chrisx94 utworzono 6 października 2009 utworzono 6 października 2009 (edytowane) proszę o sprawdzenie logu: [log]Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:34:17, on 2009-10-06 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: H:\windows\System32\smss.exe H:\windows\system32\winlogon.exe H:\windows\system32\services.exe H:\windows\system32\lsass.exe H:\windows\system32\svchost.exe H:\windows\System32\svchost.exe H:\windows\system32\svchost.exe H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe H:\Program Files\Alwil Software\Avast4\ashServ.exe H:\windows\system32\spoolsv.exe H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe H:\Program Files\Bonjour\mDNSResponder.exe H:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe H:\windows\system32\CTsvcCDA.exe H:\windows\system32\nvsvc32.exe H:\windows\system32\PnkBstrA.exe H:\windows\system32\svchost.exe H:\Program Files\PremierOpinion\pmropn.exe H:\windows\Explorer.EXE H:\windows\RTHDCPL.EXE H:\Program Files\Java\jre6\bin\jusched.exe H:\windows\system32\RUNDLL32.EXE H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe H:\WINDOWS\system32\rmctrl.exe H:\Program Files\Winamp\winampa.exe H:\Program Files\Common Files\Real\Update_OB\realsched.exe H:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe H:\WINDOWS\system32\wbem\unsecapp.exe H:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe H:\Program Files\iTunes\iTunesHelper.exe H:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe H:\windows\V0230Mon.exe H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe H:\windows\system32\ctfmon.exe H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe H:\Program Files\Messenger\msmsgs.exe H:\Program Files\OpenOffice.org 3\program\soffice.exe H:\Program Files\OpenOffice.org 3\program\soffice.bin H:\windows\system32\wuauclt.exe H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe H:\Program Files\Alwil Software\Avast4\ashWebSv.exe H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe H:\Program Files\iPod\bin\iPodService.exe H:\Program Files\HijackThis\HijackThis.exe H:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza F2 - REG:system.ini: UserInit=H:\WINDOWS\system32\userinit.exe,userinit.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: Softonic-en Toolbar - {983ad4d4-8b63-442f-8684-fbc1c067949c} - H:\Program Files\Softonic-en\tbSoft.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Softonic-en Toolbar - {983ad4d4-8b63-442f-8684-fbc1c067949c} - H:\Program Files\Softonic-en\tbSoft.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast!] H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] H:\WINDOWS\system32\rmctrl.exe O4 - HKLM\..\Run: [WinampAgent] "H:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [TkBellExe] "H:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "H:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [Adobe Photo Downloader] "H:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [mirc] C:\WINDOWS\WINCRA\mirc.exe O4 - HKLM\..\Run: [CTCheck] H:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "H:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVFX Engine] H:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe O4 - HKLM\..\Run: [H:\windows\system32\V0230Cvw.dll] H:\windows\system32\RegSvr32.exe /s H:\windows\system32\V0230Cvw.dll O4 - HKLM\..\Run: [V0230Mon.exe] H:\windows\V0230Mon.exe O4 - HKLM\..\Run: [GrooveMonitor] "H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [PinnacleDriverCheck] H:\windows\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [LaunchList] H:\Program Files\Pinnacle\Studio 9\LaunchList.exe O4 - HKLM\..\RunOnce: [InstallShieldSetup] H:\PROGRA~1\INSTAL~1\{9E491~1\Setup.exe -rebootH:\PROGRA~1\INSTAL~1\{9E491~1\reboot.ini -l0x15 O4 - HKCU\..\Run: [CTFMON.EXE] H:\windows\system32\ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MSMSGS] "H:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Nowe Gadu-Gadu] "H:\Program Files\Nowe Gadu-Gadu\gg.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "H:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [Creative Live! Cam Manager] "H:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" O4 - HKCU\..\Run: [ares] "H:\Program Files\Ares\Ares.exe" -h O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'SYSTEM') O4 - .DEFAULT Startup: OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Default user') O4 - Startup: OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: Adobe Gamma Loader.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCfox000 O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: PremierOpinion - H:\Program Files\PremierOpinion\pmls.dll O23 - Service: Apple Mobile Device - Apple Inc. - H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bonjour Service - Apple Inc. - H:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Capture Device Service - InterVideo Inc. - H:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - H:\windows\system32\CTsvcCDA.exe O23 - Service: Findbasic Service - Unknown owner - H:\Documents and Settings\All Users\Dane aplikacji\Findbasic\findbasic121.exe O23 - Service: Google Update Service (gupdate1c9acba996552fe) (gupdate1c9acba996552fe) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - H:\Program Files\iPod\bin\iPodService.exe O23 - Service: NBService - Nero AG - H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\windows\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - H:\windows\system32\PnkBstrA.exe -- End of file - 10204 bytes[/log] [color="#0000FF"]//Zmieniam nazwę tematu //MarekM25[/color]
