x-kom hosting

Kłopoty przy włączaniu komputera

chrisx94
utworzono
utworzono (edytowane)

proszę o sprawdzenie logu:


[log]Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:34:17, on 2009-10-06
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
H:\windows\System32\smss.exe
H:\windows\system32\winlogon.exe
H:\windows\system32\services.exe
H:\windows\system32\lsass.exe
H:\windows\system32\svchost.exe
H:\windows\System32\svchost.exe
H:\windows\system32\svchost.exe
H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
H:\Program Files\Alwil Software\Avast4\ashServ.exe
H:\windows\system32\spoolsv.exe
H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
H:\Program Files\Bonjour\mDNSResponder.exe
H:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
H:\windows\system32\CTsvcCDA.exe
H:\windows\system32\nvsvc32.exe
H:\windows\system32\PnkBstrA.exe
H:\windows\system32\svchost.exe
H:\Program Files\PremierOpinion\pmropn.exe
H:\windows\Explorer.EXE
H:\windows\RTHDCPL.EXE
H:\Program Files\Java\jre6\bin\jusched.exe
H:\windows\system32\RUNDLL32.EXE
H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
H:\WINDOWS\system32\rmctrl.exe
H:\Program Files\Winamp\winampa.exe
H:\Program Files\Common Files\Real\Update_OB\realsched.exe
H:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
H:\WINDOWS\system32\wbem\unsecapp.exe
H:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
H:\Program Files\iTunes\iTunesHelper.exe
H:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
H:\windows\V0230Mon.exe
H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
H:\windows\system32\ctfmon.exe
H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
H:\Program Files\Messenger\msmsgs.exe
H:\Program Files\OpenOffice.org 3\program\soffice.exe
H:\Program Files\OpenOffice.org 3\program\soffice.bin
H:\windows\system32\wuauclt.exe
H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
H:\Program Files\iPod\bin\iPodService.exe
H:\Program Files\HijackThis\HijackThis.exe
H:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
F2 - REG:system.ini: UserInit=H:\WINDOWS\system32\userinit.exe,userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Softonic-en Toolbar - {983ad4d4-8b63-442f-8684-fbc1c067949c} - H:\Program Files\Softonic-en\tbSoft.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Softonic-en Toolbar - {983ad4d4-8b63-442f-8684-fbc1c067949c} - H:\Program Files\Softonic-en\tbSoft.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] H:\WINDOWS\system32\rmctrl.exe
O4 - HKLM\..\Run: [WinampAgent] "H:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [TkBellExe] "H:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "H:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "H:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [mirc] C:\WINDOWS\WINCRA\mirc.exe
O4 - HKLM\..\Run: [CTCheck] H:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "H:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVFX Engine] H:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [H:\windows\system32\V0230Cvw.dll] H:\windows\system32\RegSvr32.exe /s H:\windows\system32\V0230Cvw.dll
O4 - HKLM\..\Run: [V0230Mon.exe] H:\windows\V0230Mon.exe
O4 - HKLM\..\Run: [GrooveMonitor] "H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] H:\windows\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [LaunchList] H:\Program Files\Pinnacle\Studio 9\LaunchList.exe
O4 - HKLM\..\RunOnce: [InstallShieldSetup] H:\PROGRA~1\INSTAL~1\{9E491~1\Setup.exe -rebootH:\PROGRA~1\INSTAL~1\{9E491~1\reboot.ini -l0x15
O4 - HKCU\..\Run: [CTFMON.EXE] H:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "H:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Nowe Gadu-Gadu] "H:\Program Files\Nowe Gadu-Gadu\gg.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "H:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "H:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [ares] "H:\Program Files\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Default user')
O4 - Startup: OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCfox000
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: PremierOpinion - H:\Program Files\PremierOpinion\pmls.dll
O23 - Service: Apple Mobile Device - Apple Inc. - H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - H:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - H:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - H:\windows\system32\CTsvcCDA.exe
O23 - Service: Findbasic Service - Unknown owner - H:\Documents and Settings\All Users\Dane aplikacji\Findbasic\findbasic121.exe
O23 - Service: Google Update Service (gupdate1c9acba996552fe) (gupdate1c9acba996552fe) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - H:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\windows\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - H:\windows\system32\PnkBstrA.exe

--
End of file - 10204 bytes[/log]

[color="#0000FF"]//Zmieniam nazwę tematu
//MarekM25[/color]

MarekM25
komentarz
komentarz

Daj loga z [url="http://www.forumpc.pl/index.php?showtopic=104338"]OTListIt2[/url].

Jest jakiś powód sprawdzania logów?

chrisx94
komentarz
komentarz (edytowane)

[log]OTL logfile created on: 2009-10-06 21:06:19 - Run 1
OTL by OldTimer - Version 3.0.18.4 Folder = H:\Documents and Settings\Krzysztof\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,36 Gb Available Physical Memory | 67,84% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = H: | %SystemRoot% = H:\windows | %ProgramFiles% = H:\Program Files
C: Drive not present or media not loaded
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 48,83 Gb Total Space | 7,53 Gb Free Space | 15,42% Space Free | Partition Type: NTFS
Drive I: | 156,25 Gb Total Space | 53,56 Gb Free Space | 34,28% Space Free | Partition Type: NTFS
Drive J: | 167,53 Gb Total Space | 48,79 Gb Free Space | 29,13% Space Free | Partition Type: NTFS

Computer Name: WWW-649A18D4B0C
Current User Name: Krzysztof
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2008-11-26 19:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008-11-26 19:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009-07-09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- H:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2007-03-06 11:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) -- H:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
PRC - [1999-12-12 19:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- H:\windows\System32\CTsvcCDA.exe
PRC - [2008-11-12 15:54:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- H:\windows\System32\nvsvc32.exe
PRC - [2009-03-29 11:10:42 | 00,066,872 | ---- | M] () -- H:\windows\System32\PnkBstrA.exe
PRC - [2009-09-18 16:45:59 | 01,760,928 | ---- | M] (VoiceFive Networks, Inc.) -- H:\Program Files\PremierOpinion\pmropn.exe
PRC - [2008-04-14 22:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- H:\windows\Explorer.EXE
PRC - [2008-04-14 22:51:52 | 00,218,112 | ---- | M] (Microsoft Corporation) -- H:\windows\System32\wbem\wmiprvse.exe
PRC - [2007-04-10 09:28:44 | 16,126,464 | R--- | M] (Realtek Semiconductor Corp.) -- H:\windows\RTHDCPL.EXE
PRC - [2001-10-26 21:30:04 | 00,016,896 | ---- | M] (Microsoft Corporation) -- H:\windows\System32\wbem\unsecapp.exe
PRC - [2009-07-27 13:38:34 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- H:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008-11-26 19:18:51 | 00,081,000 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2003-08-01 13:11:02 | 00,032,768 | ---- | M] () -- H:\windows\System32\rmctrl.exe
PRC - [2007-10-10 07:28:32 | 00,036,352 | ---- | M] () -- H:\Program Files\Winamp\winampa.exe
PRC - [2009-02-25 20:09:12 | 00,180,269 | ---- | M] (RealNetworks, Inc.) -- H:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2005-06-07 00:46:24 | 00,057,344 | ---- | M] (Adobe Systems Incorporated) -- H:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
PRC - [2007-11-06 11:08:10 | 00,397,312 | ---- | M] (Creative Technology Ltd) -- H:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
PRC - [2009-07-13 14:03:10 | 00,292,128 | ---- | M] (Apple Inc.) -- H:\Program Files\iTunes\iTunesHelper.exe
PRC - [2006-08-16 01:12:00 | 00,024,576 | ---- | M] (Creative Technology Ltd.) -- H:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
PRC - [2006-09-06 19:01:00 | 00,032,768 | R--- | M] (Creative Technology Ltd.) -- H:\windows\V0230Mon.exe
PRC - [2006-10-27 00:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2007-05-16 10:27:16 | 00,153,136 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2008-04-14 23:51:32 | 01,695,232 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Messenger\msmsgs.exe
PRC - [2009-04-23 06:47:00 | 07,424,000 | ---- | M] (OpenOffice.org) -- H:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009-04-23 06:48:54 | 07,418,368 | ---- | M] (OpenOffice.org) -- H:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2008-11-26 19:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2008-11-26 19:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2007-05-16 10:27:28 | 00,271,920 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2009-07-13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- H:\Program Files\iPod\bin\iPodService.exe
PRC - [2009-09-19 08:47:10 | 00,831,488 | ---- | M] (Bil Software) -- H:\Documents and Settings\Krzysztof\Moje dokumenty\Pobieranie\ygoow new\Ygoow.exe
PRC - [2009-09-10 20:52:54 | 00,908,280 | ---- | M] (Mozilla Corporation) -- H:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-10-06 16:23:55 | 00,520,704 | ---- | M] (OldTimer Tools) -- H:\Documents and Settings\Krzysztof\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2007-05-16 10:27:38 | 01,209,904 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-07-09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2005-09-23 08:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- H:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008-11-26 19:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV - [2008-11-26 19:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV - [2008-11-26 19:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV - [2008-11-26 19:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- H:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2007-03-06 11:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) -- H:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service [Auto | Running])
SRV - [2005-09-23 08:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [1999-12-12 19:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- H:\windows\System32\CTsvcCDA.exe -- (Creative Service for CDROM Access [Auto | Running])
SRV - [2009-09-02 21:10:00 | 00,054,776 | ---- | M] () -- H:\Documents and Settings\All Users\Dane aplikacji\Findbasic\findbasic121.exe -- (Findbasic Service [Auto | Stopped])
SRV - [2006-10-20 22:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009-03-24 21:56:16 | 00,133,104 | ---- | M] (Google Inc.) -- H:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9acba996552fe [Auto | Stopped])
SRV - [2008-04-14 22:50:46 | 00,038,400 | ---- | M] (Microsoft Corporation) -- H:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005-04-04 01:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2006-10-30 04:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009-07-13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- H:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2006-10-27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2007-04-13 22:09:56 | 00,792,112 | ---- | M] (Nero AG) -- H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])
SRV - [2006-10-30 04:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2007-05-16 10:27:28 | 00,271,920 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running])
SRV - [2008-11-12 15:54:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- H:\windows\System32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2009-03-29 11:10:42 | 00,066,872 | ---- | M] () -- H:\windows\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])
SRV - [2007-02-10 05:29:56 | 00,089,968 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter [Auto | Stopped])
SRV - [2006-12-01 12:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2008-11-26 19:15:35 | 00,026,944 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
DRV - [2004-03-10 16:27:18 | 00,011,264 | ---- | M] (Pinnacle Systems GmbH) -- H:\windows\System32\drivers\ASAPIW2k.sys -- (ASAPIW2k [On_Demand | Running])
DRV - [2008-11-26 19:17:25 | 00,020,560 | ---- | M] (ALWIL Software) -- H:\windows\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
DRV - [2008-11-26 19:18:18 | 00,094,032 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
DRV - [2008-11-26 19:16:29 | 00,023,152 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])
DRV - [2008-11-26 19:17:36 | 00,111,184 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aswSP.sys -- (aswSP [System | Running])
DRV - [2008-11-26 19:16:38 | 00,050,864 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV - [2007-06-21 04:44:32 | 00,029,696 | R--- | M] (Atheros Communications) -- H:\windows\System32\DRIVERS\l251x86.sys -- (AtcL002 [On_Demand | Running])
DRV - [2004-11-18 11:49:14 | 00,024,786 | ---- | M] (EUTRON) -- H:\windows\System32\Drivers\eusk2par.sys -- (eusk2par [System | Running])
DRV - [2004-11-18 11:49:14 | 00,045,534 | ---- | M] (EUTRON) -- H:\windows\System32\Drivers\eusk3usb.sys -- (eusk3usb [On_Demand | Stopped])
DRV - [2009-03-19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- H:\windows\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2004-05-02 10:47:08 | 00,023,040 | R--- | M] () -- H:\windows\System32\drivers\GVCplDrv.sys -- (GVCplDrv [On_Demand | Stopped])
DRV - [2008-04-13 22:06:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- H:\windows\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2007-04-10 13:04:40 | 04,397,568 | R--- | M] (Realtek Semiconductor Corp.) -- H:\windows\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2004-03-29 04:06:24 | 00,090,464 | ---- | M] (Pinnacle Systems GmbH) -- H:\windows\System32\DRIVERS\MarvinBus.sys -- (MarvinBus [On_Demand | Running])
DRV - [2004-08-13 04:56:20 | 00,005,810 | R--- | M] () -- H:\windows\System32\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running])
DRV - [2008-11-12 15:54:00 | 06,188,320 | ---- | M] (NVIDIA Corporation) -- H:\windows\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2002-03-19 10:29:16 | 00,014,165 | ---- | M] (Pinnacle Systems GmbH) -- H:\windows\System32\drivers\pclepci.sys -- (PCLEPCI [System | Running])
DRV - [2001-08-18 01:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- H:\windows\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- H:\windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2006-09-18 15:58:48 | 00,061,600 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27bus.sys -- (SE27bus [On_Demand | Stopped])
DRV - [2006-09-18 15:58:52 | 00,009,360 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27mdfl.sys -- (SE27mdfl [On_Demand | Stopped])
DRV - [2006-09-18 15:58:54 | 00,097,184 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27mdm.sys -- (SE27mdm [On_Demand | Stopped])
DRV - [2006-09-18 15:58:58 | 00,088,688 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27mgmt.sys -- (SE27mgmt [On_Demand | Stopped])
DRV - [2006-09-18 15:59:00 | 00,018,704 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se27nd5.sys -- (se27nd5 [On_Demand | Stopped])
DRV - [2006-09-18 15:59:02 | 00,086,560 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27obex.sys -- (SE27obex [On_Demand | Stopped])
DRV - [2006-09-18 15:59:08 | 00,090,800 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se27unic.sys -- (se27unic [On_Demand | Stopped])
DRV - [2006-11-30 16:13:56 | 00,061,536 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45bus.sys -- (se45bus [On_Demand | Stopped])
DRV - [2006-11-30 16:14:04 | 00,009,360 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45mdfl.sys -- (se45mdfl [On_Demand | Stopped])
DRV - [2006-11-30 16:14:04 | 00,097,088 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45mdm.sys -- (se45mdm [On_Demand | Stopped])
DRV - [2006-11-30 16:14:10 | 00,088,624 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45mgmt.sys -- (se45mgmt [On_Demand | Stopped])
DRV - [2006-11-30 16:14:10 | 00,018,704 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45nd5.sys -- (se45nd5 [On_Demand | Stopped])
DRV - [2006-11-30 16:14:14 | 00,086,432 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45obex.sys -- (se45obex [On_Demand | Stopped])
DRV - [2006-11-30 16:14:22 | 00,090,800 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45unic.sys -- (se45unic [On_Demand | Stopped])
DRV - [2008-04-13 22:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- H:\windows\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2005-08-10 14:44:04 | 00,050,688 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\sfdrv01.sys -- (sfdrv01 [Boot | Running])
DRV - [2005-05-16 15:20:39 | 00,006,656 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\sfhlp02.sys -- (sfhlp02 [Boot | Running])
DRV - [2005-08-10 16:06:28 | 00,019,968 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\sfsync02.sys -- (sfsync02 [Boot | Running])
DRV - [2009-09-04 19:16:25 | 00,721,904 | ---- | M] () -- H:\windows\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2006-03-23 19:00:00 | 00,006,272 | R--- | M] (EyePower Games Pte. Ltd.) -- H:\windows\System32\DRIVERS\V0230Vfx.sys -- (V0230Vfx [On_Demand | Running])
DRV - [2006-09-28 19:01:00 | 00,500,480 | R--- | M] (Creative Technology Ltd.) -- H:\windows\System32\DRIVERS\V0230VID.sys -- (V0230VID [On_Demand | Running])

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = H:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\S-1-5-21-796845957-1343024091-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\S-1-5-21-796845957-1343024091-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://onet.pl"
FF - prefs.js..extensions.enabledItems: {6E19037A-12E3-4295-8915-ED48BC341614}:1.3
FF - prefs.js..extensions.enabledItems: {C3F23840-B14B-4B61-AAEF-6BCC3621FA63}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - prefs.js..keyword.URL: "http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZCfox000&fl=0&ptb=9D9JkilC01wiJRayfcZ8jA&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor="

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: H:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-07-27 13:38:36 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: H:\Program Files\PremierOpinion [2009-10-02 14:19:06 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock 2.5.1\extensions\\Components: H:\Program Files\Flock\components [2009-08-25 14:06:54 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock 2.5.1\extensions\\Plugins: H:\Program Files\Flock\plugins [2009-10-05 19:04:22 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: H:\Program Files\Mozilla Firefox\components [2009-09-10 20:53:01 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: H:\Program Files\Mozilla Firefox\plugins [2009-10-05 19:04:22 | 00,000,000 | ---D | M]

