji\Simply Super Software[2009-09-13 10:02:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Simply Super Software[2009-09-13 10:01:02 | 00,230,912 | ---- | C] () -- C:\WINDOWS\PEV.exe[2009-09-13 10:01:02 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe[2009-09-13 10:01:02 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe[2009-09-13 10:01:02 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe[2009-09-13 10:01:02 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe[2009-09-13 10:01:02 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe[2009-09-13 10:01:02 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe[2009-09-13 10:01:02 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe[2009-09-13 09:59:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT[2009-09-13 09:58:43 | 00,000,000 | ---D | C] -- C:\Qoobox[2009-09-12 22:55:27 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro[2009-09-12 15:20:36 | 00,132,096 | ---- | C] () -- C:\khwx.exe[2009-09-12 15:20:36 | 00,087,552 | ---- | C] () -- C:\ehmukn.exe[2009-09-12 15:20:35 | 00,049,152 | ---- | C] () -- C:\qcmqsqna.exe[2009-09-11 21:00:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XP\Dane aplikacji\Media Player Classic[2009-09-10 22:18:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump[2009-09-10 18:54:45 | 00,000,000 | ---D | C] -- C:\spoolerlogs[2009-09-10 16:01:31 | 00,148,480 | ---- | C] () -- C:\WINDOWS\msa.exe.vir[2009-09-10 16:01:19 | 00,228,356 | ---- | C] () -- C:\WINDOWS\System32\msxml71.dll.vir[2009-09-09 16:17:31 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\triedit.dll[2009-09-03 17:43:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XP\Ustawienia lokalne\Dane aplikacji\cache[2009-08-31 21:25:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XP\Pulpit\weseleSeba Siwa[2009-08-31 13:09:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\303E[2009-08-31 13:09:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\XP\Moje dokumenty\My Received Files[2009-08-31 13:09:34 | 00,076,407 | ---- | C] () -- C:\Documents and Settings\XP\Dane aplikacji\Smiley.ico[2009-08-31 13:09:15 | 00,483,328 | ---- | C] (SoftShape Development) -- C:\WINDOWS\System32\actskn45.ocx[2009-08-18 20:07:13 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx[2009-08-18 20:06:57 | 01,315,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll[2009-08-05 19:39:04 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys[2009-08-04 15:11:32 | 00,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys[2009-08-04 15:11:32 | 00,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys[2009-08-03 17:58:47 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll[2009-08-03 17:58:47 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini[2009-08-03 17:58:46 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll[2009-08-03 17:58:46 | 00,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll[2009-08-03 17:58:46 | 00,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll[2009-08-03 17:58:44 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll[2009-08-03 17:58:44 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest[2009-08-03 17:46:50 | 00,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll[2009-08-03 17:38:39 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys[2009-08-03 17:38:33 | 00,024,402 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini[2009-08-03 17:38:33 | 00,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS[2009-06-13 16:30:33 | 00,049,664 | -HS- | C] () -- C:\WINDOWS\System32\yotetefu.dll[2009-06-13 16:30:33 | 00,049,664 | -HS- | C] () -- C:\WINDOWS\System32\vijohato.dll[2009-06-13 16:30:33 | 00,049,664 | -HS- | C] () -- C:\WINDOWS\System32\juneteyo.dll[2009-06-12 15:25:46 | 00,088,576 | ---- | C] () -- C:\WINDOWS\System32\wimavapa.dll.vir[2009-06-12 15:20:40 | 00,049,152 | -HS- | C] () -- C:\WINDOWS\System32\busoguze.dll[2009-06-12 15:20:40 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\lesuzeka.dll.vir[2008-08-24 06:11:00 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll[2008-08-24 06:11:00 | 01,499,136 | ---- | C] () -- C:\WINDOWS\System32\nview.dll[2008-08-24 06:11:00 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll[2008-08-24 06:11:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll[2008-08-24 06:11:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll[2008-06-11 09:02:34 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll[2008-06-11 09:02:34 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll[2008-06-11 09:02:34 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll[2008-06-11 09:02:34 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll[2008-06-11 09:02:34 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll[2008-06-11 09:02:34 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll[2008-06-11 09:02:32 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll[2008-06-11 09:02:32 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll[2008-06-11 09:02:32 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll[2008-06-05 08:58:26 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll[2008-05-03 09:24:01 | 00,000,082 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini[2007-03-29 23:00:40 | 00,203,264 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll[2001-07-22 00:16:20 | 00,000,637 | ---- | C] () -- C:\WINDOWS\win.ini[2001-07-22 00:15:52 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini[2001-07-06 15:30:02 | 00,003,234 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI========== Files - Modified Within 30 Days ==========[1 C:\WINDOWS\System32\*.tmp files][3 C:\WINDOWS\*.tmp files][2009-09-13 17:11:40 | 00,011,168 | -H-- | M] () -- C:\WINDOWS\System32\kevajesu[2009-09-13 16:59:13 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\XP\Pulpit\HijackThis.lnk[2009-09-13 16:50:00 | 00,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job[2009-09-13 16:44:11 | 00,001,024 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job[2009-09-13 16:44:07 | 