MarekM25 komentarz 6 października 2009 komentarz 6 października 2009 Daj loga z [url="http://www.forumpc.pl/index.php?showtopic=104338"]OTListIt2[/url]. Jest jakiś powód sprawdzania logów?
chrisx94 komentarz 6 października 2009 Autor komentarz 6 października 2009 (edytowane) [log]OTL logfile created on: 2009-10-06 21:06:19 - Run 1 OTL by OldTimer - Version 3.0.18.4 Folder = H:\Documents and Settings\Krzysztof\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,36 Gb Available Physical Memory | 67,84% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free Paging file location(s): [Binary data over 100 bytes] %SystemDrive% = H: | %SystemRoot% = H:\windows | %ProgramFiles% = H:\Program Files C: Drive not present or media not loaded D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded Drive H: | 48,83 Gb Total Space | 7,53 Gb Free Space | 15,42% Space Free | Partition Type: NTFS Drive I: | 156,25 Gb Total Space | 53,56 Gb Free Space | 34,28% Space Free | Partition Type: NTFS Drive J: | 167,53 Gb Total Space | 48,79 Gb Free Space | 29,13% Space Free | Partition Type: NTFS Computer Name: WWW-649A18D4B0C Current User Name: Krzysztof Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2008-11-26 19:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2008-11-26 19:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2009-07-09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- H:\Program Files\Bonjour\mDNSResponder.exe PRC - [2007-03-06 11:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) -- H:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe PRC - [1999-12-12 19:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- H:\windows\System32\CTsvcCDA.exe PRC - [2008-11-12 15:54:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- H:\windows\System32\nvsvc32.exe PRC - [2009-03-29 11:10:42 | 00,066,872 | ---- | M] () -- H:\windows\System32\PnkBstrA.exe PRC - [2009-09-18 16:45:59 | 01,760,928 | ---- | M] (VoiceFive Networks, Inc.) -- H:\Program Files\PremierOpinion\pmropn.exe PRC - [2008-04-14 22:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- H:\windows\Explorer.EXE PRC - [2008-04-14 22:51:52 | 00,218,112 | ---- | M] (Microsoft Corporation) -- H:\windows\System32\wbem\wmiprvse.exe PRC - [2007-04-10 09:28:44 | 16,126,464 | R--- | M] (Realtek Semiconductor Corp.) -- H:\windows\RTHDCPL.EXE PRC - [2001-10-26 21:30:04 | 00,016,896 | ---- | M] (Microsoft Corporation) -- H:\windows\System32\wbem\unsecapp.exe PRC - [2009-07-27 13:38:34 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- H:\Program Files\Java\jre6\bin\jusched.exe PRC - [2008-11-26 19:18:51 | 00,081,000 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2003-08-01 13:11:02 | 00,032,768 | ---- | M] () -- H:\windows\System32\rmctrl.exe PRC - [2007-10-10 07:28:32 | 00,036,352 | ---- | M] () -- H:\Program Files\Winamp\winampa.exe PRC - [2009-02-25 20:09:12 | 00,180,269 | ---- | M] (RealNetworks, Inc.) -- H:\Program Files\Common Files\Real\Update_OB\realsched.exe PRC - [2005-06-07 00:46:24 | 00,057,344 | ---- | M] (Adobe Systems Incorporated) -- H:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe PRC - [2007-11-06 11:08:10 | 00,397,312 | ---- | M] (Creative Technology Ltd) -- H:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe PRC - [2009-07-13 14:03:10 | 00,292,128 | ---- | M] (Apple Inc.) -- H:\Program Files\iTunes\iTunesHelper.exe PRC - [2006-08-16 01:12:00 | 00,024,576 | ---- | M] (Creative Technology Ltd.) -- H:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe PRC - [2006-09-06 19:01:00 | 00,032,768 | R--- | M] (Creative Technology Ltd.) -- H:\windows\V0230Mon.exe PRC - [2006-10-27 00:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe PRC - [2007-05-16 10:27:16 | 00,153,136 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2008-04-14 23:51:32 | 01,695,232 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Messenger\msmsgs.exe PRC - [2009-04-23 06:47:00 | 07,424,000 | ---- | M] (OpenOffice.org) -- H:\Program Files\OpenOffice.org 3\program\soffice.exe PRC - [2009-04-23 06:48:54 | 07,418,368 | ---- | M] (OpenOffice.org) -- H:\Program Files\OpenOffice.org 3\program\soffice.bin PRC - [2008-11-26 19:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2008-11-26 19:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2007-05-16 10:27:28 | 00,271,920 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe PRC - [2009-07-13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- H:\Program Files\iPod\bin\iPodService.exe PRC - [2009-09-19 08:47:10 | 00,831,488 | ---- | M] (Bil Software) -- H:\Documents and Settings\Krzysztof\Moje dokumenty\Pobieranie\ygoow new\Ygoow.exe PRC - [2009-09-10 20:52:54 | 00,908,280 | ---- | M] (Mozilla Corporation) -- H:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-10-06 16:23:55 | 00,520,704 | ---- | M] (OldTimer