[2009-03-10 18:27:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\mozilla\Extensions
[2009-03-10 18:27:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-02-25 20:29:51 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\mozilla\Firefox\Profiles\h9n4nthe.default\extensions
[2009-06-01 15:00:04 | 00,009,941 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Mozilla\FireFox\Profiles\h9n4nthe.default\searchplugins\mywebsearch.xml
[2009-10-05 21:04:06 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions
[2009-09-10 20:52:53 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-02-25 20:36:55 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2009-09-03 19:58:11 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions\{C3F23840-B14B-4B61-AAEF-6BCC3621FA63}
[2009-07-27 13:38:46 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009-09-10 20:52:51 | 00,023,544 | ---- | M] (Mozilla Foundation) -- H:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009-09-10 20:52:51 | 00,137,208 | ---- | M] (Mozilla Foundation) -- H:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2007-04-30 16:29:22 | 00,049,152 | ---- | M] (Adobe Systems, Inc.) -- H:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2009-07-27 13:38:35 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- H:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009-09-10 20:52:56 | 00,065,016 | ---- | M] (mozilla.org) -- H:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006-10-26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- H:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2009-07-15 21:00:25 | 00,002,767 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2009-07-15 21:00:25 | 00,001,406 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2009-08-26 19:13:33 | 00,002,393 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\findbasic119.xml
[2009-09-03 19:58:12 | 00,002,393 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\findbasic121.xml
[2009-07-15 21:00:25 | 00,002,371 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\google.xml
[2009-07-15 21:00:25 | 00,000,917 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2009-07-15 21:00:25 | 00,000,858 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2009-07-15 21:00:25 | 00,001,183 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2009-07-15 21:00:25 | 00,001,683 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (731 bytes) - H:\windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Softonic-en Toolbar) - {983ad4d4-8b63-442f-8684-fbc1c067949c} - H:\Program Files\Softonic-en\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Softonic-en Toolbar) - {983ad4d4-8b63-442f-8684-fbc1c067949c} - H:\Program Files\Softonic-en\tbSoft.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\..\Toolbar\WebBrowser: (Softonic-en Toolbar) - {983AD4D4-8B63-442F-8684-FBC1C067949C} - H:\Program Files\Softonic-en\tbSoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe Photo Downloader] H:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] H:\windows\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast!] H:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [AVFX Engine] H:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [CTCheck] H:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [GrooveMonitor] H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [H:\windows\system32\V0230Cvw.dll] H:\windows\System32\V0230Cvw.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [iTunesHelper] H:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [mirc] C:\WINDOWS\WINCRA\mirc.exe File not found
O4 - HKLM..\Run: [NeroFilterCheck] H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] H:\windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] H:\windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] H:\windows\System32\nwiz.exe ()
O4 - HKLM..\Run: [PinnacleDriverCheck] H:\windows\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [QuickTime Task] H:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RemoteControl] H:\windows\System32\rmctrl.exe ()
O4 - HKLM..\Run: [RTHDCPL] H:\windows\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] H:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] H:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] H:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [V0230Mon.exe] H:\windows\V0230Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [WinampAgent] H:\Program Files\Winamp\winampa.exe ()
O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [ares] H:\Program Files\Ares\Ares.exe (Ares Development Group)
O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [Creative Live! Cam Manager] H:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [DAEMON Tools Lite] H:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [MSMSGS] H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [Nowe Gadu-Gadu] H:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.)
O4 - Startup: H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: H:\Documents and Settings\Gosia\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: H:\Documents and Settings\Krzysztof\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: H:\Documents and Settings\Wiktoria\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Search - File not found
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - H:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\windows\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - H:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - H:\windows\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - H:\windows\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.58
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - H:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - H:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - H:\windows\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PremierOpinion: DllName - H:\Program Files\PremierOpinion\pmls.dll - H:\Program Files\PremierOpinion\pmls.dll (VoiceFive Networks, Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{46e2a893-0cb8-11de-b09a-001d60a8d52e}\Shell\AutoRun\command - "" = C:\uvsqfgwd.cmd -- File not found
O33 - MountPoints2\{46e2a893-0cb8-11de-b09a-001d60a8d52e}\Shell\open\Command - "" = C:\uvsqfgwd.cmd -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - H:\windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009-10-04 16:14:08 | 00,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
[2009-10-06 15:57:50 | 00,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Dane aplikacji\Pinnacle
[2009-10-03 18:35:44 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Dark Sector
[2009-10-03 17:58:55 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\GRETECH
[2009-09-28 18:39:10 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\OpenOffice.org
[2009-09-21 20:51:16 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Conduit
[2009-09-21 20:51:16 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Softonic-en
[2009-10-04 00:30:51 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Stardock
[2009-10-05 19:15:44 | 00,000,000 | ---D | C] -- H:\Program Files\Common Files\DESIGNER
[2009-09-12 23:15:40 | 00,000,000 | ---D | C] -- H:\Program Files\Ares
[2009-09-20 17:33:18 | 00,000,000 | ---D | C] -- H:\Program Files\Conduit
[2009-09-20 17:33:56 | 00,000,000 | ---D | C] -- H:\Program Files\GRETECH
[2009-10-06 16:33:41 | 00,000,000 | ---D | C] -- H:\Program Files\HijackThis
[2009-10-05 19:15:44 | 00,000,000 | ---D | C] -- H:\Program Files\Microsoft Visual Studio
[2009-10-05 19:13:08 | 00,000,000 | ---D | C] -- H:\Program Files\Microsoft Visual Studio 8
[2009-10-05 19:16:23 | 00,000,000 | ---D | C] -- H:\Program Files\Microsoft Works
[2009-10-05 19:15:05 | 00,000,000 | ---D | C] -- H:\Program Files\Microsoft.NET
[2009-10-06 15:57:47 | 00,000,000 | ---D | C] -- H:\Program Files\Pinnacle
[2009-09-20 17:33:18 | 00,000,000 | ---D | C] -- H:\Program Files\Softonic-en
[2009-10-06 18:05:09 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Moje dokumenty\Pinnacle Hollywood FX for Studio
[2009-10-06 17:02:13 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Moje dokumenty\Pinnacle Studio
[2009-10-06 16:30:58 | 00,294,912 | ---- | C] (Pegasus Imaging Corporation) -- H:\windows\System32\pvmjpg21.dll
[2009-10-06 16:30:58 | 00,081,920 | ---- | C] (Pinnacle Systems) -- H:\windows\System32\vdrmux.dll
[2009-10-06 16:30:58 | 00,046,592 | ---- | C] (Pinnacle Systems) -- H:\windows\System32\vdrcodec.dll
[2009-10-06 16:30:57 | 00,044,544 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\msxml4a.dll
[2009-10-06 16:28:31 | 00,019,456 | ---- | C] (VoB Computersysteme GmbH) -- H:\windows\System32\asapi.dll
[2009-10-06 16:28:29 | 00,090,112 | ---- | C] (MindVision Software) -- H:\windows\unvise32.exe
[2009-10-06 16:27:01 | 00,061,440 | ---- | C] (Pinnacle Systems) -- H:\windows\System32\pclepim1.dll
[2009-10-06 16:27:00 | 00,106,496 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\atl71.dll
[2009-10-06 16:27:00 | 00,084,992 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\ATL70.DLL
[2009-10-06 16:27:00 | 00,065,536 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\MFC71DEU.DLL
[2009-10-06 16:27:00 | 00,061,440 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\MFC71ITA.DLL
[2009-10-06 16:27:00 | 00,061,440 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\MFC71FRA.DLL
[2009-10-06 16:27:00 | 00,061,440 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\MFC71ESP.DLL
[2009-10-06 16:27:00 | 00,057,344 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\MFC71ENU.DLL
[2009-10-06 16:27:00 | 00,049,152 | ---- | C] (Pinnacle Systems) -- H:\windows\System32\PCLEGetGuid.dll
[2009-10-06 16:27:00 | 00,049,152 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\MFC71KOR.DLL
[2009-10-06 16:27:00 | 00,049,152 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\MFC71JPN.DLL
[2009-10-06 16:27:00 | 00,045,056 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\MFC71CHT.DLL
[2009-10-06 16:27:00 | 00,040,960 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\MFC71CHS.DLL
[2009-10-05 19:18:06 | 00,032,592 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\msonpmon.dll
[2009-10-05 19:10:12 | 00,000,000 | RH-D | C] -- H:\MSOCache
[2009-10-05 19:04:14 | 00,000,000 | -HSD | C] -- H:\Config.Msi

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[10 H:\windows\System32\*.tmp files]
[3 H:\windows\*.tmp files]
[2009-10-06 20:49:00 | 00,001,036 | ---- | M] () -- H:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2009-10-06 20:32:22 | 00,000,156 | ---- | M] () -- H:\windows\Twunk001.MTX
[2009-10-06 20:32:22 | 00,000,005 | ---- | M] () -- H:\windows\Twain001.Mtx
[2009-10-06 18:21:32 | 00,000,063 | ---- | M] () -- H:\windows\PixieTool.INI
[2009-10-06 18:19:42 | 00,000,349 | ---- | M] () -- H:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2009-10-06 17:51:09 | 00,002,645 | ---- | M] () -- H:\windows\System32\CONFIG.NT
[2009-10-06 17:50:54 | 01,110,350 | ---- | M] () -- H:\windows\System32\PerfStringBackup.INI
[2009-10-06 17:50:54 | 00,497,552 | ---- | M] () -- H:\windows\System32\perfh015.dat
[2009-10-06 17:50:54 | 00,438,960 | ---- | M] () -- H:\windows\System32\perfh009.dat
[2009-10-06 17:50:54 | 00,088,642 | ---- | M] () -- H:\windows\System32\perfc015.dat
[2009-10-06 17:50:54 | 00,071,046 | ---- | M] () -- H:\windows\System32\perfc009.dat
[2009-10-06 17:46:49 | 00,203,188 | ---- | M] () -- H:\windows\System32\nvapps.xml
[2009-10-06 17:46:46 | 00,001,032 | ---- | M] () -- H:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2009-10-06 17:46:42 | 00,000,006 | -H-- | M] () -- H:\windows\tasks\SA.DAT
[2009-10-06 17:46:37 | 00,002,048 | --S- | M] () -- H:\windows\bootstat.dat
[2009-10-06 16:58:17 | 00,000,664 | ---- | M] () -- H:\windows\System32\d3d9caps.dat
[2009-10-06 16:54:25 | 01,807,984 | ---- | M] () -- H:\windows\System32\FNTCACHE.DAT
[2009-10-06 16:39:50 | 00,198,840 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-10-06 16:33:41 | 00,001,582 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Pulpit\HijackThis.lnk
[2009-10-05 19:20:50 | 00,000,843 | ---- | M] () -- H:\windows\win.ini
[2009-10-05 15:53:43 | 00,002,206 | ---- | M] () -- H:\windows\System32\wpa.dbl
[2009-10-04 13:15:27 | 00,000,069 | ---- | M] () -- H:\windows\NeroDigital.ini
[2009-10-04 00:59:13 | 01,044,604 | -H-- | M] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-10-04 00:36:47 | 00,444,952 | ---- | M] (Creative Labs) -- H:\windows\System32\wrap_oal.dll
[2009-10-04 00:36:47 | 00,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- H:\windows\System32\OpenAL32.dll
[2009-10-04 00:03:28 | 00,169,984 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-09-28 18:40:04 | 00,000,866 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk
[2009-09-18 23:04:56 | 00,000,768 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Pulpit\Skrót do Ygoow.lnk

[color=#E56717]========== Files - No Company Name ==========[/color]
[2009-10-06 16:33:41 | 00,001,582 | ---- | C] () -- H:\Documents and Settings\Krzysztof\Pulpit\HijackThis.lnk
[2009-10-06 16:28:31 | 00,406,016 | ---- | C] () -- H:\windows\System32\PSDrvCheck.exe
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.KOR
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.JPN
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.JP
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.ITA
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.IT
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.FRA
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.FR
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.ESP
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.ES
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.DEU
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.DE
[2009-10-06 16:28:31 | 00,026,112 | ---- | C] () -- H:\windows\System32\PSDrvCheck.CHT
[2009-10-06 16:28:31 | 00,026,112 | ---- | C] () -- H:\windows\System32\PSDrvCheck.CHS
[2009-10-06 16:28:31 | 00,016,896 | ---- | C] () -- H:\windows\System32\PSDrvCheck.NLD
[2009-10-06 16:28:31 | 00,016,896 | ---- | C] () -- H:\windows\System32\PSDrvCheck.NL
[2009-10-06 16:28:31 | 00,016,896 | ---- | C] () -- H:\windows\System32\PSDrvCheck.KO
[2009-10-06 16:27:01 | 00,038,232 | ---- | C] () -- H:\windows\wmprfsky.prx
[2009-10-06 16:27:01 | 00,037,916 | ---- | C] () -- H:\windows\wmprffra.prx
[2009-10-06 16:27:01 | 00,037,014 | ---- | C] () -- H:\windows\wmprfhun.prx
[2009-10-06 16:27:01 | 00,036,594 | ---- | C] () -- H:\windows\wmprfell.prx
[2009-10-06 16:27:01 | 00,035,916 | ---- | C] () -- H:\windows\wmprfptg.prx
[2009-10-06 16:27:01 | 00,035,680 | ---- | C] () -- H:\windows\wmprfita.prx
[2009-10-06 16:27:01 | 00,035,590 | ---- | C] () -- H:\windows\wmprfesp.prx
[2009-10-06 16:27:01 | 00,035,474 | ---- | C] () -- H:\windows\wmprfcsy.prx
[2009-10-06 16:27:01 | 00,033,820 | ---- | C] () -- H:\windows\WMPrfDeu.prx
[2009-10-06 16:27:01 | 00,033,694 | ---- | C] () -- H:\windows\wmprfptb.prx
[2009-10-06 16:27:01 | 00,033,580 | ---- | C] () -- H:\windows\wmprfslv.prx
[2009-10-06 16:27:01 | 00,033,336 | ---- | C] () -- H:\windows\WMPrfAra.prx
[2009-10-06 16:27:01 | 00,033,314 | ---- | C] () -- H:\windows\wmprfsve.prx
[2009-10-06 16:27:01 | 00,032,964 | ---- | C] () -- H:\windows\wmprfnld.prx
[2009-10-06 16:27:01 | 00,032,852 | ---- | C] () -- H:\windows\wmprfnor.prx
[2009-10-06 16:27:01 | 00,032,022 | ---- | C] () -- H:\windows\wmprftrk.prx
[2009-10-06 16:27:01 | 00,031,764 | ---- | C] () -- H:\windows\wmprffin.prx
[2009-10-06 16:27:01 | 00,031,712 | ---- | C] () -- H:\windows\wmprfdan.prx
[2009-10-06 16:27:01 | 00,028,718 | ---- | C] () -- H:\windows\wmprfheb.prx
[2009-10-06 16:27:01 | 00,023,304 | ---- | C] () -- H:\windows\WMPrfJpn.prx
[2009-10-06 16:27:01 | 00,022,338 | ---- | C] () -- H:\windows\WMPrfKor.prx
[2009-10-06 16:27:01 | 00,000,804 | ---- | C] () -- H:\windows\wmprfrus.prx
[2009-10-06 16:27:01 | 00,000,136 | ---- | C] () -- H:\windows\WMPrfCHS.prx
[2009-10-06 16:27:01 | 00,000,132 | ---- | C] () -- H:\windows\WMPrfCHT.prx
[2009-10-06 16:26:22 | 00,000,063 | ---- | C] () -- H:\windows\PixieTool.INI
[2009-10-06 16:01:11 | 00,000,349 | ---- | C] () -- H:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2009-10-04 00:59:13 | 01,044,604 | -H-- | C] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-09-28 18:40:04 | 00,000,866 | ---- | C] () -- H:\Documents and Settings\Krzysztof\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk
[2009-07-30 22:24:15 | 00,024,575 | ---- | C] () -- H:\windows\System32\Qsusengwinsyspio49.dll
[2009-07-13 22:09:50 | 00,043,520 | ---- | C] () -- H:\windows\System32\CmdLineExt03.dll
[2009-06-23 14:35:45 | 00,354,816 | ---- | C] () -- H:\windows\System32\psisdecd.dll
[2009-04-25 22:39:16 | 00,000,000 | ---- | C] () -- H:\windows\PlayDemo.INI
[2009-04-22 18:35:37 | 00,069,632 | ---- | C] () -- H:\windows\System32\xmltok.dll
[2009-04-22 18:35:37 | 00,036,864 | ---- | C] () -- H:\windows\System32\xmlparse.dll
[2009-03-29 18:41:15 | 00,237,568 | ---- | C] () -- H:\windows\System32\lame_enc.dll
[2009-03-28 21:27:35 | 00,138,184 | ---- | C] () -- H:\windows\System32\drivers\PnkBstrK.sys
[2009-03-14 15:33:54 | 00,721,904 | ---- | C] () -- H:\windows\System32\drivers\sptd.sys
[2009-03-07 22:36:23 | 00,012,288 | ---- | C] () -- H:\windows\impborl.dll
[2009-03-07 22:27:48 | 00,000,011 | ---- | C] () -- H:\windows\wanpatan.ini
[2009-03-02 16:56:47 | 00,210,456 | ---- | C] () -- H:\windows\System32\IVIresizeW7.dll
[2009-03-02 16:56:47 | 00,198,168 | ---- | C] () -- H:\windows\System32\IVIresizeP6.dll
[2009-03-02 16:56:47 | 00,194,072 | ---- | C] () -- H:\windows\System32\IVIresizePX.dll
[2009-03-02 16:56:46 | 00,206,360 | ---- | C] () -- H:\windows\System32\IVIresizeA6.dll
[2009-03-02 16:56:46 | 00,198,168 | ---- | C] () -- H:\windows\System32\IVIresizeM6.dll
[2009-03-02 16:56:46 | 00,026,136 | ---- | C] () -- H:\windows\System32\IVIresize.dll
[2009-02-28 15:38:49 | 00,000,000 | ---- | C] () -- H:\windows\mngui.INI
[2009-02-26 21:55:49 | 00,169,984 | ---- | C] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-02-25 22:55:12 | 00,000,069 | ---- | C] () -- H:\windows\NeroDigital.ini
[2009-02-25 20:31:40 | 00,198,840 | ---- | C] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-02-25 20:29:05 | 00,000,062 | -HS- | C] () -- H:\Documents and Settings\Krzysztof\Dane aplikacji\desktop.ini
[2009-02-25 20:26:16 | 00,000,062 | -HS- | C] () -- H:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
[2009-02-25 20:16:41 | 00,036,864 | ---- | C] () -- H:\windows\System32\ctrldll.dll
[2009-02-25 20:12:04 | 00,000,421 | ---- | C] () -- H:\windows\ODBC.INI
[2009-02-25 19:49:56 | 00,023,040 | R--- | C] () -- H:\windows\System32\drivers\GVCplDrv.sys
[2009-02-25 19:39:15 | 00,005,810 | R--- | C] () -- H:\windows\System32\drivers\ASACPI.sys
[2009-02-25 19:39:14 | 00,011,839 | ---- | C] () -- H:\windows\Ascd_tmp.ini
[2009-02-25 19:39:03 | 00,010,288 | ---- | C] () -- H:\windows\System32\drivers\ASUSHWIO.SYS
[2008-12-18 00:30:06 | 00,815,104 | ---- | C] () -- H:\windows\System32\xvidcore.dll
[2008-12-18 00:30:06 | 00,180,224 | ---- | C] () -- H:\windows\System32\xvidvfw.dll
[2008-11-12 15:54:00 | 01,703,936 | ---- | C] () -- H:\windows\System32\nvwdmcpl.dll
[2008-11-12 15:54:00 | 01,486,848 | ---- | C] () -- H:\windows\System32\nview.dll
[2008-11-12 15:54:00 | 01,019,904 | ---- | C] () -- H:\windows\System32\nvwimg.dll
[2008-11-12 15:54:00 | 00,466,944 | ---- | C] () -- H:\windows\System32\nvshell.dll
[2008-10-07 10:13:30 | 00,197,912 | ---- | C] () -- H:\windows\System32\physxcudart_20.dll
[2008-10-07 10:13:22 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelSwedish.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelSpanish.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelPortugese.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelKorean.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelJapanese.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelGerman.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelFrench.dll
[2007-11-26 21:56:28 | 00,151,415 | ---- | C] () -- H:\windows\System32\xlive.dll.cat
[2005-02-23 18:57:35 | 00,971,776 | ---- | C] () -- H:\windows\System32\SSCProt.dll
[2004-03-18 07:44:29 | 01,663,068 | ---- | C] () -- H:\windows\System32\libmmd.dll
[2002-10-16 00:54:04 | 00,153,088 | ---- | C] () -- H:\windows\System32\unrar.dll
[2002-03-17 02:00:00 | 00,007,420 | ---- | C] () -- H:\windows\UA000088.DLL
[2001-10-26 21:28:10 | 00,003,584 | ---- | C] () -- H:\windows\System32\iprop.dll
[2001-07-22 02:16:20 | 00,000,843 | ---- | C] () -- H:\windows\win.ini
[2001-07-22 02:15:52 | 00,000,284 | ---- | C] () -- H:\windows\system.ini