00,200,513 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml[2009-09-13 16:44:04 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT[2009-09-13 16:44:02 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2009-09-13 16:30:31 | 00,049,664 | -HS- | M] () -- C:\WINDOWS\System32\lorizuzu.dll[2009-09-13 16:29:59 | 00,037,888 | -HS- | M] () -- C:\WINDOWS\System32\pidizowi.dll[2009-09-13 16:29:39 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP[2009-09-13 10:35:30 | 00,502,302 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat[2009-09-13 10:35:30 | 00,443,722 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat[2009-09-13 10:35:30 | 00,088,528 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat[2009-09-13 10:35:30 | 00,071,684 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat[2009-09-13 10:35:29 | 01,120,440 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI[2009-09-13 10:33:45 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini[2009-09-13 10:33:30 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts[2009-09-13 10:17:35 | 00,000,281 | RHS- | M] () -- C:\boot.ini[2009-09-12 22:24:32 | 00,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk[2009-09-12 15:25:48 | 00,088,576 | ---- | M] () -- C:\WINDOWS\System32\wimavapa.dll.vir[2009-09-12 15:20:43 | 00,132,096 | ---- | M] () -- C:\khwx.exe[2009-09-12 15:20:42 | 00,087,552 | ---- | M] () -- C:\ehmukn.exe[2009-09-12 15:20:42 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe[2009-09-12 15:20:40 | 00,049,152 | ---- | M] () -- C:\qcmqsqna.exe[2009-09-12 11:10:32 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2009-09-11 20:56:31 | 00,474,598 | ---- | M] () -- C:\Documents and Settings\XP\Dane aplikacji\NMM-MetaData.db[2009-09-11 20:56:14 | 00,013,824 | ---- | M] () -- C:\Documents and Settings\XP\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2009-09-10 16:01:28 | 00,148,480 | ---- | M] () -- C:\WINDOWS\msa.exe.vir[2009-09-10 16:01:19 | 00,228,356 | ---- | M] () -- C:\WINDOWS\System32\msxml71.dll.vir[2009-09-09 18:22:31 | 00,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK[2009-09-03 22:25:22 | 00,230,912 | ---- | M] () -- C:\WINDOWS\PEV.exe[2009-08-30 21:15:50 | 00,002,319 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia Music.lnk[2009-08-20 09:26:53 | 00,074,736 | ---- | M] () -- C:\Documents and Settings\XP\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT[2009-08-20 09:26:29 | 00,283,720 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT========== LOP Check ==========[2009-09-13 13:19:34 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji[2009-08-03 19:16:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}[2009-08-31 13:09:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\303E[2009-08-03 18:01:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ACD Systems[2009-08-05 19:43:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite[2009-08-05 22:34:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Downloaded Installations[2009-08-03 22:44:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EnterNHelp[2009-08-03 22:44:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Galaxy Swirl[2009-08-05 22:32:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations[2009-08-08 14:27:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\muvee Technologies[2009-08-03 22:46:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nikon[2009-08-04 18:53:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaMusic[2009-08-04 13:08:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton[2009-08-04 13:06:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller[2009-09-12 12:33:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM[2009-08-04 13:58:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite[2009-09-13 10:02:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Simply Super Software[2009-08-03 22:44:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ultima_T15[2009-08-03 19:25:47 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji[2009-08-03 17:34:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji[2009-08-03 17:34:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji[2009-09-13 10:02:32 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\XP\Dane aplikacji[2009-08-03 18:02:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dane aplikacji\ACD Systems[2009-08-03 20:33:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dane aplikacji\AIMP[2009-08-04 13:09:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dane aplikacji\ArcSoft[2009-08-05 19:44:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dane aplikacji\DAEMON Tools Lite[2009-08-08 20:56:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dane aplikacji\muvee Technologies[2009-08-09 20:44:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dane aplikacji\Nokia[2009-09-12 11:19:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dane aplikacji\Nowe Gadu-Gadu[2009-08-03 21:06:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dane aplikacji\OpenFM[2009-08-04 19:19:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dane aplikacji\PC Suite[2009-09-13 10:02:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\XP\Dane aplikacji\Simply Super Software[2001-07-22 00:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini[2009-09-13 16:44:11 | 00,001,024 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job[2009-09-13 16:50:00 | 00,001,028 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job[2009-09-13 16:44:04 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT========== Purity Check ==================== Alternate Data Streams ==========@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:CB0AACC9< End of report > Norton pokazuje mi obecność trojana vundo. Za kazdym razem go usuwam, ale on pojawia sie na nowo.
MarekM25 komentarz 15 września 2009 komentarz 15 września 2009 Skorzystaj z http://cybertrash.pl/images/tata/VundoFix/VundoFix.html i daj loga z combofixa
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.