Tools) -- H:\Documents and Settings\Krzysztof\Moje dokumenty\Pobieranie\OTL.exe PRC - [2007-05-16 10:27:38 | 01,209,904 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-07-09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running]) SRV - [2005-09-23 08:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- H:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) SRV - [2008-11-26 19:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running]) SRV - [2008-11-26 19:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running]) SRV - [2008-11-26 19:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running]) SRV - [2008-11-26 19:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running]) SRV - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- H:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running]) SRV - [2007-03-06 11:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) -- H:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service [Auto | Running]) SRV - [2005-09-23 08:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - [1999-12-12 19:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- H:\windows\System32\CTsvcCDA.exe -- (Creative Service for CDROM Access [Auto | Running]) SRV - [2009-09-02 21:10:00 | 00,054,776 | ---- | M] () -- H:\Documents and Settings\All Users\Dane aplikacji\Findbasic\findbasic121.exe -- (Findbasic Service [Auto | Stopped]) SRV - [2006-10-20 22:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped]) SRV - [2009-03-24 21:56:16 | 00,133,104 | ---- | M] (Google Inc.) -- H:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9acba996552fe [Auto | Stopped]) SRV - [2008-04-14 22:50:46 | 00,038,400 | ---- | M] (Microsoft Corporation) -- H:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2005-04-04 01:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped]) SRV - [2006-10-30 04:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped]) SRV - [2009-07-13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- H:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running]) SRV - [2006-10-27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped]) SRV - [2007-04-13 22:09:56 | 00,792,112 | ---- | M] (Nero AG) -- H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped]) SRV - [2006-10-30 04:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped]) SRV - [2007-05-16 10:27:28 | 00,271,920 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running]) SRV - [2008-11-12 15:54:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- H:\windows\System32\nvsvc32.exe -- (NVSvc [Auto | Running]) SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped]) SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) SRV - [2009-03-29 11:10:42 | 00,066,872 | ---- | M] () -- H:\windows\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Running]) SRV - [2007-02-10 05:29:56 | 00,089,968 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter [Auto | Stopped]) SRV - [2006-12-01 12:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped]) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2008-11-26 19:15:35 | 00,026,944 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running]) DRV - [2004-03-10 16:27:18 | 00,011,264 | ---- | M] (Pinnacle Systems GmbH) -- H:\windows\System32\drivers\ASAPIW2k.sys -- (ASAPIW2k [On_Demand | Running]) DRV - [2008-11-26 19:17:25 | 00,020,560 | ---- | M] (ALWIL Software) -- H:\windows\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running]) DRV - [2008-11-26 19:18:18 | 00,094,032 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running]) DRV - [2008-11-26 19:16:29 | 00,023,152 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running]) DRV - [2008-11-26 19:17:36 | 00,111,184 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aswSP.sys -- (aswSP [System | Running]) DRV - [2008-11-26 19:16:38 | 00,050,864 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aswTdi.sys -- (aswTdi [System | Running]) DRV - [2007-06-21 04:44:32 | 00,029,696 | R--- | M] (Atheros Communications) -- H:\windows\System32\DRIVERS\l251x86.sys -- (AtcL002 [On_Demand | Running]) DRV - [2004-11-18 11:49:14 | 00,024,786 | ---- | M] (EUTRON) -- H:\windows\System32\Drivers\eusk2par.sys -- (eusk2par [System | Running]) DRV - [2004-11-18 11:49:14 | 00,045,534 | ---- | M] (EUTRON) -- H:\windows\System32\Drivers\eusk3usb.sys -- (eusk3usb [On_Demand | Stopped]) DRV - [2009-03-19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- H:\windows\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running]) DRV - [2004-05-02 10:47:08 | 00,023,040 | R--- | M] () -- H:\windows\System32\drivers\GVCplDrv.sys -- (GVCplDrv [On_Demand | Stopped]) DRV - [2008-04-13 22:06:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- H:\windows\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running]) DRV - [2007-04-10 13:04:40 | 04,397,568 | R--- | M] (Realtek Semiconductor Corp.) -- H:\windows\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running]) DRV - [2004-03-29 04:06:24 | 00,090,464 | ---- | M] (Pinnacle Systems GmbH) -- H:\windows\System32\DRIVERS\MarvinBus.sys -- (MarvinBus [On_Demand | Running]) DRV - [2004-08-13 04:56:20 | 00,005,810 | R--- | M] () -- H:\windows\System32\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running]) DRV - [2008-11-12 15:54:00 | 06,188,320 | ---- | M] (NVIDIA Corporation) -- H:\windows\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running]) DRV - [2002-03-19 10:29:16 | 00,014,165 | ---- | M] (Pinnacle Systems GmbH) -- H:\windows\System32\drivers\pclepci.sys -- (PCLEPCI [System | Running]) DRV - [2001-08-18 01:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- H:\windows\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- H:\windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running]) DRV - [2006-09-18 15:58:48 | 00,061,600 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27bus.sys -- (SE27bus [On_Demand | Stopped]) DRV - [2006-09-18 15:58:52 | 00,009,360 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27mdfl.sys -- (SE27mdfl [On_Demand | Stopped]) DRV - [2006-09-18 15:58:54 | 00,097,184 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27mdm.sys -- (SE27mdm [On_Demand | Stopped]) DRV - [2006-09-18 15:58:58 | 00,088,688 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27mgmt.sys -- (SE27mgmt [On_Demand | Stopped]) DRV - [2006-09-18 15:59:00 | 00,018,704 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se27nd5.sys -- (se27nd5 [On_Demand | Stopped]) DRV - [2006-09-18 15:59:02 | 00,086,560 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27obex.sys -- (SE27obex [On_Demand | Stopped]) DRV - [2006-09-18 15:59:08 | 00,090,800 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se27unic.sys -- (se27unic [On_Demand | Stopped]) DRV - [2006-11-30 16:13:56 | 00,061,536 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45bus.sys -- (se45bus [On_Demand | Stopped]) DRV - [2006-11-30 16:14:04 | 00,009,360 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45mdfl.sys -- (se45mdfl [On_Demand | Stopped]) DRV - [2006-11-30 16:14:04 | 00,097,088 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45mdm.sys -- (se45mdm [On_Demand | Stopped]) DRV - [2006-11-30 16:14:10 | 00,088,624 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45mgmt.sys -- (se45mgmt [On_Demand | Stopped]) DRV - [2006-11-30 16:14:10 | 00,018,704 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45nd5.sys -- (se45nd5 [On_Demand | Stopped]) DRV - [2006-11-30 16:14:14 | 00,086,432 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45obex.sys -- (se45obex [On_Demand | Stopped]) DRV - [2006-11-30 16:14:22 | 00,090,800 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45unic.sys -- (se45unic [On_Demand | Stopped]) DRV - [2008-04-13 22:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- H:\windows\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2005-08-10 14:44:04 | 00,050,688 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\sfdrv01.sys -- (sfdrv01 [Boot | Running]) DRV - [2005-05-16 15:20:39 | 00,006,656 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\sfhlp02.sys -- (sfhlp02 [Boot | Running]) DRV - [2005-08-10 16:06:28 | 00,019,968 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\sfsync02.sys -- (sfsync02 [Boot | Running]) DRV - [2009-09-04 19:16:25 | 00,721,904 | ---- | M] () -- H:\windows\System32\Drivers\sptd.sys -- (sptd [Boot | Running]) DRV - [2006-03-23 19:00:00 | 00,006,272 | R--- | M] (EyePower Games Pte. Ltd.) -- H:\windows\System32\DRIVERS\V0230Vfx.sys -- (V0230Vfx [On_Demand | Running]) DRV - [2006-09-28 19:01:00 | 00,500,480 | R--- | M] (Creative Technology Ltd.) -- H:\windows\System32\DRIVERS\V0230VID.sys -- (V0230VID [On_Demand | Running]) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = H:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\S-1-5-21-796845957-1343024091-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\S-1-5-21-796845957-1343024091-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://onet.pl" FF - prefs.js..extensions.enabledItems: {6E19037A-12E3-4295-8915-ED48BC341614}:1.3 FF - prefs.js..extensions.enabledItems: {C3F23840-B14B-4B61-AAEF-6BCC3621FA63}:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3 FF - prefs.js..keyword.URL: "http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZCfox000&fl=0&ptb=9D9JkilC01wiJRayfcZ8jA&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor=" FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: H:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-07-27 13:38:36 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: H:\Program Files\PremierOpinion [2009-10-02 14:19:06 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Flock 2.5.1\extensions\\Components: H:\Program Files\Flock\components [2009-08-25 14:06:54 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Flock 2.5.1\extensions\\Plugins: H:\Program Files\Flock\plugins [2009-10-05 19:04:22 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: H:\Program Files\Mozilla Firefox\components [2009-09-10 20:53:01 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: H:\Program Files\Mozilla Firefox\plugins [2009-10-05 19:04:22 | 00,000,000 | ---D | M] [2009-03-10 18:27:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\mozilla\Extensions [2009-03-10 18:27:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-02-25 20:29:51 