[color=#E56717]========== LOP Check ==========[/color]

[2009-10-06 15:57:50 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\All Users\Dane aplikacji
[2009-08-25 14:07:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009-02-25 20:15:28 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\ACD Systems
[2009-02-25 20:05:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Ahead
[2009-06-19 19:29:46 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Codemasters
[2009-05-20 12:16:53 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\ConeXware
[2009-02-25 20:16:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\CyberLink
[2009-03-28 21:05:05 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2009-07-14 19:00:51 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2009-09-03 19:33:31 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Findbasic
[2002-01-01 07:56:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\FLEXnet
[2009-03-02 16:56:49 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\InterVideo
[2009-10-06 15:57:50 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Pinnacle
[2009-02-28 15:14:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Teleca
[2009-09-06 16:16:04 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-04-13 19:29:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited
[2009-05-20 14:18:33 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\TrackMania
[2009-06-13 17:59:24 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Ubisoft
[2009-05-19 10:17:48 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems
[2009-02-25 20:26:16 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Default User\Dane aplikacji
[2009-08-26 19:10:23 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji
[2009-02-25 20:15:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\ACD Systems
[2009-04-12 22:26:02 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Ahead
[2009-06-02 12:02:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Any Video Converter
[2009-04-24 21:36:51 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\AVI ReComp
[2009-02-25 23:00:08 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\CyberLink
[2009-03-28 21:06:01 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\DAEMON Tools
[2009-09-06 10:56:25 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\DAEMON Tools Lite
[2009-05-03 15:42:37 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\DAEMON Tools Pro
[2009-03-14 12:32:34 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Gadu-Gadu
[2009-05-14 21:57:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\GetRightToGo
[2009-02-28 18:42:06 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Leadertech
[2009-02-25 22:15:29 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Nowe Gadu-Gadu
[2009-07-27 13:40:58 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\OpenOffice.org
[2009-04-20 21:57:58 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Publish Providers
[2009-03-27 20:28:41 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\SecuROM
[2009-04-20 21:57:34 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Sony
[2009-02-26 16:34:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Teleca
[2009-06-13 18:05:03 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Ubisoft
[2009-03-02 18:11:13 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Ulead Systems
[2009-07-29 11:49:41 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\ViStart
[2009-08-10 20:38:10 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Xenorate
[2009-10-03 18:35:44 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji
[2009-02-25 20:30:53 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\ACD Systems
[2009-05-16 19:53:50 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Ahead
[2009-10-04 00:32:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Any Video Converter
[2009-04-03 15:15:04 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\DAEMON Tools
[2009-09-05 09:38:11 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\DAEMON Tools Lite
[2009-05-08 20:52:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\DAEMON Tools Pro
[2009-10-04 22:25:25 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Dark Sector
[2009-04-25 22:26:08 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\GetRightToGo
[2009-10-03 17:58:55 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\GRETECH
[2009-04-07 15:54:23 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\gtk-2.0
[2009-03-03 18:25:07 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Leadertech
[2009-05-08 19:10:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\NetMedia Providers
[2009-06-29 19:37:32 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Nowe Gadu-Gadu
[2009-05-08 20:54:49 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Off Road
[2009-09-28 18:39:10 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\OpenOffice.org
[2009-05-08 19:10:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Publish Providers
[2009-02-27 22:04:11 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Teleca
[2009-03-02 16:58:37 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Ulead Systems
[2009-08-27 17:45:46 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Xenorate
[2009-09-03 19:58:12 | 00,000,000 | ---D | M] -- H:\Documents and Settings\LocalService\Dane aplikacji
[2009-02-25 19:34:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\NetworkService\Dane aplikacji
[2009-10-04 18:11:30 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji
[2009-09-04 15:05:23 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Ahead
[2009-07-31 19:02:50 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\AVI ReComp
[2009-09-14 19:51:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\DAEMON Tools Pro
[2009-10-03 14:26:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Dark Sector
[2009-07-30 21:52:00 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Flock
[2009-09-20 17:34:12 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\GRETECH
[2009-07-30 16:20:17 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Nowe Gadu-Gadu
[2009-08-10 20:40:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\OpenOffice.org
[2009-08-29 20:29:52 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\SecuROM
[2009-07-30 15:58:05 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Teleca
[2009-10-01 16:20:02 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\TSRWorkshop
[2001-07-22 02:17:50 | 00,000,065 | RH-- | M] () -- H:\windows\Tasks\desktop.ini
[2009-10-06 17:46:46 | 00,001,032 | ---- | M] () -- H:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2009-10-06 20:49:00 | 00,001,036 | ---- | M] () -- H:\windows\Tasks\GoogleUpdateTaskMachineUA.job
[2009-10-06 17:46:42 | 00,000,006 | -H-- | M] () -- H:\windows\Tasks\SA.DAT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 143 bytes -> H:\Documents and Settings\All Users\Dane aplikacji\TEMP:8CE646EE
@Alternate Data Stream - 133 bytes -> H:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF
< End of report >[/log]



powód: założyłem już wcześniej temat w dziale Awarie Komputera (http://www.forumpc.pl/index.php?showtopic=125885&st=0&gopid=875065&#entry875065), wykonałem wskazówki i zostałem tutaj pokierowany, proszę serdecznie o pomoc i dalsze wskazówki

Psycholandia
komentarz
komentarz

W okienko OTL wklej poniższy skrypt i klik na Run Fix:

[code]:Processes
explorer.exe

:OTL
O4 - HKLM..\Run: [mirc] C:\WINDOWS\WINCRA\mirc.exe File not found
O8 - Extra context menu item: &Search - File not found
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE File not found

:Files
H:\windows\tasks\GoogleUpdateTaskMachineUA.job
H:\windows\Twunk001.MTX
H:\windows\Twain001.Mtx
H:\windows\tasks\GoogleUpdateTaskMachineCore.job

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]
Dajesz loga powstałego po usuwaniu + nowego.

Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware)

chrisx94
komentarz
komentarz

mam pytanie, czy to niczemu nie zaszkodzi na komputerze? utrata danych, użytkowników czy ustawień? Bo w sumie zostaną usunięte jakieś pliki i zastanawiam się czy są jakieś konsekwencje (robię to pierwszy raz)

MarekM25
komentarz
komentarz

Usuwana jest tu tylko kosmetyka, więc nic się nie stanie.

chrisx94
komentarz
komentarz (edytowane)

niechcący zrobiłem to Fix 2 razy ale mam nadzieję, że to nic nie zepsuło, po uruchomieniu ponownym komputera wyskoczył plik:
[log]
File delete failed. H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\h9n4nthe.default\XPC.mfl scheduled to be deleted on reboot.
File delete failed. H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\h9n4nthe.default\XUL.mfl scheduled to be deleted on reboot.
->FireFox cache emptied: 3923743 bytes

User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. H:\Documents and Settings\LocalService\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 32768 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Wiktoria
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 950272 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
File delete failed. H:\windows\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. H:\windows\temp\Perflib_Perfdata_5a8.dat scheduled to be deleted on reboot.
File delete failed. H:\windows\temp\Perflib_Perfdata_91c.dat scheduled to be deleted on reboot.
Windows Temp folder emptied: 32919 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 7,66 mb


OTL by OldTimer - Version 3.0.18.4 log created on 10112009_204220

Files\Folders moved on Reboot...
H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\h9n4nthe.default\Cache\_CACHE_001_ moved successfully.
H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\h9n4nthe.default\Cache\_CACHE_002_ moved successfully.
H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\h9n4nthe.default\Cache\_CACHE_003_ moved successfully.
H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\h9n4nthe.default\Cache\_CACHE_MAP_ moved successfully.
H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\h9n4nthe.default\urlclassifier3.sqlite moved successfully.
H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\h9n4nthe.default\XPC.mfl moved successfully.
H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\h9n4nthe.default\XUL.mfl moved successfully.
H:\windows\temp\_avast4_\Webshlock.txt moved successfully.
H:\windows\temp\Perflib_Perfdata_5a8.dat moved successfully.
H:\windows\temp\Perflib_Perfdata_91c.dat moved successfully.

Registry entries deleted on Reboot...
[/log]

i co teraz jeszcze trzeba zrobić?

o tu jest ten pierwszy, ale pod koniec zresetował mi się komp i nie wiedziałem gdzie jest

[log]
All processes killed
========== PROCESSES ==========
Process explorer.exe killed successfully!
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\mirc deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Search\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&ksport do programu Microsoft Excel\ deleted successfully.
========== FILES ==========
H:\windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
H:\windows\Twunk001.MTX moved successfully.
H:\windows\Twain001.Mtx moved successfully.
H:\windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Gosia
File delete failed. H:\Documents and Settings\Gosia\Ustawienia lokalne\Temp\14F0C08.dmp scheduled to be deleted on reboot.
->Temp folder emptied: 1161865514 bytes
File delete failed. H:\Documents and Settings\Gosia\Ustawienia lokalne\Temporary Internet Files\Content.IE5\ZIF28YJO\CAMN4L8X.htm scheduled to be deleted on reboot.
File delete failed. H:\Documents and Settings\Gosia\Ustawienia lokalne\Temporary Internet Files\Content.IE5\R0YZUQY3\getmainbanner8[1].htm scheduled to be deleted on reboot.
File delete failed. H:\Documents and Settings\Gosia\Ustawienia lokalne\Temporary Internet Files\Content.IE5\JO1EAXIU\CANIOR35.htm scheduled to be deleted on reboot.
File delete failed. H:\Documents and Settings\Gosia\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 58209579 bytes
->Java cache emptied: 26840155 bytes
->FireFox cache emptied: 59671356 bytes

User: Krzysztof
->Temp folder emptied: 637838117 bytes
File delete failed. H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Temporary Internet Files\Content.IE5\RTM7KL67\getmainbanner8[2].htm scheduled to be deleted on reboot.
File delete failed. H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 134050500 bytes
->Java cache emptied: 26001977 bytes
->FireFox cache emptied: 85374282 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
File delete failed. H:\Documents and Settings\LocalService\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 1353283 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Wiktoria
->Temp folder emptied: 902359894 bytes
File delete failed. H:\Documents and Settings\Wiktoria\Ustawienia lokalne\Temporary Internet Files\Content.IE5\CN2N585V\getmainbanner8[1].htm scheduled to be deleted on reboot.
File delete failed. H:\Documents and Settings\Wiktoria\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 52908370 bytes
->Java cache emptied: 25581514 bytes
->FireFox cache emptied: 98313742 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2352022 bytes
%systemroot%\System32 .tmp files removed: 8054000 bytes
File delete failed. H:\windows\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. H:\windows\temp\Perflib_Perfdata_5a8.dat scheduled to be deleted on reboot.
File delete failed. H:\windows\temp\Perflib_Perfdata_91c.dat scheduled to be deleted on reboot.
Windows Temp folder emptied: 3195231 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = -964,04 mb


OTL by OldTimer - Version 3.0.18.4 log created on 10112009_203536

Files\Folders moved on Reboot...
H:\Documents and Settings\Gosia\Ustawienia lokalne\Temp\14F0C08.dmp moved successfully.
H:\Documents and Settings\Gosia\Ustawienia lokalne\Temporary Internet Files\Content.IE5\ZIF28YJO\CAMN4L8X.htm moved successfully.
H:\Documents and Settings\Gosia\Ustawienia lokalne\Temporary Internet Files\Content.IE5\R0YZUQY3\getmainbanner8[1].htm moved successfully.
H:\Documents and Settings\Gosia\Ustawienia lokalne\Temporary Internet Files\Content.IE5\JO1EAXIU\CANIOR35.htm moved successfully.
H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Temporary Internet Files\Content.IE5\RTM7KL67\getmainbanner8[2].htm moved successfully.
H:\Documents and Settings\Wiktoria\Ustawienia lokalne\Temporary Internet Files\Content.IE5\CN2N585V\getmainbanner8[1].htm moved successfully.
File move failed. H:\windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File move failed. H:\windows\temp\Perflib_Perfdata_5a8.dat scheduled to be moved on reboot.
File move failed. H:\windows\temp\Perflib_Perfdata_91c.dat scheduled to be moved on reboot.

Registry entries deleted on Reboot...
[/log]

nowy log po skanie z OTL:
[log]
OTL logfile created on: 2009-10-11 20:57:08 - Run 2
OTL by OldTimer - Version 3.0.18.4 Folder = I:\Programy\logi
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 67,72% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = H: | %SystemRoot% = H:\windows | %ProgramFiles% = H:\Program Files
Drive C: | 1,85 Gb Total Space | 1,19 Gb Free Space | 64,13% Space Free | Partition Type: FAT32
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 3,53 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 48,83 Gb Total Space | 17,80 Gb Free Space | 36,46% Space Free | Partition Type: NTFS
Drive I: | 156,25 Gb Total Space | 51,15 Gb Free Space | 32,74% Space Free | Partition Type: NTFS
Drive J: | 167,53 Gb Total Space | 47,72 Gb Free Space | 28,48% Space Free | Partition Type: NTFS

Computer Name: WWW-649A18D4B0C
Current User Name: Krzysztof
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2008-11-26 19:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008-11-26 19:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009-07-09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- H:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2007-03-06 11:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) -- H:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
PRC - [1999-12-12 19:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- H:\windows\System32\CTsvcCDA.exe
PRC - [2008-11-12 15:54:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- H:\windows\System32\nvsvc32.exe
PRC - [2009-03-29 11:10:42 | 00,066,872 | ---- | M] () -- H:\windows\System32\PnkBstrA.exe
PRC - [2009-09-18 16:45:59 | 01,760,928 | ---- | M] (VoiceFive Networks, Inc.) -- H:\Program Files\PremierOpinion\pmropn.exe
PRC - [2009-03-24 21:56:16 | 00,133,104 | ---- | M] (Google Inc.) -- H:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2008-04-14 22:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- H:\windows\Explorer.EXE
PRC - [2009-10-07 20:33:06 | 00,045,056 | ---- | M] () -- H:\windows\System32\UTSCSI.EXE
PRC - [2008-04-14 22:51:52 | 00,218,112 | ---- | M] (Microsoft Corporation) -- H:\windows\System32\wbem\wmiprvse.exe
PRC - [2001-10-26 21:30:04 | 00,016,896 | ---- | M] (Microsoft Corporation) -- H:\windows\System32\wbem\unsecapp.exe
PRC - [2007-04-10 09:28:44 | 16,126,464 | R--- | M] (Realtek Semiconductor Corp.) -- H:\windows\RTHDCPL.EXE
PRC - [2009-07-27 13:38:34 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- H:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008-11-26 19:18:51 | 00,081,000 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2003-08-01 13:11:02 | 00,032,768 | ---- | M] () -- H:\windows\System32\rmctrl.exe
PRC - [2007-10-10 07:28:32 | 00,036,352 | ---- | M] () -- H:\Program Files\Winamp\winampa.exe
PRC - [2009-02-25 20:09:12 | 00,180,269 | ---- | M] (RealNetworks, Inc.) -- H:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2005-06-07 00:46:24 | 00,057,344 | ---- | M] (Adobe Systems Incorporated) -- H:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
PRC - [2007-11-06 11:08:10 | 00,397,312 | ---- | M] (Creative Technology Ltd) -- H:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
PRC - [2009-07-13 14:03:10 | 00,292,128 | ---- | M] (Apple Inc.) -- H:\Program Files\iTunes\iTunesHelper.exe
PRC - [2006-08-16 01:12:00 | 00,024,576 | ---- | M] (Creative Technology Ltd.) -- H:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
PRC - [2006-09-06 19:01:00 | 00,032,768 | R--- | M] (Creative Technology Ltd.) -- H:\windows\V0230Mon.exe
PRC - [2006-10-27 00:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2007-05-16 10:27:16 | 00,153,136 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2008-04-14 23:51:32 | 01,695,232 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Messenger\msmsgs.exe
PRC - [2009-04-23 15:51:38 | 00,691,656 | ---- | M] (DT Soft Ltd) -- H:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2004-07-08 16:13:42 | 00,106,496 | ---- | M] (Sony Corporation.) -- H:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
PRC - [2009-04-23 06:47:00 | 07,424,000 | ---- | M] (OpenOffice.org) -- H:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009-04-23 06:48:54 | 07,418,368 | ---- | M] (OpenOffice.org) -- H:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2008-11-26 19:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2008-11-26 19:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2007-05-16 10:27:28 | 00,271,920 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2009-07-13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- H:\Program Files\iPod\bin\iPodService.exe
PRC - [2009-09-10 20:52:54 | 00,908,280 | ---- | M] (Mozilla Corporation) -- H:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-10-06 16:23:55 | 00,520,704 | ---- | M] (OldTimer Tools) -- I:\Programy\logi\OTL.exe

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-07-09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2005-09-23 08:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- H:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008-11-26 19:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV - [2008-11-26 19:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV - [2008-11-26 19:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV - [2008-11-26 19:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- H:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2007-03-06 11:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) -- H:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service [Auto | Running])
SRV - [2005-09-23 08:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [1999-12-12 19:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- H:\windows\System32\CTsvcCDA.exe -- (Creative Service for CDROM Access [Auto | Running])
SRV - [2009-09-02 21:10:00 | 00,054,776 | ---- | M] () -- H:\Documents and Settings\All Users\Dane aplikacji\Findbasic\findbasic121.exe -- (Findbasic Service [Auto | Stopped])
SRV - [2006-10-20 22:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009-03-24 21:56:16 | 00,133,104 | ---- | M] (Google Inc.) -- H:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9acba996552fe [Auto | Stopped])
SRV - [2008-04-14 22:50:46 | 00,038,400 | ---- | M] (Microsoft Corporation) -- H:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005-04-04 01:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2006-10-30 04:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009-07-13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- H:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2006-10-27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2007-04-13 22:09:56 | 00,792,112 | ---- | M] (Nero AG) -- H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])
SRV - [2006-10-30 04:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2007-05-16 10:27:28 | 00,271,920 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running])
SRV - [2008-11-12 15:54:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- H:\windows\System32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2009-03-29 11:10:42 | 00,066,872 | ---- | M] () -- H:\windows\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])
SRV - [2007-02-10 05:29:56 | 00,089,968 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter [Auto | Stopped])
SRV - [2009-10-07 20:33:06 | 00,045,056 | ---- | M] () -- H:\windows\System32\UTSCSI.EXE -- (UTSCSI [Auto | Running])
SRV - [2006-12-01 12:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2008-11-26 19:15:35 | 00,026,944 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
DRV - [2004-03-10 16:27:18 | 00,011,264 | ---- | M] (Pinnacle Systems GmbH) -- H:\windows\System32\drivers\ASAPIW2k.sys -- (ASAPIW2k [On_Demand | Running])
DRV - [2008-11-26 19:17:25 | 00,020,560 | ---- | M] (ALWIL Software) -- H:\windows\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
DRV - [2008-11-26 19:18:18 | 00,094,032 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
DRV - [2008-11-26 19:16:29 | 00,023,152 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])
DRV - [2008-11-26 19:17:36 | 00,111,184 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aswSP.sys -- (aswSP [System | Running])
DRV - [2008-11-26 19:16:38 | 00,050,864 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV - [2007-06-21 04:44:32 | 00,029,696 | R--- | M] (Atheros Communications) -- H:\windows\System32\DRIVERS\l251x86.sys -- (AtcL002 [On_Demand | Running])
DRV - [2004-03-08 12:55:50 | 00,013,567 | ---- | M] (B.H.A Corporation) -- H:\windows\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv [System | Running])
DRV - [2004-11-18 11:49:14 | 00,024,786 | ---- | M] (EUTRON) -- H:\windows\System32\Drivers\eusk2par.sys -- (eusk2par [System | Running])
DRV - [2004-11-18 11:49:14 | 00,045,534 | ---- | M] (EUTRON) -- H:\windows\System32\Drivers\eusk3usb.sys -- (eusk3usb [On_Demand | Stopped])
DRV - [2009-03-19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- H:\windows\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2004-05-02 10:47:08 | 00,023,040 | R--- | M] () -- H:\windows\System32\drivers\GVCplDrv.sys -- (GVCplDrv [On_Demand | Stopped])
DRV - [2008-04-13 22:06:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- H:\windows\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2007-04-10 13:04:40 | 04,397,568 | R--- | M] (Realtek Semiconductor Corp.) -- H:\windows\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2004-03-29 04:06:24 | 00,090,464 | ---- | M] (Pinnacle Systems GmbH) -- H:\windows\System32\DRIVERS\MarvinBus.sys -- (MarvinBus [On_Demand | Running])
DRV - [2004-08-13 04:56:20 | 00,005,810 | R--- | M] () -- H:\windows\System32\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running])
DRV - [2008-11-12 15:54:00 | 06,188,320 | ---- | M] (NVIDIA Corporation) -- H:\windows\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2002-03-19 10:29:16 | 00,014,165 | ---- | M] (Pinnacle Systems GmbH) -- H:\windows\System32\drivers\pclepci.sys -- (PCLEPCI [System | Running])
DRV - [2001-08-18 01:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- H:\windows\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- H:\windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2006-09-18 15:58:48 | 00,061,600 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27bus.sys -- (SE27bus [On_Demand | Stopped])
DRV - [2006-09-18 15:58:52 | 00,009,360 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27mdfl.sys -- (SE27mdfl [On_Demand | Stopped])
DRV - [2006-09-18 15:58:54 | 00,097,184 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27mdm.sys -- (SE27mdm [On_Demand | Stopped])
DRV - [2006-09-18 15:58:58 | 00,088,688 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27mgmt.sys -- (SE27mgmt [On_Demand | Stopped])
DRV - [2006-09-18 15:59:00 | 00,018,704 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se27nd5.sys -- (se27nd5 [On_Demand | Stopped])
DRV - [2006-09-18 15:59:02 | 00,086,560 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27obex.sys -- (SE27obex [On_Demand | Stopped])
DRV - [2006-09-18 15:59:08 | 00,090,800 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se27unic.sys -- (se27unic [On_Demand | Stopped])
DRV - [2006-11-30 16:13:56 | 00,061,536 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45bus.sys -- (se45bus [On_Demand | Stopped])
DRV - [2006-11-30 16:14:04 | 00,009,360 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45mdfl.sys -- (se45mdfl [On_Demand | Stopped])
DRV - [2006-11-30 16:14:04 | 00,097,088 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45mdm.sys -- (se45mdm [On_Demand | Stopped])
DRV - [2006-11-30 16:14:10 | 00,088,624 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45mgmt.sys -- (se45mgmt [On_Demand | Stopped])
DRV - [2006-11-30 16:14:10 | 00,018,704 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45nd5.sys -- (se45nd5 [On_Demand | Stopped])
DRV - [2006-11-30 16:14:14 | 00,086,432 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45obex.sys -- (se45obex [On_Demand | Stopped])
DRV - [2006-11-30 16:14:22 | 00,090,800 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45unic.sys -- (se45unic [On_Demand | Stopped])
DRV - [2008-04-13 22:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- H:\windows\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2005-08-10 14:44:04 | 00,050,688 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\sfdrv01.sys -- (sfdrv01 [Boot | Running])
DRV - [2005-05-16 15:20:39 | 00,006,656 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\sfhlp02.sys -- (sfhlp02 [Boot | Running])
DRV - [2005-08-10 16:06:28 | 00,019,968 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\sfsync02.sys -- (sfsync02 [Boot | Running])
DRV - [2009-09-04 19:16:25 | 00,721,904 | ---- | M] () -- H:\windows\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2006-03-23 19:00:00 | 00,006,272 | R--- | M] (EyePower Games Pte. Ltd.) -- H:\windows\System32\DRIVERS\V0230Vfx.sys -- (V0230Vfx [On_Demand | Running])
DRV - [2006-09-28 19:01:00 | 00,500,480 | R--- | M] (Creative Technology Ltd.) -- H:\windows\System32\DRIVERS\V0230VID.sys -- (V0230VID [On_Demand | Running])

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = H:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\S-1-5-21-796845957-1343024091-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\S-1-5-21-796845957-1343024091-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://onet.pl"
FF - prefs.js..extensions.enabledItems: {6E19037A-12E3-4295-8915-ED48BC341614}:1.3
FF - prefs.js..extensions.enabledItems: {C3F23840-B14B-4B61-AAEF-6BCC3621FA63}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - prefs.js..keyword.URL: "http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZCfox000&fl=0&ptb=9D9JkilC01wiJRayfcZ8jA&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor="

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: H:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-07-27 13:38:36 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: H:\Program Files\PremierOpinion [2009-10-02 14:19:06 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock 2.5.1\extensions\\Components: H:\Program Files\Flock\components [2009-08-25 14:06:54 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock 2.5.1\extensions\\Plugins: H:\Program Files\Flock\plugins [2009-10-05 19:04:22 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: H:\Program Files\Mozilla Firefox\components [2009-09-10 20:53:01 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: H:\Program Files\Mozilla Firefox\plugins [2009-10-09 18:57:38 | 00,000,000 | ---D | M]

[2009-03-10 18:27:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\mozilla\Extensions
[2009-03-10 18:27:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-02-25 20:29:51 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\mozilla\Firefox\Profiles\h9n4nthe.default\extensions
[2009-06-01 15:00:04 | 00,009,941 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Mozilla\FireFox\Profiles\h9n4nthe.default\searchplugins\mywebsearch.xml
[2009-10-11 15:09:31 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions
[2009-09-10 20:52:53 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-02-25 20:36:55 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2009-09-03 19:58:11 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions\{C3F23840-B14B-4B61-AAEF-6BCC3621FA63}
[2009-07-27 13:38:46 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009-09-10 20:52:51 | 00,023,544 | ---- | M] (Mozilla Foundation) -- H:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009-09-10 20:52:51 | 00,137,208 | ---- | M] (Mozilla Foundation) -- H:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2007-04-10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- H:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2007-04-30 16:29:22 | 00,049,152 | ---- | M] (Adobe Systems, Inc.) -- H:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2009-07-27 13:38:35 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- H:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009-09-10 20:52:56 | 00,065,016 | ---- | M] (mozilla.org) -- H:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006-10-26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- H:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2009-07-15 21:00:25 | 00,002,767 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2009-07-15 21:00:25 | 00,001,406 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2009-08-26 19:13:33 | 00,002,393 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\findbasic119.xml
[2009-09-03 19:58:12 | 00,002,393 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\findbasic121.xml
[2009-07-15 21:00:25 | 00,002,371 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\google.xml
[2009-07-15 21:00:25 | 00,000,917 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2009-07-15 21:00:25 | 00,000,858 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2009-07-15 21:00:25 | 00,001,183 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2009-07-15 21:00:25 | 00,001,683 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (731 bytes) - H:\windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Softonic-en Toolbar) - {983ad4d4-8b63-442f-8684-fbc1c067949c} - H:\Program Files\Softonic-en\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Softonic-en Toolbar) - {983ad4d4-8b63-442f-8684-fbc1c067949c} - H:\Program Files\Softonic-en\tbSoft.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\..\Toolbar\WebBrowser: (Softonic-en Toolbar) - {983AD4D4-8B63-442F-8684-FBC1C067949C} - H:\Program Files\Softonic-en\tbSoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe Photo Downloader] H:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] H:\windows\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast!] H:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [AVFX Engine] H:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [CTCheck] H:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [GrooveMonitor] H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [H:\windows\system32\V0230Cvw.dll] H:\windows\System32\V0230Cvw.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [iTunesHelper] H:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] H:\windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] H:\windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] H:\windows\System32\nwiz.exe ()
O4 - HKLM..\Run: [PinnacleDriverCheck] H:\windows\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [QuickTime Task] H:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RemoteControl] H:\windows\System32\rmctrl.exe ()
O4 - HKLM..\Run: [RTHDCPL] H:\windows\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] H:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] H:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] H:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [V0230Mon.exe] H:\windows\V0230Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [WinampAgent] H:\Program Files\Winamp\winampa.exe ()
O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [ares] H:\Program Files\Ares\Ares.exe (Ares Development Group)
O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [Creative Live! Cam Manager] H:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [DAEMON Tools Lite] H:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [MSMSGS] H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [Nowe Gadu-Gadu] H:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.)
O4 - Startup: H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package Menu.lnk = H:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe (Sony Corporation)
O4 - Startup: H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package VCD Maker.lnk = H:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe (Sony Corporation.)
O4 - Startup: H:\Documents and Settings\Gosia\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: H:\Documents and Settings\Krzysztof\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: H:\Documents and Settings\Wiktoria\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - H:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\windows\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - H:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - H:\windows\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - H:\windows\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.58
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - H:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - H:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - H:\windows\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PremierOpinion: DllName - H:\Program Files\PremierOpinion\pmls.dll - H:\Program Files\PremierOpinion\pmls.dll (VoiceFive Networks, Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{46e2a893-0cb8-11de-b09a-001d60a8d52e}\Shell\AutoRun\command - "" = C:\uvsqfgwd.cmd -- File not found
O33 - MountPoints2\{46e2a893-0cb8-11de-b09a-001d60a8d52e}\Shell\open\Command - "" = C:\uvsqfgwd.cmd -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - H:\windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009-10-04 16:14:08 | 00,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
[2009-10-06 15:57:50 | 00,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Dane aplikacji\Pinnacle
[2009-10-03 18:35:44 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Dark Sector
[2009-10-03 17:58:55 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\GRETECH
[2009-09-28 18:39:10 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\OpenOffice.org
[2009-09-21 20:51:16 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Conduit
[2009-10-11 20:26:59 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\NFS Underground 2
[2009-09-21 20:51:16 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Softonic-en
[2009-10-04 00:30:51 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Stardock
[2009-10-05 19:15:44 | 00,000,000 | ---D | C] -- H:\Program Files\Common Files\DESIGNER
[2009-10-11 20:26:57 | 00,000,000 | ---D | C] -- H:\Program Files\Common Files\DirectX
[2009-10-06 21:33:47 | 00,000,000 | ---D | C] -- H:\Program Files\Common Files\muvee Technologies
[2009-09-12 23:15:40 | 00,000,000 | ---D | C] -- H:\Program Files\Ares
[2009-09-20 17:33:18 | 00,000,000 | ---D | C] -- H:\Program Files\Conduit
[2009-09-20 17:33:56 | 00,000,000 | ---D | C] -- H:\Program Files\GRETECH
[2009-10-06 16:33:41 | 00,000,000 | ---D | C] -- H:\Program Files\HijackThis
[2009-10-05 19:15:44 | 00,000,000 | ---D | C] -- H:\Program Files\Microsoft Visual Studio
[2009-10-05 19:13:08 | 00,000,000 | ---D | C] -- H:\Program Files\Microsoft Visual Studio 8
[2009-10-05 19:16:23 | 00,000,000 | ---D | C] -- H:\Program Files\Microsoft Works
[2009-10-05 19:15:05 | 00,000,000 | ---D | C] -- H:\Program Files\Microsoft.NET
[2009-10-06 15:57:47 | 00,000,000 | ---D | C] -- H:\Program Files\Pinnacle
[2009-10-06 21:35:10 | 00,000,000 | ---D | C] -- H:\Program Files\PIXELA
[2009-09-20 17:33:18 | 00,000,000 | ---D | C] -- H:\Program Files\Softonic-en
[2009-10-06 21:33:43 | 00,000,000 | ---D | C] -- H:\Program Files\Sony Corporation
[2009-10-06 21:33:43 | 00,013,567 | ---- | C] (B.H.A Corporation) -- H:\windows\System32\drivers\CDRBSDRV.SYS
[2009-10-06 18:05:09 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Moje dokumenty\Pinnacle Hollywood FX for Studio
[2009-10-06 17:02:13 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Moje dokumenty\Pinnacle Studio
[2009-10-06 16:30:58 | 00,294,912 | ---- | C] (Pegasus Imaging Corporation) -- H:\windows\System32\pvmjpg21.dll
[2009-10-06 16:30:58 | 00,081,920 | ---- | C] (Pinnacle Systems) -- H:\windows\System32\vdrmux.dll
[2009-10-06 16:30:58 | 00,046,592 | ---- | C] (Pinnacle Systems) -- H:\windows\System32\vdrcodec.dll
[2009-10-06 16:28:31 | 00,019,456 | ---- | C] (VoB Computersysteme GmbH) -- H:\windows\System32\asapi.dll
[2009-10-06 16:28:29 | 00,090,112 | ---- | C] (MindVision Software) -- H:\windows\unvise32.exe
[2009-10-06 16:27:01 | 00,061,440 | ---- | C] (Pinnacle Systems) -- H:\windows\System32\pclepim1.dll
[2009-10-06 16:27:00 | 00,049,152 | ---- | C] (Pinnacle Systems) -- H:\windows\System32\PCLEGetGuid.dll
[2009-10-05 19:10:12 | 00,000,000 | RH-D | C] -- H:\MSOCache