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\mozilla\Firefox\Profiles\h9n4nthe.default\extensions [2009-06-01 15:00:04 | 00,009,941 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Mozilla\FireFox\Profiles\h9n4nthe.default\searchplugins\mywebsearch.xml [2009-10-05 21:04:06 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions [2009-09-10 20:52:53 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-02-25 20:36:55 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2009-09-03 19:58:11 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions\{C3F23840-B14B-4B61-AAEF-6BCC3621FA63} [2009-07-27 13:38:46 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2009-09-10 20:52:51 | 00,023,544 | ---- | M] (Mozilla Foundation) -- H:\Program Files\mozilla firefox\components\browserdirprovider.dll [2009-09-10 20:52:51 | 00,137,208 | ---- | M] (Mozilla Foundation) -- H:\Program Files\mozilla firefox\components\brwsrcmp.dll [2007-04-30 16:29:22 | 00,049,152 | ---- | M] (Adobe Systems, Inc.) -- H:\Program Files\mozilla firefox\plugins\np32dsw.dll [2009-07-27 13:38:35 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- H:\Program Files\mozilla firefox\plugins\npdeploytk.dll [2009-09-10 20:52:56 | 00,065,016 | ---- | M] (mozilla.org) -- H:\Program Files\mozilla firefox\plugins\npnul32.dll [2006-10-26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- H:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2009-07-15 21:00:25 | 00,002,767 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2009-07-15 21:00:25 | 00,001,406 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2009-08-26 19:13:33 | 00,002,393 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\findbasic119.xml [2009-09-03 19:58:12 | 00,002,393 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\findbasic121.xml [2009-07-15 21:00:25 | 00,002,371 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\google.xml [2009-07-15 21:00:25 | 00,000,917 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2009-07-15 21:00:25 | 00,000,858 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2009-07-15 21:00:25 | 00,001,183 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2009-07-15 21:00:25 | 00,001,683 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: (731 bytes) - H:\windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Softonic-en Toolbar) - {983ad4d4-8b63-442f-8684-fbc1c067949c} - H:\Program Files\Softonic-en\tbSoft.dll (Conduit Ltd.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (Softonic-en Toolbar) - {983ad4d4-8b63-442f-8684-fbc1c067949c} - H:\Program Files\Softonic-en\tbSoft.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\..\Toolbar\WebBrowser: (Softonic-en Toolbar) - {983AD4D4-8B63-442F-8684-FBC1C067949C} - H:\Program Files\Softonic-en\tbSoft.dll (Conduit Ltd.) O4 - HKLM..\Run: [Adobe Photo Downloader] H:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] H:\windows\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avast!] H:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [AVFX Engine] H:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [CTCheck] H:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe (Creative Technology Ltd) O4 - HKLM..\Run: [GrooveMonitor] H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [H:\windows\system32\V0230Cvw.dll] H:\windows\System32\V0230Cvw.dll (Creative Technology Ltd.) O4 - HKLM..\Run: [iTunesHelper] H:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [mirc] C:\WINDOWS\WINCRA\mirc.exe File not found O4 - HKLM..\Run: [NeroFilterCheck] H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] H:\windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] H:\windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] H:\windows\System32\nwiz.exe () O4 - HKLM..\Run: [PinnacleDriverCheck] H:\windows\System32\PSDrvCheck.exe () O4 - HKLM..\Run: [QuickTime Task] H:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [RemoteControl] H:\windows\System32\rmctrl.exe () O4 - HKLM..\Run: [RTHDCPL] H:\windows\RTHDCPL.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Sony Ericsson PC Suite] H:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe () O4 - HKLM..\Run: [SunJavaUpdateSched] H:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TkBellExe] H:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [V0230Mon.exe] H:\windows\V0230Mon.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [WinampAgent] H:\Program Files\Winamp\winampa.exe () O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [ares] H:\Program Files\Ares\Ares.exe (Ares Development Group) O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [Creative Live! Cam Manager] H:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe (Creative Technology Ltd.) O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [DAEMON Tools Lite] H:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [MSMSGS] H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [Nowe Gadu-Gadu] H:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.) O4 - Startup: H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: H:\Documents and Settings\Gosia\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe () O4 - Startup: H:\Documents and