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2009-10-11 20:51:45 | 00,000,003 | ---- | M] () -- H:\windows\Twain001.Mtx
[2009-10-11 20:51:42 | 00,000,156 | ---- | M] () -- H:\windows\Twunk001.MTX
[2009-10-11 20:50:31 | 00,002,645 | ---- | M] () -- H:\windows\System32\CONFIG.NT
[2009-10-11 20:48:12 | 01,110,350 | ---- | M] () -- H:\windows\System32\PerfStringBackup.INI
[2009-10-11 20:48:12 | 00,497,552 | ---- | M] () -- H:\windows\System32\perfh015.dat
[2009-10-11 20:48:12 | 00,438,960 | ---- | M] () -- H:\windows\System32\perfh009.dat
[2009-10-11 20:48:12 | 00,088,642 | ---- | M] () -- H:\windows\System32\perfc015.dat
[2009-10-11 20:48:12 | 00,071,046 | ---- | M] () -- H:\windows\System32\perfc009.dat
[2009-10-11 20:44:02 | 00,203,188 | ---- | M] () -- H:\windows\System32\nvapps.xml
[2009-10-11 20:43:59 | 00,000,664 | ---- | M] () -- H:\windows\System32\d3d9caps.dat
[2009-10-11 20:43:55 | 00,000,006 | -H-- | M] () -- H:\windows\tasks\SA.DAT
[2009-10-11 20:43:49 | 00,002,048 | --S- | M] () -- H:\windows\bootstat.dat
[2009-10-11 20:25:40 | 00,000,032 | ---- | M] () -- H:\windows\ZSAM.INI
[2009-10-11 19:09:09 | 00,000,069 | ---- | M] () -- H:\windows\NeroDigital.ini
[2009-10-11 19:07:25 | 00,171,520 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-10-07 20:33:06 | 00,045,056 | ---- | M] () -- H:\windows\System32\UTSCSI.EXE
[2009-10-06 21:34:07 | 00,000,763 | ---- | M] () -- H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package Menu.lnk
[2009-10-06 21:34:02 | 00,000,813 | ---- | M] () -- H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package VCD Maker.lnk
[2009-10-06 18:21:32 | 00,000,063 | ---- | M] () -- H:\windows\PixieTool.INI
[2009-10-06 18:19:42 | 00,000,349 | ---- | M] () -- H:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2009-10-06 16:54:25 | 01,807,984 | ---- | M] () -- H:\windows\System32\FNTCACHE.DAT
[2009-10-06 16:39:50 | 00,198,840 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-10-06 16:33:41 | 00,001,582 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Pulpit\HijackThis.lnk
[2009-10-05 19:20:50 | 00,000,843 | ---- | M] () -- H:\windows\win.ini
[2009-10-05 15:53:43 | 00,002,206 | ---- | M] () -- H:\windows\System32\wpa.dbl
[2009-10-04 00:59:13 | 01,044,604 | -H-- | M] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-10-04 00:36:47 | 00,444,952 | ---- | M] (Creative Labs) -- H:\windows\System32\wrap_oal.dll
[2009-10-04 00:36:47 | 00,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- H:\windows\System32\OpenAL32.dll
[2009-09-28 18:40:04 | 00,000,866 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk
[2009-09-18 23:04:56 | 00,000,768 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Pulpit\Skrót do Ygoow.lnk

[color=#E56717]========== Files - No Company Name ==========[/color]
[2009-10-11 20:44:41 | 00,000,156 | ---- | C] () -- H:\windows\Twunk001.MTX
[2009-10-11 20:44:41 | 00,000,003 | ---- | C] () -- H:\windows\Twain001.Mtx
[2009-10-11 20:25:40 | 00,000,032 | ---- | C] () -- H:\windows\ZSAM.INI
[2009-10-07 20:33:06 | 00,045,056 | ---- | C] () -- H:\windows\System32\UTSCSI.EXE
[2009-10-06 21:34:07 | 00,000,763 | ---- | C] () -- H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package Menu.lnk
[2009-10-06 21:34:06 | 00,001,458 | ---- | C] () -- H:\windows\System32\LTOCX12n.INF
[2009-10-06 21:34:02 | 00,000,813 | ---- | C] () -- H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package VCD Maker.lnk
[2009-10-06 16:33:41 | 00,001,582 | ---- | C] () -- H:\Documents and Settings\Krzysztof\Pulpit\HijackThis.lnk
[2009-10-06 16:28:31 | 00,406,016 | ---- | C] () -- H:\windows\System32\PSDrvCheck.exe
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.KOR
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.JPN
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.JP
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.ITA
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.IT
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.FRA
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.FR
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.ESP
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.ES
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.DEU
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.DE
[2009-10-06 16:28:31 | 00,026,112 | ---- | C] () -- H:\windows\System32\PSDrvCheck.CHT
[2009-10-06 16:28:31 | 00,026,112 | ---- | C] () -- H:\windows\System32\PSDrvCheck.CHS
[2009-10-06 16:28:31 | 00,016,896 | ---- | C] () -- H:\windows\System32\PSDrvCheck.NLD
[2009-10-06 16:28:31 | 00,016,896 | ---- | C] () -- H:\windows\System32\PSDrvCheck.NL
[2009-10-06 16:28:31 | 00,016,896 | ---- | C] () -- H:\windows\System32\PSDrvCheck.KO
[2009-10-06 16:27:01 | 00,038,232 | ---- | C] () -- H:\windows\wmprfsky.prx
[2009-10-06 16:27:01 | 00,037,916 | ---- | C] () -- H:\windows\wmprffra.prx
[2009-10-06 16:27:01 | 00,037,014 | ---- | C] () -- H:\windows\wmprfhun.prx
[2009-10-06 16:27:01 | 00,036,594 | ---- | C] () -- H:\windows\wmprfell.prx
[2009-10-06 16:27:01 | 00,035,916 | ---- | C] () -- H:\windows\wmprfptg.prx
[2009-10-06 16:27:01 | 00,035,680 | ---- | C] () -- H:\windows\wmprfita.prx
[2009-10-06 16:27:01 | 00,035,590 | ---- | C] () -- H:\windows\wmprfesp.prx
[2009-10-06 16:27:01 | 00,035,474 | ---- | C] () -- H:\windows\wmprfcsy.prx
[2009-10-06 16:27:01 | 00,033,820 | ---- | C] () -- H:\windows\WMPrfDeu.prx
[2009-10-06 16:27:01 | 00,033,694 | ---- | C] () -- H:\windows\wmprfptb.prx
[2009-10-06 16:27:01 | 00,033,580 | ---- | C] () -- H:\windows\wmprfslv.prx
[2009-10-06 16:27:01 | 00,033,336 | ---- | C] () -- H:\windows\WMPrfAra.prx
[2009-10-06 16:27:01 | 00,033,314 | ---- | C] () -- H:\windows\wmprfsve.prx
[2009-10-06 16:27:01 | 00,032,964 | ---- | C] () -- H:\windows\wmprfnld.prx
[2009-10-06 16:27:01 | 00,032,852 | ---- | C] () -- H:\windows\wmprfnor.prx
[2009-10-06 16:27:01 | 00,032,022 | ---- | C] () -- H:\windows\wmprftrk.prx
[2009-10-06 16:27:01 | 00,031,764 | ---- | C] () -- H:\windows\wmprffin.prx
[2009-10-06 16:27:01 | 00,031,712 | ---- | C] () -- H:\windows\wmprfdan.prx
[2009-10-06 16:27:01 | 00,028,718 | ---- | C] () -- H:\windows\wmprfheb.prx
[2009-10-06 16:27:01 | 00,023,304 | ---- | C] () -- H:\windows\WMPrfJpn.prx
[2009-10-06 16:27:01 | 00,022,338 | ---- | C] () -- H:\windows\WMPrfKor.prx
[2009-10-06 16:27:01 | 00,000,804 | ---- | C] () -- H:\windows\wmprfrus.prx
[2009-10-06 16:27:01 | 00,000,136 | ---- | C] () -- H:\windows\WMPrfCHS.prx
[2009-10-06 16:27:01 | 00,000,132 | ---- | C] () -- H:\windows\WMPrfCHT.prx
[2009-10-06 16:26:22 | 00,000,063 | ---- | C] () -- H:\windows\PixieTool.INI
[2009-10-06 16:01:11 | 00,000,349 | ---- | C] () -- H:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2009-10-04 00:59:13 | 01,044,604 | -H-- | C] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-09-28 18:40:04 | 00,000,866 | ---- | C] () -- H:\Documents and Settings\Krzysztof\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk
[2009-07-30 22:24:15 | 00,024,575 | ---- | C] () -- H:\windows\System32\Qsusengwinsyspio49.dll
[2009-07-13 22:09:50 | 00,043,520 | ---- | C] () -- H:\windows\System32\CmdLineExt03.dll
[2009-06-23 14:35:45 | 00,354,816 | ---- | C] () -- H:\windows\System32\psisdecd.dll
[2009-04-25 22:39:16 | 00,000,000 | ---- | C] () -- H:\windows\PlayDemo.INI
[2009-04-22 18:35:37 | 00,069,632 | ---- | C] () -- H:\windows\System32\xmltok.dll
[2009-04-22 18:35:37 | 00,036,864 | ---- | C] () -- H:\windows\System32\xmlparse.dll
[2009-03-29 18:41:15 | 00,237,568 | ---- | C] () -- H:\windows\System32\lame_enc.dll
[2009-03-28 21:27:35 | 00,138,184 | ---- | C] () -- H:\windows\System32\drivers\PnkBstrK.sys
[2009-03-14 15:33:54 | 00,721,904 | ---- | C] () -- H:\windows\System32\drivers\sptd.sys
[2009-03-07 22:36:23 | 00,012,288 | ---- | C] () -- H:\windows\impborl.dll
[2009-03-07 22:27:48 | 00,000,011 | ---- | C] () -- H:\windows\wanpatan.ini
[2009-03-02 16:56:47 | 00,210,456 | ---- | C] () -- H:\windows\System32\IVIresizeW7.dll
[2009-03-02 16:56:47 | 00,198,168 | ---- | C] () -- H:\windows\System32\IVIresizeP6.dll
[2009-03-02 16:56:47 | 00,194,072 | ---- | C] () -- H:\windows\System32\IVIresizePX.dll
[2009-03-02 16:56:46 | 00,206,360 | ---- | C] () -- H:\windows\System32\IVIresizeA6.dll
[2009-03-02 16:56:46 | 00,198,168 | ---- | C] () -- H:\windows\System32\IVIresizeM6.dll
[2009-03-02 16:56:46 | 00,026,136 | ---- | C] () -- H:\windows\System32\IVIresize.dll
[2009-02-28 15:38:49 | 00,000,000 | ---- | C] () -- H:\windows\mngui.INI
[2009-02-26 21:55:49 | 00,171,520 | ---- | C] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-02-25 22:55:12 | 00,000,069 | ---- | C] () -- H:\windows\NeroDigital.ini
[2009-02-25 20:31:40 | 00,198,840 | ---- | C] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-02-25 20:29:05 | 00,000,062 | -HS- | C] () -- H:\Documents and Settings\Krzysztof\Dane aplikacji\desktop.ini
[2009-02-25 20:26:16 | 00,000,062 | -HS- | C] () -- H:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
[2009-02-25 20:16:41 | 00,036,864 | ---- | C] () -- H:\windows\System32\ctrldll.dll
[2009-02-25 20:12:04 | 00,000,421 | ---- | C] () -- H:\windows\ODBC.INI
[2009-02-25 19:49:56 | 00,023,040 | R--- | C] () -- H:\windows\System32\drivers\GVCplDrv.sys
[2009-02-25 19:39:15 | 00,005,810 | R--- | C] () -- H:\windows\System32\drivers\ASACPI.sys
[2009-02-25 19:39:14 | 00,011,839 | ---- | C] () -- H:\windows\Ascd_tmp.ini
[2009-02-25 19:39:03 | 00,010,288 | ---- | C] () -- H:\windows\System32\drivers\ASUSHWIO.SYS
[2008-12-18 00:30:06 | 00,815,104 | ---- | C] () -- H:\windows\System32\xvidcore.dll
[2008-12-18 00:30:06 | 00,180,224 | ---- | C] () -- H:\windows\System32\xvidvfw.dll
[2008-11-12 15:54:00 | 01,703,936 | ---- | C] () -- H:\windows\System32\nvwdmcpl.dll
[2008-11-12 15:54:00 | 01,486,848 | ---- | C] () -- H:\windows\System32\nview.dll
[2008-11-12 15:54:00 | 01,019,904 | ---- | C] () -- H:\windows\System32\nvwimg.dll
[2008-11-12 15:54:00 | 00,466,944 | ---- | C] () -- H:\windows\System32\nvshell.dll
[2008-10-07 10:13:30 | 00,197,912 | ---- | C] () -- H:\windows\System32\physxcudart_20.dll
[2008-10-07 10:13:22 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelSwedish.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelSpanish.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelPortugese.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelKorean.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelJapanese.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelGerman.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelFrench.dll
[2007-11-26 21:56:28 | 00,151,415 | ---- | C] () -- H:\windows\System32\xlive.dll.cat
[2005-02-23 18:57:35 | 00,971,776 | ---- | C] () -- H:\windows\System32\SSCProt.dll
[2004-03-18 07:44:29 | 01,663,068 | ---- | C] () -- H:\windows\System32\libmmd.dll
[2002-10-16 00:54:04 | 00,153,088 | ---- | C] () -- H:\windows\System32\unrar.dll
[2002-03-17 02:00:00 | 00,007,420 | ---- | C] () -- H:\windows\UA000088.DLL
[2001-10-26 21:28:10 | 00,003,584 | ---- | C] () -- H:\windows\System32\iprop.dll
[2001-07-22 02:16:20 | 00,000,843 | ---- | C] () -- H:\windows\win.ini
[2001-07-22 02:15:52 | 00,000,284 | ---- | C] () -- H:\windows\system.ini

[color=#E56717]========== LOP Check ==========[/color]

[2009-10-06 15:57:50 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\All Users\Dane aplikacji
[2009-08-25 14:07:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009-02-25 20:15:28 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\ACD Systems
[2009-02-25 20:05:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Ahead
[2009-06-19 19:29:46 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Codemasters
[2009-05-20 12:16:53 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\ConeXware
[2009-02-25 20:16:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\CyberLink
[2009-03-28 21:05:05 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2009-07-14 19:00:51 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2009-09-03 19:33:31 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Findbasic
[2002-01-01 07:56:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\FLEXnet
[2009-03-02 16:56:49 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\InterVideo
[2009-10-06 15:57:50 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Pinnacle
[2009-02-28 15:14:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Teleca
[2009-09-06 16:16:04 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-04-13 19:29:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited
[2009-05-20 14:18:33 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\TrackMania
[2009-06-13 17:59:24 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Ubisoft
[2009-05-19 10:17:48 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems
[2009-02-25 20:26:16 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Default User\Dane aplikacji
[2009-08-26 19:10:23 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji
[2009-02-25 20:15:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\ACD Systems
[2009-04-12 22:26:02 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Ahead
[2009-06-02 12:02:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Any Video Converter
[2009-04-24 21:36:51 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\AVI ReComp
[2009-02-25 23:00:08 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\CyberLink
[2009-03-28 21:06:01 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\DAEMON Tools
[2009-09-06 10:56:25 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\DAEMON Tools Lite
[2009-05-03 15:42:37 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\DAEMON Tools Pro
[2009-03-14 12:32:34 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Gadu-Gadu
[2009-05-14 21:57:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\GetRightToGo
[2009-02-28 18:42:06 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Leadertech
[2009-02-25 22:15:29 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Nowe Gadu-Gadu
[2009-07-27 13:40:58 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\OpenOffice.org
[2009-04-20 21:57:58 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Publish Providers
[2009-03-27 20:28:41 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\SecuROM
[2009-04-20 21:57:34 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Sony
[2009-02-26 16:34:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Teleca
[2009-06-13 18:05:03 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Ubisoft
[2009-03-02 18:11:13 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Ulead Systems
[2009-07-29 11:49:41 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\ViStart
[2009-08-10 20:38:10 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Xenorate
[2009-10-07 20:33:26 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji
[2009-02-25 20:30:53 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\ACD Systems
[2009-05-16 19:53:50 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Ahead
[2009-10-04 00:32:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Any Video Converter
[2009-04-03 15:15:04 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\DAEMON Tools
[2009-09-05 09:38:11 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\DAEMON Tools Lite
[2009-05-08 20:52:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\DAEMON Tools Pro
[2009-10-11 14:54:08 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Dark Sector
[2009-04-25 22:26:08 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\GetRightToGo
[2009-10-03 17:58:55 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\GRETECH
[2009-04-07 15:54:23 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\gtk-2.0
[2009-03-03 18:25:07 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Leadertech
[2009-05-08 19:10:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\NetMedia Providers
[2009-06-29 19:37:32 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Nowe Gadu-Gadu
[2009-05-08 20:54:49 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Off Road
[2009-09-28 18:39:10 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\OpenOffice.org
[2009-05-08 19:10:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Publish Providers
[2009-02-27 22:04:11 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Teleca
[2009-03-02 16:58:37 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Ulead Systems
[2009-08-27 17:45:46 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Xenorate
[2009-09-03 19:58:12 | 00,000,000 | ---D | M] -- H:\Documents and Settings\LocalService\Dane aplikacji
[2009-02-25 19:34:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\NetworkService\Dane aplikacji
[2009-10-10 16:27:04 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji
[2009-09-04 15:05:23 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Ahead
[2009-07-31 19:02:50 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\AVI ReComp
[2009-09-14 19:51:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\DAEMON Tools Pro
[2009-10-03 14:26:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Dark Sector
[2009-07-30 21:52:00 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Flock
[2009-09-20 17:34:12 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\GRETECH
[2009-07-30 16:20:17 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Nowe Gadu-Gadu
[2009-08-10 20:40:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\OpenOffice.org
[2009-08-29 20:29:52 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\SecuROM
[2009-10-10 16:25:20 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Teleca
[2009-10-01 16:20:02 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\TSRWorkshop
[2001-07-22 02:17:50 | 00,000,065 | RH-- | M] () -- H:\windows\Tasks\desktop.ini
[2009-10-11 20:43:55 | 00,000,006 | -H-- | M] () -- H:\windows\Tasks\SA.DAT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 143 bytes -> H:\Documents and Settings\All Users\Dane aplikacji\TEMP:8CE646EE
@Alternate Data Stream - 133 bytes -> H:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF
< End of report >
[/log]

zrobiłem skan Malwarebytes i brawo, znalazł mi ponad 50 zainfekowanych, większość to trojany i registry key, ale są też wśród tych plików pliki systemowe stąd pytanie czy na pewno usunąć zaznaczone pliki- zamieszczam screen

proszę, log z Malwarebytes:
[log]
Malwarebytes' Anti-Malware 1.41
Wersja bazy definicji: 2943
Windows 5.1.2600 Dodatek Service Pack 3

2009-10-11 21:16:29
mbam-log-2009-10-11 (21-16-26).txt

Typ skanowania: Szybkie skanowanie
Przeskanowane obiekty: 115197
Upłynęło: 2 minute(s), 20 second(s)

Zainfekowane procesy w pamięci: 1
Zainfekowane moduły pamięci: 2
Zainfekowane klucze rejestru: 26
Zainfekowane wartości rejestru: 2
Zainfekowane pliki rejestru: 0
Zainfekowane foldery: 8
Zainfekowane pliki: 18

Zainfekowane procesy w pamięci:
H:\Program Files\PremierOpinion\pmropn.exe (Trojan.Agent) -> No action taken.

Zainfekowane moduły pamięci:
H:\Program Files\PremierOpinion\pmls.dll (Trojan.Agent) -> No action taken.
H:\Program Files\PremierOpinion\components\pmxg.dll (Trojan.Agent) -> No action taken.

Zainfekowane klucze rejestru:
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{eeb86aef-4a5d-4b75-9d74-f16d438fc286} (Adware.PremierOpinion) -> No action taken.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> No action taken.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> No action taken.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> No action taken.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> No action taken.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> No action taken.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\premieropinion (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.

Zainfekowane wartości rejestru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\h:\windows\system32\v0230cvw.dll (Trojan.Agent) -> No action taken.

Zainfekowane pliki rejestru:
(Nie wykryto groźnych plików)

Zainfekowane foldery:
H:\Program Files\MyWebSearch (Adware.MyWebSearch) -> No action taken.
H:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken.
H:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> No action taken.
H:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> No action taken.
H:\Program Files\premieropinion (Trojan.Agent) -> No action taken.
H:\Program Files\premieropinion\components (Trojan.Agent) -> No action taken.
H:\Documents and Settings\All Users\Menu Start\Programy\PremierOpinion (Adware.PremierOpinion) -> No action taken.
H:\WINDOWS\system32\lowsec (Stolen.data) -> No action taken.

Zainfekowane pliki:
H:\Program Files\MyWebSearch\bar\History\search3 (Adware.MyWebSearch) -> No action taken.
H:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.
H:\Program Files\premieropinion\chrome.manifest (Trojan.Agent) -> No action taken.
H:\Program Files\premieropinion\install.rdf (Trojan.Agent) -> No action taken.
H:\Program Files\premieropinion\pmls.dll (Trojan.Agent) -> No action taken.
H:\Program Files\premieropinion\pmoci.bin (Trojan.Agent) -> No action taken.
H:\Program Files\premieropinion\pmph.dll (Trojan.Agent) -> No action taken.
H:\Program Files\premieropinion\pmropn.exe (Trojan.Agent) -> No action taken.
H:\Program Files\premieropinion\pmservice.exe (Trojan.Agent) -> No action taken.
H:\Program Files\premieropinion\pmxf.dll (Trojan.Agent) -> No action taken.
H:\Program Files\premieropinion\components\pmxg.dll (Trojan.Agent) -> No action taken.
H:\Documents and Settings\All Users\Menu Start\Programy\PremierOpinion\About PremierOpinion.lnk (Adware.PremierOpinion) -> No action taken.
H:\Documents and Settings\All Users\Menu Start\Programy\PremierOpinion\Privacy Policy and User License Agreement.lnk (Adware.PremierOpinion) -> No action taken.
H:\Documents and Settings\All Users\Menu Start\Programy\PremierOpinion\Support.lnk (Adware.PremierOpinion) -> No action taken.
H:\Documents and Settings\All Users\Menu Start\Programy\PremierOpinion\Uninstall Instructions.lnk (Adware.PremierOpinion) -> No action taken.
H:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> No action taken.
H:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> No action taken.
H:\WINDOWS\system32\lowsec\user.ds.lll (Stolen.data) -> No action taken.
[/log]

Gość
komentarz
komentarz

Usuń to co znalazł MBAM i będzie Oki.


.

chrisx94
komentarz
komentarz

ok, usunąłem wszystkie pliki oprócz systemowych i pytam po raz ostatni czy ich też trzeba się pozbyć?
bo na razie nie widzę żadnych skutków tych skanów i usunięć <_<

MarekM25
komentarz
komentarz

Usuń wszystko co znalazł MBAM. No i to tyle ogólnie nic takiego groźnego nie miałeś, więc skutków możesz nie odczuwać.

chrisx94
komentarz
komentarz

sugerujecie w takim razie, że te problemy mogą być czym spowodowane? C/:windows rozruch, samoczynne otwieranie się Moich Dokumentów, jakaś idiotyczna notatka o SQL Writer, błąd biblioteki dll, strasznie mi to wszystko przeszkadza, zwłaszcza, że komp jest używany przez wielu użytkowników. W takim razie jakieś inne porady co do tych problemów???

MarekM25
komentarz
komentarz

Hmm daj jeszcze loga z Hijackthis lub otl.

+ załącz screeny co jest dokładnie na starcie systemu

chrisx94
komentarz
komentarz (edytowane)

log z HijackThis:
[log]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:19:58, on 2009-10-14
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
H:\windows\System32\smss.exe
H:\windows\system32\winlogon.exe
H:\windows\system32\services.exe
H:\windows\system32\lsass.exe
H:\windows\system32\svchost.exe
H:\windows\System32\svchost.exe
H:\windows\system32\svchost.exe
H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
H:\Program Files\Alwil Software\Avast4\ashServ.exe
H:\windows\system32\spoolsv.exe
H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
H:\Program Files\Bonjour\mDNSResponder.exe
H:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
H:\windows\system32\CTsvcCDA.exe
H:\windows\system32\nvsvc32.exe
H:\windows\system32\PnkBstrA.exe
H:\windows\system32\svchost.exe
H:\Program Files\Google\Update\GoogleUpdate.exe
H:\windows\system32\UTSCSI.EXE
H:\windows\RTHDCPL.EXE
H:\Program Files\Java\jre6\bin\jusched.exe
H:\windows\system32\RUNDLL32.EXE
H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
H:\WINDOWS\system32\rmctrl.exe
H:\Program Files\Winamp\winampa.exe
H:\Program Files\Common Files\Real\Update_OB\realsched.exe
H:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
H:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
H:\Program Files\iTunes\iTunesHelper.exe
H:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
H:\windows\V0230Mon.exe
H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
H:\windows\system32\ctfmon.exe
H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
H:\Program Files\Messenger\msmsgs.exe
H:\Program Files\DAEMON Tools Lite\daemon.exe
H:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
H:\Program Files\Ares\Ares.exe
H:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
H:\Program Files\OpenOffice.org 3\program\soffice.exe
H:\Program Files\OpenOffice.org 3\program\soffice.bin
H:\windows\system32\wuauclt.exe
H:\windows\system32\wuauclt.exe
H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
H:\Program Files\iPod\bin\iPodService.exe
H:\Program Files\Common Files\Teleca Shared\Generic.exe
H:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
H:\windows\explorer.exe
H:\Program Files\Mozilla Firefox\firefox.exe
H:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
F2 - REG:system.ini: UserInit=H:\WINDOWS\system32\userinit.exe,userinit.exe,
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Softonic-en Toolbar - {983ad4d4-8b63-442f-8684-fbc1c067949c} - H:\Program Files\Softonic-en\tbSoft.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Softonic-en Toolbar - {983ad4d4-8b63-442f-8684-fbc1c067949c} - H:\Program Files\Softonic-en\tbSoft.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] H:\WINDOWS\system32\rmctrl.exe
O4 - HKLM\..\Run: [WinampAgent] "H:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [TkBellExe] "H:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "H:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "H:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [CTCheck] H:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "H:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVFX Engine] H:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [V0230Mon.exe] H:\windows\V0230Mon.exe
O4 - HKLM\..\Run: [GrooveMonitor] "H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] H:\windows\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "H:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [CTFMON.EXE] H:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "H:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Nowe Gadu-Gadu] "H:\Program Files\Nowe Gadu-Gadu\gg.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "H:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "H:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [ares] "H:\Program Files\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Default user')
O4 - Startup: OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - H:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - H:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - H:\windows\system32\CTsvcCDA.exe
O23 - Service: Findbasic Service - Unknown owner - H:\Documents and Settings\All Users\Dane aplikacji\Findbasic\findbasic121.exe
O23 - Service: Google Update Service (gupdate1c9acba996552fe) (gupdate1c9acba996552fe) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - H:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\windows\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - H:\windows\system32\PnkBstrA.exe
O23 - Service: CLCV0 (UTSCSI) - Unknown owner - H:\windows\system32\UTSCSI.EXE

--
End of file - 10206 bytes
[/log]


OTL:
[log]
OTL logfile created on: 2009-10-14 11:20:57 - Run 3
OTL by OldTimer - Version 3.0.18.4 Folder = I:\Programy\logi
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 69,83% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = H: | %SystemRoot% = H:\windows | %ProgramFiles% = H:\Program Files
C: Drive not present or media not loaded
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 3,53 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 48,83 Gb Total Space | 17,65 Gb Free Space | 36,15% Space Free | Partition Type: NTFS
Drive I: | 156,25 Gb Total Space | 50,19 Gb Free Space | 32,12% Space Free | Partition Type: NTFS
Drive J: | 167,53 Gb Total Space | 47,72 Gb Free Space | 28,48% Space Free | Partition Type: NTFS
Drive M: | 981,84 Mb Total Space | 12,86 Mb Free Space | 1,31% Space Free | Partition Type: FAT

Computer Name: WWW-649A18D4B0C
Current User Name: Krzysztof
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2008-11-26 19:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008-11-26 19:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009-07-09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- H:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2007-03-06 11:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) -- H:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
PRC - [1999-12-12 19:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- H:\windows\System32\CTsvcCDA.exe
PRC - [2008-11-12 15:54:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- H:\windows\System32\nvsvc32.exe
PRC - [2009-03-29 11:10:42 | 00,066,872 | ---- | M] () -- H:\windows\System32\PnkBstrA.exe
PRC - [2009-03-24 21:56:16 | 00,133,104 | ---- | M] (Google Inc.) -- H:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2009-10-07 20:33:06 | 00,045,056 | ---- | M] () -- H:\windows\System32\UTSCSI.EXE
PRC - [2007-04-10 09:28:44 | 16,126,464 | R--- | M] (Realtek Semiconductor Corp.) -- H:\windows\RTHDCPL.EXE
PRC - [2009-07-27 13:38:34 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- H:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008-11-26 19:18:51 | 00,081,000 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2003-08-01 13:11:02 | 00,032,768 | ---- | M] () -- H:\windows\System32\rmctrl.exe
PRC - [2007-10-10 07:28:32 | 00,036,352 | ---- | M] () -- H:\Program Files\Winamp\winampa.exe
PRC - [2009-02-25 20:09:12 | 00,180,269 | ---- | M] (RealNetworks, Inc.) -- H:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2005-06-07 00:46:24 | 00,057,344 | ---- | M] (Adobe Systems Incorporated) -- H:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
PRC - [2007-11-06 11:08:10 | 00,397,312 | ---- | M] (Creative Technology Ltd) -- H:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
PRC - [2009-07-13 14:03:10 | 00,292,128 | ---- | M] (Apple Inc.) -- H:\Program Files\iTunes\iTunesHelper.exe
PRC - [2006-08-16 01:12:00 | 00,024,576 | ---- | M] (Creative Technology Ltd.) -- H:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
PRC - [2006-09-06 19:01:00 | 00,032,768 | R--- | M] (Creative Technology Ltd.) -- H:\windows\V0230Mon.exe
PRC - [2006-10-27 00:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2007-05-16 10:27:16 | 00,153,136 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2008-04-14 23:51:32 | 01,695,232 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Messenger\msmsgs.exe
PRC - [2009-04-23 15:51:38 | 00,691,656 | ---- | M] (DT Soft Ltd) -- H:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2006-09-06 09:42:00 | 00,143,360 | ---- | M] (Creative Technology Ltd.) -- H:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
PRC - [2008-12-13 06:23:30 | 00,882,176 | ---- | M] (Ares Development Group) -- H:\Program Files\Ares\Ares.exe
PRC - [2004-07-08 16:13:42 | 00,106,496 | ---- | M] (Sony Corporation.) -- H:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
PRC - [2009-04-23 06:47:00 | 07,424,000 | ---- | M] (OpenOffice.org) -- H:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009-04-23 06:48:54 | 07,418,368 | ---- | M] (OpenOffice.org) -- H:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2008-11-26 19:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2008-11-26 19:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2007-05-16 10:27:28 | 00,271,920 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2009-07-13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- H:\Program Files\iPod\bin\iPodService.exe
PRC - [2006-10-13 10:11:16 | 00,983,040 | R--- | M] (Obigo AB) -- H:\Program Files\Common Files\Teleca Shared\Generic.exe
PRC - [2006-11-13 16:17:38 | 00,872,448 | R--- | M] (Sony Ericsson Mobile Communications AB) -- H:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
PRC - [2008-04-14 22:51:52 | 00,218,112 | ---- | M] (Microsoft Corporation) -- H:\windows\System32\wbem\wmiprvse.exe
PRC - [2008-04-14 22:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- H:\windows\explorer.exe
PRC - [2009-09-10 20:52:54 | 00,908,280 | ---- | M] (Mozilla Corporation) -- H:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008-04-14 22:51:52 | 00,218,112 | ---- | M] (Microsoft Corporation) -- H:\windows\System32\wbem\wmiprvse.exe
PRC - [2009-10-06 16:23:55 | 00,520,704 | ---- | M] (OldTimer Tools) -- I:\Programy\logi\OTL.exe

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-07-09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2005-09-23 08:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- H:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008-11-26 19:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV - [2008-11-26 19:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV - [2008-11-26 19:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV - [2008-11-26 19:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- H:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2007-03-06 11:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) -- H:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service [Auto | Running])
SRV - [2005-09-23 08:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [1999-12-12 19:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- H:\windows\System32\CTsvcCDA.exe -- (Creative Service for CDROM Access [Auto | Running])
SRV - [2009-09-02 21:10:00 | 00,054,776 | ---- | M] () -- H:\Documents and Settings\All Users\Dane aplikacji\Findbasic\findbasic121.exe -- (Findbasic Service [Auto | Stopped])
SRV - [2006-10-20 22:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009-03-24 21:56:16 | 00,133,104 | ---- | M] (Google Inc.) -- H:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9acba996552fe [Auto | Stopped])
SRV - [2008-04-14 22:50:46 | 00,038,400 | ---- | M] (Microsoft Corporation) -- H:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005-04-04 01:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2006-10-30 04:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009-07-13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- H:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2006-10-27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2007-04-13 22:09:56 | 00,792,112 | ---- | M] (Nero AG) -- H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])
SRV - [2006-10-30 04:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2007-05-16 10:27:28 | 00,271,920 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running])
SRV - [2008-11-12 15:54:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- H:\windows\System32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2009-03-29 11:10:42 | 00,066,872 | ---- | M] () -- H:\windows\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])
SRV - [2007-02-10 05:29:56 | 00,089,968 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter [Auto | Stopped])
SRV - [2009-10-07 20:33:06 | 00,045,056 | ---- | M] () -- H:\windows\System32\UTSCSI.EXE -- (UTSCSI [Auto | Running])
SRV - [2006-12-01 12:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2008-11-26 19:15:35 | 00,026,944 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
DRV - [2004-03-10 16:27:18 | 00,011,264 | ---- | M] (Pinnacle Systems GmbH) -- H:\windows\System32\drivers\ASAPIW2k.sys -- (ASAPIW2k [On_Demand | Running])
DRV - [2008-11-26 19:17:25 | 00,020,560 | ---- | M] (ALWIL Software) -- H:\windows\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
DRV - [2008-11-26 19:18:18 | 00,094,032 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
DRV - [2008-11-26 19:16:29 | 00,023,152 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])
DRV - [2008-11-26 19:17:36 | 00,111,184 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aswSP.sys -- (aswSP [System | Running])
DRV - [2008-11-26 19:16:38 | 00,050,864 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV - [2007-06-21 04:44:32 | 00,029,696 | R--- | M] (Atheros Communications) -- H:\windows\System32\DRIVERS\l251x86.sys -- (AtcL002 [On_Demand | Running])
DRV - [2004-03-08 12:55:50 | 00,013,567 | ---- | M] (B.H.A Corporation) -- H:\windows\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv [System | Running])
DRV - [2004-11-18 11:49:14 | 00,024,786 | ---- | M] (EUTRON) -- H:\windows\System32\Drivers\eusk2par.sys -- (eusk2par [System | Running])
DRV - [2004-11-18 11:49:14 | 00,045,534 | ---- | M] (EUTRON) -- H:\windows\System32\Drivers\eusk3usb.sys -- (eusk3usb [On_Demand | Stopped])
DRV - [2009-03-19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- H:\windows\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2004-05-02 10:47:08 | 00,023,040 | R--- | M] () -- H:\windows\System32\drivers\GVCplDrv.sys -- (GVCplDrv [On_Demand | Stopped])
DRV - [2008-04-13 22:06:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- H:\windows\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2007-04-10 13:04:40 | 04,397,568 | R--- | M] (Realtek Semiconductor Corp.) -- H:\windows\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2004-03-29 04:06:24 | 00,090,464 | ---- | M] (Pinnacle Systems GmbH) -- H:\windows\System32\DRIVERS\MarvinBus.sys -- (MarvinBus [On_Demand | Running])
DRV - [2004-08-13 04:56:20 | 00,005,810 | R--- | M] () -- H:\windows\System32\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running])
DRV - [2008-11-12 15:54:00 | 06,188,320 | ---- | M] (NVIDIA Corporation) -- H:\windows\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2002-03-19 10:29:16 | 00,014,165 | ---- | M] (Pinnacle Systems GmbH) -- H:\windows\System32\drivers\pclepci.sys -- (PCLEPCI [System | Running])
DRV - [2001-08-18 01:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- H:\windows\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- H:\windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2006-09-18 15:58:48 | 00,061,600 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27bus.sys -- (SE27bus [On_Demand | Stopped])
DRV - [2006-09-18 15:58:52 | 00,009,360 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27mdfl.sys -- (SE27mdfl [On_Demand | Stopped])
DRV - [2006-09-18 15:58:54 | 00,097,184 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27mdm.sys -- (SE27mdm [On_Demand | Stopped])
DRV - [2006-09-18 15:58:58 | 00,088,688 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27mgmt.sys -- (SE27mgmt [On_Demand | Stopped])
DRV - [2006-09-18 15:59:00 | 00,018,704 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se27nd5.sys -- (se27nd5 [On_Demand | Stopped])
DRV - [2006-09-18 15:59:02 | 00,086,560 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27obex.sys -- (SE27obex [On_Demand | Stopped])
DRV - [2006-09-18 15:59:08 | 00,090,800 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se27unic.sys -- (se27unic [On_Demand | Stopped])
DRV - [2006-11-30 16:13:56 | 00,061,536 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45bus.sys -- (se45bus [On_Demand | Stopped])
DRV - [2006-11-30 16:14:04 | 00,009,360 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45mdfl.sys -- (se45mdfl [On_Demand | Stopped])
DRV - [2006-11-30 16:14:04 | 00,097,088 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45mdm.sys -- (se45mdm [On_Demand | Stopped])
DRV - [2006-11-30 16:14:10 | 00,088,624 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45mgmt.sys -- (se45mgmt [On_Demand | Stopped])
DRV - [2006-11-30 16:14:10 | 00,018,704 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45nd5.sys -- (se45nd5 [On_Demand | Stopped])
DRV - [2006-11-30 16:14:14 | 00,086,432 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45obex.sys -- (se45obex [On_Demand | Stopped])
DRV - [2006-11-30 16:14:22 | 00,090,800 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45unic.sys -- (se45unic [On_Demand | Stopped])
DRV - [2008-04-13 22:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- H:\windows\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2005-08-10 14:44:04 | 00,050,688 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\sfdrv01.sys -- (sfdrv01 [Boot | Running])
DRV - [2005-05-16 15:20:39 | 00,006,656 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\sfhlp02.sys -- (sfhlp02 [Boot | Running])
DRV - [2005-08-10 16:06:28 | 00,019,968 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\sfsync02.sys -- (sfsync02 [Boot | Running])
DRV - [2009-09-04 19:16:25 | 00,721,904 | ---- | M] () -- H:\windows\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2006-03-23 19:00:00 | 00,006,272 | R--- | M] (EyePower Games Pte. Ltd.) -- H:\windows\System32\DRIVERS\V0230Vfx.sys -- (V0230Vfx [On_Demand | Running])
DRV - [2006-09-28 19:01:00 | 00,500,480 | R--- | M] (Creative Technology Ltd.) -- H:\windows\System32\DRIVERS\V0230VID.sys -- (V0230VID [On_Demand | Running])