Settings\Krzysztof\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe () O4 - Startup: H:\Documents and Settings\Wiktoria\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Search - File not found O8 - Extra context menu item: E&ksport do programu Microsoft Excel - H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE File not found O8 - Extra context menu item: E&xport to Microsoft Excel - H:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\windows\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - H:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - H:\windows\System32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - H:\windows\System32\rsvpsp.dll (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.58 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - H:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter: - text/xml - H:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - H:\windows\Explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\PremierOpinion: DllName - H:\Program Files\PremierOpinion\pmls.dll - H:\Program Files\PremierOpinion\pmls.dll (VoiceFive Networks, Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{46e2a893-0cb8-11de-b09a-001d60a8d52e}\Shell\AutoRun\command - "" = C:\uvsqfgwd.cmd -- File not found O33 - MountPoints2\{46e2a893-0cb8-11de-b09a-001d60a8d52e}\Shell\open\Command - "" = C:\uvsqfgwd.cmd -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - H:\windows\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-10-04 16:14:08 | 00,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help [2009-10-06 15:57:50 | 00,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Dane aplikacji\Pinnacle [2009-10-03 18:35:44 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Dark Sector [2009-10-03 17:58:55 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\GRETECH [2009-09-28 18:39:10 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\OpenOffice.org [2009-09-21 20:51:16 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Conduit [2009-09-21 20:51:16 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Softonic-en [2009-10-04 00:30:51 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Stardock [2009-10-05 19:15:44 | 00,000,000 | ---D | C] -- H:\Program Files\Common Files\DESIGNER [2009-09-12 23:15:40 | 00,000,000 | ---D | C] -- H:\Program Files\Ares [2009-09-20 17:33:18 | 00,000,000 | ---D | C] -- H:\Program Files\Conduit [2009-09-20 17:33:56 | 00,000,000 | ---D | C] -- H:\Program Files\GRETECH [2009-10-06 16:33:41 | 00,000,000 | ---D | C] -- H:\Program Files\HijackThis [2009-10-05 19:15:44 | 00,000,000 | ---D | C] -- H:\Program Files\Microsoft Visual Studio [2009-10-05 19:13:08 | 00,000,000 | ---D | C] -- H:\Program Files\Microsoft Visual Studio 8 [2009-10-05 19:16:23 | 00,000,000 | ---D | C] -- H:\Program Files\Microsoft Works [2009-10-05 19:15:05 | 00,000,000 | ---D | C] -- H:\Program Files\Microsoft.NET [2009-10-06 15:57:47 | 00,000,000 | ---D | C] -- H:\Program Files\Pinnacle [2009-09-20 17:33:18 | 00,000,000 | ---D | C] -- H:\Program Files\Softonic-en [2009-10-06 18:05:09 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Moje dokumenty\Pinnacle Hollywood FX for Studio [2009-10-06 17:02:13 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Moje dokumenty\Pinnacle Studio [2009-10-06 16:30:58 | 00,294,912 | ---- | C] (Pegasus Imaging Corporation) -- H:\windows\System32\pvmjpg21.dll [2009-10-06 16:30:58 | 00,081,920 | ---- | C] (Pinnacle Systems) -- H:\windows\System32\vdrmux.dll [2009-10-06 16:30:58 | 00,046,592 | ---- | C] (Pinnacle Systems) -- H:\windows\System32\vdrcodec.dll [2009-10-06 16:30:57 | 00,044,544 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\msxml4a.dll [2009-10-06 16:28:31 | 00,019,456 | ---- | C] (VoB Computersysteme GmbH) -- H:\windows\System32\asapi.dll [2009-10-06 16:28:29 | 00,090,112 | ---- | C] (MindVision Software) -- H:\windows\unvise32.exe [2009-10-06 16:27:01 | 00,061,440 | ---- | C] (Pinnacle Systems) -- H:\windows\System32\pclepim1.dll [2009-10-06 16:27:00 | 00,106,496 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\atl71.dll [2009-10-06 16:27:00 | 00,084,992 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\ATL70.DLL [2009-10-06 16:27:00 | 00,065,536 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\MFC71DEU.DLL [2009-10-06 16:27:00 | 00,061,440 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\MFC71ITA.DLL [2009-10-06 16:27:00 | 00,061,440 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\MFC71FRA.DLL [2009-10-06 16:27:00 | 00,061,440 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\MFC71ESP.DLL [2009-10-06 16:27:00 | 00,057,344 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\MFC71ENU.DLL [2009-10-06 16:27:00 | 00,049,152 | ---- | C] (Pinnacle Systems) -- H:\windows\System32\PCLEGetGuid.dll [2009-10-06 16:27:00 | 00,049,152 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\MFC71KOR.DLL [2009-10-06 16:27:00 | 00,049,152 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\MFC71JPN.DLL [2009-10-06 16:27:00 | 00,045,056 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\MFC71CHT.DLL [2009-10-06 16:27:00 | 00,040,960 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\MFC71CHS.DLL [2009-10-05 19:18:06 | 00,032,592 | ---- | C] (Microsoft Corporation) -- H:\windows\System32\msonpmon.dll [2009-10-05 19:10:12 | 00,000,000 | RH-D | C] -- H:\MSOCache [2009-10-05 19:04:14 | 00,000,000 | -HSD | C] -- H:\Config.Msi [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [10 H:\windows\System32\*.tmp files] [3 H:\windows\*.tmp files] [2009-10-06 20:49:00 | 00,001,036 | ---- | M] () -- H:\windows\tasks\GoogleUpdateTaskMachineUA.job [2009-10-06 20:32:22 | 00,000,156 | ---- | M] () -- H:\windows\Twunk001.MTX [2009-10-06 20:32:22 | 00,000,005 | ---- | M] () -- H:\windows\Twain001.Mtx [2009-10-06 18:21:32 | 00,000,063 | ---- | M] () -- H:\windows\PixieTool.INI [2009-10-06 18:19:42 | 00,000,349 | ---- | M] () -- H:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI [2009-10-06 17:51:09 | 00,002,645 | ---- | M] () -- H:\windows\System32\CONFIG.NT [2009-10-06 17:50:54 | 01,110,350 | ---- | M] () -- H:\windows\System32\PerfStringBackup.INI [2009-10-06 17:50:54 | 00,497,552 | ---- | M] () -- H:\windows\System32\perfh015.dat [2009-10-06 17:50:54 | 00,438,960 | ---- | M] () -- H:\windows\System32\perfh009.dat [2009-10-06 17:50:54 | 00,088,642 | ---- | M] () -- H:\windows\System32\perfc015.dat [2009-10-06 17:50:54 | 00,071,046 | ---- | M] () -- H:\windows\System32\perfc009.dat [2009-10-06 17:46:49 | 00,203,188 | ---- | M] () -- H:\windows\System32\nvapps.xml [2009-10-06 17:46:46 | 00,001,032 | ---- | M] () -- H:\windows\tasks\GoogleUpdateTaskMachineCore.job [2009-10-06 17:46:42 | 00,000,006 | -H-- | M] () -- H:\windows\tasks\SA.DAT [2009-10-06 17:46:37 | 00,002,048 | --S- | M] () -- H:\windows\bootstat.dat [2009-10-06 16:58:17 | 00,000,664 | ---- | M] () -- H:\windows\System32\d3d9caps.dat [2009-10-06 16:54:25 | 01,807,984 | ---- | M] () -- H:\windows\System32\FNTCACHE.DAT [2009-10-06 16:39:50 | 00,198,840 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-10-06 16:33:41 | 00,001,582 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Pulpit\HijackThis.lnk [2009-10-05 19:20:50 | 00,000,843 | ---- | M] () -- H:\windows\win.ini [2009-10-05 15:53:43 | 00,002,206 | ---- | M] () -- H:\windows\System32\wpa.dbl [2009-10-04 13:15:27 | 00,000,069 | ---- | M] () -- H:\windows\NeroDigital.ini [2009-10-04 00:59:13 | 01,044,604 | -H-- | M] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-10-04 00:36:47 | 00,444,952 | ---- | M] (Creative Labs) -- H:\windows\System32\wrap_oal.dll [2009-10-04 00:36:47 | 00,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- H:\windows\System32\OpenAL32.dll [2009-10-04 00:03:28 | 00,169,984 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-09-28 18:40:04 | 00,000,866 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk [2009-09-18 23:04:56 | 00,000,768 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Pulpit\Skrót do Ygoow.lnk [color=#E56717]========== Files - No Company Name ==========[/color] [2009-10-06 16:33:41 | 00,001,582 | ---- | C] () -- H:\Documents and Settings\Krzysztof\Pulpit\HijackThis.lnk [2009-10-06 16:28:31 | 00,406,016 | ---- | C] () -- H:\windows\System32\PSDrvCheck.exe [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.KOR [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.JPN [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.JP [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.ITA [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.IT [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.FRA [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.FR [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.ESP [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.ES [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.DEU [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.DE [2009-10-06 16:28:31 | 00,026,112 | ---- | C] () -- H:\windows\System32\PSDrvCheck.CHT [2009-10-06 16:28:31 | 00,026,112 | ---- | C] () -- H:\windows\System32\PSDrvCheck.CHS [2009-10-06 16:28:31 | 00,016,896 | ---- | C] () -- H:\windows\System32\PSDrvCheck.NLD [2009-10-06 16:28:31 | 00,016,896 | ---- | C] () -- H:\windows\System32\PSDrvCheck.NL [2009-10-06 16:28:31 | 00,016,896 | ---- | C] () -- H:\windows\System32\PSDrvCheck.KO [2009-10-06 16:27:01 | 00,038,232 | ---- | C] () -- H:\windows\wmprfsky.prx [2009-10-06 16:27:01 | 00,037,916 | ---- | C] () -- H:\windows\wmprffra.prx [2009-10-06 16:27:01 | 00,037,014 | ---- | C] () -- H:\windows\wmprfhun.prx [2009-10-06 16:27:01 | 00,036,594 | ---- | C] () -- H:\windows\wmprfell.prx [2009-10-06 16:27:01 | 00,035,916 | ---- | C] () -- H:\windows\wmprfptg.prx [2009-10-06 16:27:01 | 00,035,680 | ---- | C] () -- H:\windows\wmprfita.prx [2009-10-06 16:27:01 | 00,035,590 | ---- | C] () -- H:\windows\wmprfesp.prx [2009-10-06 16:27:01 | 00,035,474 | ---- | C] () -- H:\windows\wmprfcsy.prx [2009-10-06 16:27:01 | 00,033,820 | ---- | C] () -- H:\windows\WMPrfDeu.prx [2009-10-06 16:27:01 | 00,033,694 | ---- | C] () -- H:\windows\wmprfptb.prx [2009-10-06 16:27:01 | 00,033,580 | ---- | C] () -- H:\windows\wmprfslv.prx [2009-10-06 16:27:01 | 00,033,336 | ---- | C] () -- H:\windows\WMPrfAra.prx [2009-10-06 16:27:01 | 00,033,314 | ---- | C] () -- H:\windows\wmprfsve.prx [2009-10-06 16:27:01 | 