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = H:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\S-1-5-21-796845957-1343024091-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\S-1-5-21-796845957-1343024091-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://onet.pl"
FF - prefs.js..extensions.enabledItems: {C3F23840-B14B-4B61-AAEF-6BCC3621FA63}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - prefs.js..keyword.URL: "http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZCfox000&fl=0&ptb=9D9JkilC01wiJRayfcZ8jA&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor="

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: H:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-07-27 13:38:36 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: H:\Program Files\PremierOpinion
FF - HKLM\software\mozilla\Flock 2.5.1\extensions\\Components: H:\Program Files\Flock\components [2009-08-25 14:06:54 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock 2.5.1\extensions\\Plugins: H:\Program Files\Flock\plugins [2009-10-05 19:04:22 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: H:\Program Files\Mozilla Firefox\components [2009-09-10 20:53:01 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: H:\Program Files\Mozilla Firefox\plugins [2009-10-09 18:57:38 | 00,000,000 | ---D | M]

[2009-03-10 18:27:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\mozilla\Extensions
[2009-03-10 18:27:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-02-25 20:29:51 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\mozilla\Firefox\Profiles\h9n4nthe.default\extensions
[2009-06-01 15:00:04 | 00,009,941 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Mozilla\FireFox\Profiles\h9n4nthe.default\searchplugins\mywebsearch.xml
[2009-10-13 17:40:14 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions
[2009-09-10 20:52:53 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-02-25 20:36:55 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2009-09-03 19:58:11 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions\{C3F23840-B14B-4B61-AAEF-6BCC3621FA63}
[2009-07-27 13:38:46 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009-09-10 20:52:51 | 00,023,544 | ---- | M] (Mozilla Foundation) -- H:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009-09-10 20:52:51 | 00,137,208 | ---- | M] (Mozilla Foundation) -- H:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2007-04-10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- H:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2007-04-30 16:29:22 | 00,049,152 | ---- | M] (Adobe Systems, Inc.) -- H:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2009-07-27 13:38:35 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- H:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009-09-10 20:52:56 | 00,065,016 | ---- | M] (mozilla.org) -- H:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006-10-26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- H:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2009-07-15 21:00:25 | 00,002,767 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2009-07-15 21:00:25 | 00,001,406 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2009-08-26 19:13:33 | 00,002,393 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\findbasic119.xml
[2009-09-03 19:58:12 | 00,002,393 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\findbasic121.xml
[2009-07-15 21:00:25 | 00,002,371 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\google.xml
[2009-07-15 21:00:25 | 00,000,917 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2009-07-15 21:00:25 | 00,000,858 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2009-07-15 21:00:25 | 00,001,183 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2009-07-15 21:00:25 | 00,001,683 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (731 bytes) - H:\windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Softonic-en Toolbar) - {983ad4d4-8b63-442f-8684-fbc1c067949c} - H:\Program Files\Softonic-en\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Softonic-en Toolbar) - {983ad4d4-8b63-442f-8684-fbc1c067949c} - H:\Program Files\Softonic-en\tbSoft.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\..\Toolbar\WebBrowser: (Softonic-en Toolbar) - {983AD4D4-8B63-442F-8684-FBC1C067949C} - H:\Program Files\Softonic-en\tbSoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe Photo Downloader] H:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] H:\windows\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast!] H:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [AVFX Engine] H:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [CTCheck] H:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [GrooveMonitor] H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [iTunesHelper] H:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] H:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] H:\windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] H:\windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] H:\windows\System32\nwiz.exe ()
O4 - HKLM..\Run: [PinnacleDriverCheck] H:\windows\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [QuickTime Task] H:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RemoteControl] H:\windows\System32\rmctrl.exe ()
O4 - HKLM..\Run: [RTHDCPL] H:\windows\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] H:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] H:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] H:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [V0230Mon.exe] H:\windows\V0230Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [WinampAgent] H:\Program Files\Winamp\winampa.exe ()
O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [ares] H:\Program Files\Ares\Ares.exe (Ares Development Group)
O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [Creative Live! Cam Manager] H:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [DAEMON Tools Lite] H:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [MSMSGS] H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [Nowe Gadu-Gadu] H:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.)
O4 - Startup: H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package Menu.lnk = H:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe (Sony Corporation)
O4 - Startup: H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package VCD Maker.lnk = H:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe (Sony Corporation.)
O4 - Startup: H:\Documents and Settings\Gosia\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: H:\Documents and Settings\Krzysztof\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: H:\Documents and Settings\Wiktoria\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - H:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\windows\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - H:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - H:\windows\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - H:\windows\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.58
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - H:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - H:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - H:\windows\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{46e2a893-0cb8-11de-b09a-001d60a8d52e}\Shell\AutoRun\command - "" = C:\uvsqfgwd.cmd -- File not found
O33 - MountPoints2\{46e2a893-0cb8-11de-b09a-001d60a8d52e}\Shell\open\Command - "" = C:\uvsqfgwd.cmd -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - H:\windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009-10-11 20:59:58 | 00,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2009-10-04 16:14:08 | 00,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
[2009-10-06 15:57:50 | 00,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Dane aplikacji\Pinnacle
[2009-10-03 18:35:44 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Dark Sector
[2009-10-03 17:58:55 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\GRETECH
[2009-10-11 21:00:03 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Malwarebytes
[2009-09-28 18:39:10 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\OpenOffice.org
[2009-09-21 20:51:16 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Conduit
[2009-10-11 20:26:59 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\NFS Underground 2
[2009-09-21 20:51:16 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Softonic-en
[2009-10-04 00:30:51 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Stardock
[2009-10-05 19:15:44 | 00,000,000 | ---D | C] -- H:\Program Files\Common Files\DESIGNER
[2009-10-11 20:26:57 | 00,000,000 | ---D | C] -- H:\Program Files\Common Files\DirectX
[2009-10-06 21:33:47 | 00,000,000 | ---D | C] -- H:\Program Files\Common Files\muvee Technologies
[2009-09-20 17:33:18 | 00,000,000 | ---D | C] -- H:\Program Files\Conduit
[2009-09-20 17:33:56 | 00,000,000 | ---D | C] -- H:\Program Files\GRETECH
[2009-10-06 16:33:41 | 00,000,000 | ---D | C] -- H:\Program Files\HijackThis
[2009-10-11 20:59:58 | 00,000,000 | ---D | C] -- H:\Program Files\Malwarebytes' Anti-Malware
[2009-10-05 19:15:44 | 00,000,000 | ---D | C] -- H:\Program Files\Microsoft Visual Studio
[2009-10-05 19:13:08 | 00,000,000 | ---D | C] -- H:\Program Files\Microsoft Visual Studio 8
[2009-10-05 19:16:23 | 00,000,000 | ---D | C] -- H:\Program Files\Microsoft Works
[2009-10-05 19:15:05 | 00,000,000 | ---D | C] -- H:\Program Files\Microsoft.NET
[2009-10-06 15:57:47 | 00,000,000 | ---D | C] -- H:\Program Files\Pinnacle
[2009-10-06 21:35:10 | 00,000,000 | ---D | C] -- H:\Program Files\PIXELA
[2009-09-20 17:33:18 | 00,000,000 | ---D | C] -- H:\Program Files\Softonic-en
[2009-10-06 21:33:43 | 00,000,000 | ---D | C] -- H:\Program Files\Sony Corporation
[2009-10-11 21:00:00 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- H:\windows\System32\drivers\mbamswissarmy.sys
[2009-10-11 20:59:58 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- H:\windows\System32\drivers\mbam.sys
[2009-10-06 21:33:43 | 00,013,567 | ---- | C] (B.H.A Corporation) -- H:\windows\System32\drivers\CDRBSDRV.SYS
[2009-10-06 18:05:09 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Moje dokumenty\Pinnacle Hollywood FX for Studio
[2009-10-06 17:02:13 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Moje dokumenty\Pinnacle Studio
[2009-10-06 16:30:58 | 00,294,912 | ---- | C] (Pegasus Imaging Corporation) -- H:\windows\System32\pvmjpg21.dll
[2009-10-06 16:30:58 | 00,081,920 | ---- | C] (Pinnacle Systems) -- H:\windows\System32\vdrmux.dll
[2009-10-06 16:30:58 | 00,046,592 | ---- | C] (Pinnacle Systems) -- H:\windows\System32\vdrcodec.dll
[2009-10-06 16:28:31 | 00,019,456 | ---- | C] (VoB Computersysteme GmbH) -- H:\windows\System32\asapi.dll
[2009-10-06 16:28:29 | 00,090,112 | ---- | C] (MindVision Software) -- H:\windows\unvise32.exe
[2009-10-06 16:27:01 | 00,061,440 | ---- | C] (Pinnacle Systems) -- H:\windows\System32\pclepim1.dll
[2009-10-06 16:27:00 | 00,049,152 | ---- | C] (Pinnacle Systems) -- H:\windows\System32\PCLEGetGuid.dll
[2009-10-05 19:10:12 | 00,000,000 | RH-D | C] -- H:\MSOCache

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2009-10-14 11:20:14 | 00,000,156 | ---- | M] () -- H:\windows\Twunk001.MTX
[2009-10-14 11:20:14 | 00,000,004 | ---- | M] () -- H:\windows\Twain001.Mtx
[2009-10-14 11:18:24 | 01,110,350 | ---- | M] () -- H:\windows\System32\PerfStringBackup.INI
[2009-10-14 11:18:24 | 00,497,552 | ---- | M] () -- H:\windows\System32\perfh015.dat
[2009-10-14 11:18:24 | 00,438,960 | ---- | M] () -- H:\windows\System32\perfh009.dat
[2009-10-14 11:18:24 | 00,088,642 | ---- | M] () -- H:\windows\System32\perfc015.dat
[2009-10-14 11:18:24 | 00,071,046 | ---- | M] () -- H:\windows\System32\perfc009.dat
[2009-10-14 11:16:05 | 00,002,645 | ---- | M] () -- H:\windows\System32\CONFIG.NT
[2009-10-14 11:14:13 | 00,203,188 | ---- | M] () -- H:\windows\System32\nvapps.xml
[2009-10-14 11:14:06 | 00,000,006 | -H-- | M] () -- H:\windows\tasks\SA.DAT
[2009-10-14 11:14:03 | 00,002,048 | --S- | M] () -- H:\windows\bootstat.dat
[2009-10-11 20:43:59 | 00,000,664 | ---- | M] () -- H:\windows\System32\d3d9caps.dat
[2009-10-11 20:25:40 | 00,000,032 | ---- | M] () -- H:\windows\ZSAM.INI
[2009-10-11 19:09:09 | 00,000,069 | ---- | M] () -- H:\windows\NeroDigital.ini
[2009-10-11 19:07:25 | 00,171,520 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-10-07 20:33:06 | 00,045,056 | ---- | M] () -- H:\windows\System32\UTSCSI.EXE
[2009-10-06 21:34:07 | 00,000,763 | ---- | M] () -- H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package Menu.lnk
[2009-10-06 21:34:02 | 00,000,813 | ---- | M] () -- H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package VCD Maker.lnk
[2009-10-06 18:21:32 | 00,000,063 | ---- | M] () -- H:\windows\PixieTool.INI
[2009-10-06 18:19:42 | 00,000,349 | ---- | M] () -- H:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2009-10-06 16:54:25 | 01,807,984 | ---- | M] () -- H:\windows\System32\FNTCACHE.DAT
[2009-10-06 16:39:50 | 00,198,840 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-10-06 16:33:41 | 00,001,582 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Pulpit\HijackThis.lnk
[2009-10-05 19:20:50 | 00,000,843 | ---- | M] () -- H:\windows\win.ini
[2009-10-05 15:53:43 | 00,002,206 | ---- | M] () -- H:\windows\System32\wpa.dbl
[2009-10-04 00:59:13 | 01,044,604 | -H-- | M] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-10-04 00:36:47 | 00,444,952 | ---- | M] (Creative Labs) -- H:\windows\System32\wrap_oal.dll
[2009-10-04 00:36:47 | 00,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- H:\windows\System32\OpenAL32.dll
[2009-09-28 18:40:04 | 00,000,866 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk
[2009-09-18 23:04:56 | 00,000,768 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Pulpit\Skrót do Ygoow.lnk

[color=#E56717]========== Files - No Company Name ==========[/color]
[2009-10-11 20:44:41 | 00,000,156 | ---- | C] () -- H:\windows\Twunk001.MTX
[2009-10-11 20:44:41 | 00,000,004 | ---- | C] () -- H:\windows\Twain001.Mtx
[2009-10-11 20:25:40 | 00,000,032 | ---- | C] () -- H:\windows\ZSAM.INI
[2009-10-07 20:33:06 | 00,045,056 | ---- | C] () -- H:\windows\System32\UTSCSI.EXE
[2009-10-06 21:34:07 | 00,000,763 | ---- | C] () -- H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package Menu.lnk
[2009-10-06 21:34:06 | 00,001,458 | ---- | C] () -- H:\windows\System32\LTOCX12n.INF
[2009-10-06 21:34:02 | 00,000,813 | ---- | C] () -- H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package VCD Maker.lnk
[2009-10-06 16:33:41 | 00,001,582 | ---- | C] () -- H:\Documents and Settings\Krzysztof\Pulpit\HijackThis.lnk
[2009-10-06 16:28:31 | 00,406,016 | ---- | C] () -- H:\windows\System32\PSDrvCheck.exe
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.KOR
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.JPN
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.JP
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.ITA
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.IT
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.FRA
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.FR
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.ESP
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.ES
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.DEU
[2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.DE
[2009-10-06 16:28:31 | 00,026,112 | ---- | C] () -- H:\windows\System32\PSDrvCheck.CHT
[2009-10-06 16:28:31 | 00,026,112 | ---- | C] () -- H:\windows\System32\PSDrvCheck.CHS
[2009-10-06 16:28:31 | 00,016,896 | ---- | C] () -- H:\windows\System32\PSDrvCheck.NLD
[2009-10-06 16:28:31 | 00,016,896 | ---- | C] () -- H:\windows\System32\PSDrvCheck.NL
[2009-10-06 16:28:31 | 00,016,896 | ---- | C] () -- H:\windows\System32\PSDrvCheck.KO
[2009-10-06 16:27:01 | 00,038,232 | ---- | C] () -- H:\windows\wmprfsky.prx
[2009-10-06 16:27:01 | 00,037,916 | ---- | C] () -- H:\windows\wmprffra.prx
[2009-10-06 16:27:01 | 00,037,014 | ---- | C] () -- H:\windows\wmprfhun.prx
[2009-10-06 16:27:01 | 00,036,594 | ---- | C] () -- H:\windows\wmprfell.prx
[2009-10-06 16:27:01 | 00,035,916 | ---- | C] () -- H:\windows\wmprfptg.prx
[2009-10-06 16:27:01 | 00,035,680 | ---- | C] () -- H:\windows\wmprfita.prx
[2009-10-06 16:27:01 | 00,035,590 | ---- | C] () -- H:\windows\wmprfesp.prx
[2009-10-06 16:27:01 | 00,035,474 | ---- | C] () -- H:\windows\wmprfcsy.prx
[2009-10-06 16:27:01 | 00,033,820 | ---- | C] () -- H:\windows\WMPrfDeu.prx
[2009-10-06 16:27:01 | 00,033,694 | ---- | C] () -- H:\windows\wmprfptb.prx
[2009-10-06 16:27:01 | 00,033,580 | ---- | C] () -- H:\windows\wmprfslv.prx
[2009-10-06 16:27:01 | 00,033,336 | ---- | C] () -- H:\windows\WMPrfAra.prx
[2009-10-06 16:27:01 | 00,033,314 | ---- | C] () -- H:\windows\wmprfsve.prx
[2009-10-06 16:27:01 | 00,032,964 | ---- | C] () -- H:\windows\wmprfnld.prx
[2009-10-06 16:27:01 | 00,032,852 | ---- | C] () -- H:\windows\wmprfnor.prx
[2009-10-06 16:27:01 | 00,032,022 | ---- | C] () -- H:\windows\wmprftrk.prx
[2009-10-06 16:27:01 | 00,031,764 | ---- | C] () -- H:\windows\wmprffin.prx
[2009-10-06 16:27:01 | 00,031,712 | ---- | C] () -- H:\windows\wmprfdan.prx
[2009-10-06 16:27:01 | 00,028,718 | ---- | C] () -- H:\windows\wmprfheb.prx
[2009-10-06 16:27:01 | 00,023,304 | ---- | C] () -- H:\windows\WMPrfJpn.prx
[2009-10-06 16:27:01 | 00,022,338 | ---- | C] () -- H:\windows\WMPrfKor.prx
[2009-10-06 16:27:01 | 00,000,804 | ---- | C] () -- H:\windows\wmprfrus.prx
[2009-10-06 16:27:01 | 00,000,136 | ---- | C] () -- H:\windows\WMPrfCHS.prx
[2009-10-06 16:27:01 | 00,000,132 | ---- | C] () -- H:\windows\WMPrfCHT.prx
[2009-10-06 16:26:22 | 00,000,063 | ---- | C] () -- H:\windows\PixieTool.INI
[2009-10-06 16:01:11 | 00,000,349 | ---- | C] () -- H:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2009-10-04 00:59:13 | 01,044,604 | -H-- | C] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-09-28 18:40:04 | 00,000,866 | ---- | C] () -- H:\Documents and Settings\Krzysztof\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk
[2009-07-30 22:24:15 | 00,024,575 | ---- | C] () -- H:\windows\System32\Qsusengwinsyspio49.dll
[2009-07-13 22:09:50 | 00,043,520 | ---- | C] () -- H:\windows\System32\CmdLineExt03.dll
[2009-06-23 14:35:45 | 00,354,816 | ---- | C] () -- H:\windows\System32\psisdecd.dll
[2009-04-25 22:39:16 | 00,000,000 | ---- | C] () -- H:\windows\PlayDemo.INI
[2009-04-22 18:35:37 | 00,069,632 | ---- | C] () -- H:\windows\System32\xmltok.dll
[2009-04-22 18:35:37 | 00,036,864 | ---- | C] () -- H:\windows\System32\xmlparse.dll
[2009-03-29 18:41:15 | 00,237,568 | ---- | C] () -- H:\windows\System32\lame_enc.dll
[2009-03-28 21:27:35 | 00,138,184 | ---- | C] () -- H:\windows\System32\drivers\PnkBstrK.sys
[2009-03-14 15:33:54 | 00,721,904 | ---- | C] () -- H:\windows\System32\drivers\sptd.sys
[2009-03-07 22:36:23 | 00,012,288 | ---- | C] () -- H:\windows\impborl.dll
[2009-03-07 22:27:48 | 00,000,011 | ---- | C] () -- H:\windows\wanpatan.ini
[2009-03-02 16:56:47 | 00,210,456 | ---- | C] () -- H:\windows\System32\IVIresizeW7.dll
[2009-03-02 16:56:47 | 00,198,168 | ---- | C] () -- H:\windows\System32\IVIresizeP6.dll
[2009-03-02 16:56:47 | 00,194,072 | ---- | C] () -- H:\windows\System32\IVIresizePX.dll
[2009-03-02 16:56:46 | 00,206,360 | ---- | C] () -- H:\windows\System32\IVIresizeA6.dll
[2009-03-02 16:56:46 | 00,198,168 | ---- | C] () -- H:\windows\System32\IVIresizeM6.dll
[2009-03-02 16:56:46 | 00,026,136 | ---- | C] () -- H:\windows\System32\IVIresize.dll
[2009-02-28 15:38:49 | 00,000,000 | ---- | C] () -- H:\windows\mngui.INI
[2009-02-26 21:55:49 | 00,171,520 | ---- | C] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-02-25 22:55:12 | 00,000,069 | ---- | C] () -- H:\windows\NeroDigital.ini
[2009-02-25 20:31:40 | 00,198,840 | ---- | C] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-02-25 20:29:05 | 00,000,062 | -HS- | C] () -- H:\Documents and Settings\Krzysztof\Dane aplikacji\desktop.ini
[2009-02-25 20:26:16 | 00,000,062 | -HS- | C] () -- H:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
[2009-02-25 20:16:41 | 00,036,864 | ---- | C] () -- H:\windows\System32\ctrldll.dll
[2009-02-25 20:12:04 | 00,000,421 | ---- | C] () -- H:\windows\ODBC.INI
[2009-02-25 19:49:56 | 00,023,040 | R--- | C] () -- H:\windows\System32\drivers\GVCplDrv.sys
[2009-02-25 19:39:15 | 00,005,810 | R--- | C] () -- H:\windows\System32\drivers\ASACPI.sys
[2009-02-25 19:39:14 | 00,011,839 | ---- | C] () -- H:\windows\Ascd_tmp.ini
[2009-02-25 19:39:03 | 00,010,288 | ---- | C] () -- H:\windows\System32\drivers\ASUSHWIO.SYS
[2008-12-18 00:30:06 | 00,815,104 | ---- | C] () -- H:\windows\System32\xvidcore.dll
[2008-12-18 00:30:06 | 00,180,224 | ---- | C] () -- H:\windows\System32\xvidvfw.dll
[2008-11-12 15:54:00 | 01,703,936 | ---- | C] () -- H:\windows\System32\nvwdmcpl.dll
[2008-11-12 15:54:00 | 01,486,848 | ---- | C] () -- H:\windows\System32\nview.dll
[2008-11-12 15:54:00 | 01,019,904 | ---- | C] () -- H:\windows\System32\nvwimg.dll
[2008-11-12 15:54:00 | 00,466,944 | ---- | C] () -- H:\windows\System32\nvshell.dll
[2008-10-07 10:13:30 | 00,197,912 | ---- | C] () -- H:\windows\System32\physxcudart_20.dll
[2008-10-07 10:13:22 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelSwedish.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelSpanish.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelPortugese.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelKorean.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelJapanese.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelGerman.dll
[2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelFrench.dll
[2007-11-26 21:56:28 | 00,151,415 | ---- | C] () -- H:\windows\System32\xlive.dll.cat
[2005-02-23 18:57:35 | 00,971,776 | ---- | C] () -- H:\windows\System32\SSCProt.dll
[2004-03-18 07:44:29 | 01,663,068 | ---- | C] () -- H:\windows\System32\libmmd.dll
[2002-10-16 00:54:04 | 00,153,088 | ---- | C] () -- H:\windows\System32\unrar.dll
[2002-03-17 02:00:00 | 00,007,420 | ---- | C] () -- H:\windows\UA000088.DLL
[2001-10-26 21:28:10 | 00,003,584 | ---- | C] () -- H:\windows\System32\iprop.dll
[2001-07-22 02:16:20 | 00,000,843 | ---- | C] () -- H:\windows\win.ini
[2001-07-22 02:15:52 | 00,000,284 | ---- | C] () -- H:\windows\system.ini

[color=#E56717]========== LOP Check ==========[/color]

[2009-10-11 20:59:58 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\All Users\Dane aplikacji
[2009-08-25 14:07:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009-02-25 20:15:28 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\ACD Systems
[2009-02-25 20:05:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Ahead
[2009-06-19 19:29:46 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Codemasters
[2009-05-20 12:16:53 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\ConeXware
[2009-02-25 20:16:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\CyberLink
[2009-03-28 21:05:05 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2009-07-14 19:00:51 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2009-09-03 19:33:31 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Findbasic
[2002-01-01 07:56:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\FLEXnet
[2009-03-02 16:56:49 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\InterVideo
[2009-10-06 15:57:50 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Pinnacle
[2009-02-28 15:14:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Teleca
[2009-09-06 16:16:04 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-04-13 19:29:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited
[2009-05-20 14:18:33 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\TrackMania
[2009-06-13 17:59:24 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Ubisoft
[2009-05-19 10:17:48 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems
[2009-02-25 20:26:16 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Default User\Dane aplikacji
[2009-08-26 19:10:23 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji
[2009-02-25 20:15:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\ACD Systems
[2009-04-12 22:26:02 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Ahead
[2009-06-02 12:02:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Any Video Converter
[2009-04-24 21:36:51 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\AVI ReComp
[2009-02-25 23:00:08 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\CyberLink
[2009-03-28 21:06:01 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\DAEMON Tools
[2009-09-06 10:56:25 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\DAEMON Tools Lite
[2009-05-03 15:42:37 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\DAEMON Tools Pro
[2009-03-14 12:32:34 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Gadu-Gadu
[2009-05-14 21:57:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\GetRightToGo
[2009-02-28 18:42:06 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Leadertech
[2009-02-25 22:15:29 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Nowe Gadu-Gadu
[2009-07-27 13:40:58 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\OpenOffice.org
[2009-04-20 21:57:58 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Publish Providers
[2009-03-27 20:28:41 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\SecuROM
[2009-04-20 21:57:34 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Sony
[2009-02-26 16:34:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Teleca
[2009-06-13 18:05:03 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Ubisoft
[2009-03-02 18:11:13 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Ulead Systems
[2009-07-29 11:49:41 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\ViStart
[2009-08-10 20:38:10 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Xenorate
[2009-10-11 21:00:03 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji
[2009-02-25 20:30:53 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\ACD Systems
[2009-05-16 19:53:50 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Ahead
[2009-10-04 00:32:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Any Video Converter
[2009-04-03 15:15:04 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\DAEMON Tools
[2009-09-05 09:38:11 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\DAEMON Tools Lite
[2009-05-08 20:52:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\DAEMON Tools Pro
[2009-10-11 14:54:08 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Dark Sector
[2009-04-25 22:26:08 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\GetRightToGo
[2009-10-03 17:58:55 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\GRETECH
[2009-04-07 15:54:23 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\gtk-2.0
[2009-03-03 18:25:07 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Leadertech
[2009-05-08 19:10:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\NetMedia Providers
[2009-06-29 19:37:32 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Nowe Gadu-Gadu
[2009-05-08 20:54:49 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Off Road
[2009-09-28 18:39:10 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\OpenOffice.org
[2009-05-08 19:10:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Publish Providers
[2009-02-27 22:04:11 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Teleca
[2009-03-02 16:58:37 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Ulead Systems
[2009-08-27 17:45:46 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Xenorate
[2009-09-03 19:58:12 | 00,000,000 | ---D | M] -- H:\Documents and Settings\LocalService\Dane aplikacji
[2009-02-25 19:34:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\NetworkService\Dane aplikacji
[2009-10-12 17:19:17 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji
[2009-09-04 15:05:23 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Ahead
[2009-07-31 19:02:50 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\AVI ReComp
[2009-09-14 19:51:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\DAEMON Tools Pro
[2009-10-03 14:26:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Dark Sector
[2009-07-30 21:52:00 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Flock
[2009-09-20 17:34:12 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\GRETECH
[2009-07-30 16:20:17 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Nowe Gadu-Gadu
[2009-08-10 20:40:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\OpenOffice.org
[2009-08-29 20:29:52 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\SecuROM
[2009-10-10 16:25:20 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Teleca
[2009-10-01 16:20:02 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\TSRWorkshop
[2001-07-22 02:17:50 | 00,000,065 | RH-- | M] () -- H:\windows\Tasks\desktop.ini
[2009-10-14 11:14:06 | 00,000,006 | -H-- | M] () -- H:\windows\Tasks\SA.DAT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 143 bytes -> H:\Documents and Settings\All Users\Dane aplikacji\TEMP:8CE646EE
@Alternate Data Stream - 133 bytes -> H:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF
< End of report >
[/log]

czytałem o pliku BOOT.INI i podobno jest on uszkodzony, można włożyć płytkę windows, zainstalować konsolę odzyskiwania i wpisać odpowiednią komendę ale to dla mnie trochę czarna magia, czy ktoś już to kiedyś robił??? co do moich dokumentów to proste- nie mijają 2 sekundy a tuż po zalogowaniu się na któregokolwiek użytkownika samoczynnie uruchamiają się one. tu jest adres do tego SQL który wyskakuje na samym początku w wyborze użytkownika: http://www.forumpc.pl/index.php?app=core&module=attach&section=attach&attach_id=7841 no i dlaczego przed włączeniem kompa muszę odłączyć neta? jeśli tego nie zrobię to zawiesi się na logowaniu i ponadto słyszę dźwięki jakby się uruchamiał... a tutaj screen z błędu dll [attachment=8128:dlld.JPG]

co do SQL
znalazłem na innej stronce, że ktoś miał podobny problem i został poproszony o LOG z folderu C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG w moim przypadku zamiast C jest H ale znalazłem ów folder i log- Summary więc go tutaj umieszczę:
[log]

Microsoft SQL Server 2005 9.00.3042.00
==============================
OS Version : Microsoft Windows XP Professional Dodatek Service Pack 3 (Build 2600)
Time : Mon Apr 27 22:36:55 2009

Machine : WWW-649A18D4B0C
Product : Microsoft SQL Server Setup Support Files (English)
Product Version : 9.00.3042.00
Install : Successful
Log File : H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_SQLSupport_1.log
--------------------------------------------------------------------------------
Machine : WWW-649A18D4B0C
Product : Microsoft SQL Server Native Client
Product Version : 9.00.3042.00
Install : Successful
Log File : H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_SQLNCLI_1.log
--------------------------------------------------------------------------------
Machine : WWW-649A18D4B0C
Product : Microsoft SQL Server VSS Writer
Product Version : 9.00.3042.00
Install : Successful
Log File : H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_SqlWriter_1.log
--------------------------------------------------------------------------------
Machine : WWW-649A18D4B0C
Product : MSXML6
Error : The Windows Installer service cannot update the system file H:\windows\system32\msxml6r.dll because the file is protected by Windows. You may need to update your operating system for this program to work correctly.
--------------------------------------------------------------------------------
Machine : WWW-649A18D4B0C
Product : MSXML 6.0 Parser
Product Version : 6.10.1129.0
Install : Failed
Log File : H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_MSXML6_1.log
Last Action : InstallFinalize
Error String : The Windows Installer service cannot update the system file H:\windows\system32\msxml6r.dll because the file is protected by Windows. You may need to update your operating system for this program to work correctly. Package version: 6.0.3883.0, OS Protected version: 6.0.3883.0
Error Number : 1931
--------------------------------------------------------------------------------

SQL Server Setup failed. For more information, review the Setup log file in %ProgramFiles%\Microsoft SQL Server\90\Setup Bootstrap\LOG\Summary.txt.


Time : Mon Apr 27 22:37:49 2009


List of log files:
H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_Core(Local).log
H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_SQLSupport_1.log
H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_SQLNCLI_1.log
H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_SqlWriter_1.log
H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_MSXML6_1.log
H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_Datastore.xml
H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_.NET Framework 2.0.log
H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_SNAC.log
H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_Core.log
H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Summary.txt
H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_Support.log
H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_SCC.log
[/log]

co do Moich Dokumentów to też już chyba znalazłem rozwiązanie, kwestia wpisu userinit w winlogon, część userinit.exe była zdublowana więc usunąłem to co po przecinku jak radzili i zobaczymy jak uruchomię kompa następnym razem

MarekM25
komentarz
komentarz

Niestety/na szczęście to nie jest spowodowane wirusami. Znaczy tylko jedna rzecz z Twojej gehenny jest z nimi związana, czyli moje dokumenty przy starcie:
Uruchom [b]HiJackThis[/b] i kliknij [b]Do a system scan only[/b]. Potem zaznacz wpis:[code]F2 - REG:system.ini: UserInit=H:\WINDOWS\system32\userinit.exe,userinit.exe,[/code] i kliknij [b]fix chcecked[/b]

Powinno już nie być moich dokumentów przy starcie. Sprawdź czy dalej się pojawiają?

Jeszcze co z logu mogę powiedzieć, ale raczej to nic nie da w tym problemie:
start->uruchom->wpisz [b]msconfig[/b]-> i odznacz nie potrzebne rzeczy z Uruchamianie, ponieważ masz bardzo dużo rzeczy w autostarcie.
Zaktualizuj IE do najnowszej wersji.

Co do reszty problemów to załóż wątek w innych działach np Win XP lub Internet.

[edit] Widzę, że na moje dokumenty już sam znalazłeś rozwiązanie.

chrisx94
komentarz
komentarz

w takim razie tylko zostaje mi podziękować za wsparcie i jeśli jeszcze będę miał kiedyś kłopot to z pewnością napiszę :)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.