00,032,964 | ---- | C] () -- H:\windows\wmprfnld.prx [2009-10-06 16:27:01 | 00,032,852 | ---- | C] () -- H:\windows\wmprfnor.prx [2009-10-06 16:27:01 | 00,032,022 | ---- | C] () -- H:\windows\wmprftrk.prx [2009-10-06 16:27:01 | 00,031,764 | ---- | C] () -- H:\windows\wmprffin.prx [2009-10-06 16:27:01 | 00,031,712 | ---- | C] () -- H:\windows\wmprfdan.prx [2009-10-06 16:27:01 | 00,028,718 | ---- | C] () -- H:\windows\wmprfheb.prx [2009-10-06 16:27:01 | 00,023,304 | ---- | C] () -- H:\windows\WMPrfJpn.prx [2009-10-06 16:27:01 | 00,022,338 | ---- | C] () -- H:\windows\WMPrfKor.prx [2009-10-06 16:27:01 | 00,000,804 | ---- | C] () -- H:\windows\wmprfrus.prx [2009-10-06 16:27:01 | 00,000,136 | ---- | C] () -- H:\windows\WMPrfCHS.prx [2009-10-06 16:27:01 | 00,000,132 | ---- | C] () -- H:\windows\WMPrfCHT.prx [2009-10-06 16:26:22 | 00,000,063 | ---- | C] () -- H:\windows\PixieTool.INI [2009-10-06 16:01:11 | 00,000,349 | ---- | C] () -- H:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI [2009-10-04 00:59:13 | 01,044,604 | -H-- | C] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-09-28 18:40:04 | 00,000,866 | ---- | C] () -- H:\Documents and Settings\Krzysztof\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk [2009-07-30 22:24:15 | 00,024,575 | ---- | C] () -- H:\windows\System32\Qsusengwinsyspio49.dll [2009-07-13 22:09:50 | 00,043,520 | ---- | C] () -- H:\windows\System32\CmdLineExt03.dll [2009-06-23 14:35:45 | 00,354,816 | ---- | C] () -- H:\windows\System32\psisdecd.dll [2009-04-25 22:39:16 | 00,000,000 | ---- | C] () -- H:\windows\PlayDemo.INI [2009-04-22 18:35:37 | 00,069,632 | ---- | C] () -- H:\windows\System32\xmltok.dll [2009-04-22 18:35:37 | 00,036,864 | ---- | C] () -- H:\windows\System32\xmlparse.dll [2009-03-29 18:41:15 | 00,237,568 | ---- | C] () -- H:\windows\System32\lame_enc.dll [2009-03-28 21:27:35 | 00,138,184 | ---- | C] () -- H:\windows\System32\drivers\PnkBstrK.sys [2009-03-14 15:33:54 | 00,721,904 | ---- | C] () -- H:\windows\System32\drivers\sptd.sys [2009-03-07 22:36:23 | 00,012,288 | ---- | C] () -- H:\windows\impborl.dll [2009-03-07 22:27:48 | 00,000,011 | ---- | C] () -- H:\windows\wanpatan.ini [2009-03-02 16:56:47 | 00,210,456 | ---- | C] () -- H:\windows\System32\IVIresizeW7.dll [2009-03-02 16:56:47 | 00,198,168 | ---- | C] () -- H:\windows\System32\IVIresizeP6.dll [2009-03-02 16:56:47 | 00,194,072 | ---- | C] () -- H:\windows\System32\IVIresizePX.dll [2009-03-02 16:56:46 | 00,206,360 | ---- | C] () -- H:\windows\System32\IVIresizeA6.dll [2009-03-02 16:56:46 | 00,198,168 | ---- | C] () -- H:\windows\System32\IVIresizeM6.dll [2009-03-02 16:56:46 | 00,026,136 | ---- | C] () -- H:\windows\System32\IVIresize.dll [2009-02-28 15:38:49 | 00,000,000 | ---- | C] () -- H:\windows\mngui.INI [2009-02-26 21:55:49 | 00,169,984 | ---- | C] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-02-25 22:55:12 | 00,000,069 | ---- | C] () -- H:\windows\NeroDigital.ini [2009-02-25 20:31:40 | 00,198,840 | ---- | C] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-02-25 20:29:05 | 00,000,062 | -HS- | C] () -- H:\Documents and Settings\Krzysztof\Dane aplikacji\desktop.ini [2009-02-25 20:26:16 | 00,000,062 | -HS- | C] () -- H:\Documents and Settings\All Users\Dane aplikacji\desktop.ini [2009-02-25 20:16:41 | 00,036,864 | ---- | C] () -- H:\windows\System32\ctrldll.dll [2009-02-25 20:12:04 | 00,000,421 | ---- | C] () -- H:\windows\ODBC.INI [2009-02-25 19:49:56 | 00,023,040 | R--- | C] () -- H:\windows\System32\drivers\GVCplDrv.sys [2009-02-25 19:39:15 | 00,005,810 | R--- | C] () -- H:\windows\System32\drivers\ASACPI.sys [2009-02-25 19:39:14 | 00,011,839 | ---- | C] () -- H:\windows\Ascd_tmp.ini [2009-02-25 19:39:03 | 00,010,288 | ---- | C] () -- H:\windows\System32\drivers\ASUSHWIO.SYS [2008-12-18 00:30:06 | 00,815,104 | ---- | C] () -- H:\windows\System32\xvidcore.dll [2008-12-18 00:30:06 | 00,180,224 | ---- | C] () -- H:\windows\System32\xvidvfw.dll [2008-11-12 15:54:00 | 01,703,936 | ---- | C] () -- H:\windows\System32\nvwdmcpl.dll [2008-11-12 15:54:00 | 01,486,848 | ---- | C] () -- H:\windows\System32\nview.dll [2008-11-12 15:54:00 | 01,019,904 | ---- | C] () -- H:\windows\System32\nvwimg.dll [2008-11-12 15:54:00 | 00,466,944 | ---- | C] () -- H:\windows\System32\nvshell.dll [2008-10-07 10:13:30 | 00,197,912 | ---- | C] () -- H:\windows\System32\physxcudart_20.dll [2008-10-07 10:13:22 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelTraditionalChinese.dll [2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelSwedish.dll [2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelSpanish.dll [2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelPortugese.dll [2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelKorean.dll [2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelJapanese.dll [2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelGerman.dll [2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelFrench.dll [2007-11-26 21:56:28 | 00,151,415 | ---- | C] () -- H:\windows\System32\xlive.dll.cat [2005-02-23 18:57:35 | 00,971,776 | ---- | C] () -- H:\windows\System32\SSCProt.dll [2004-03-18 07:44:29 | 01,663,068 | ---- | C] () -- H:\windows\System32\libmmd.dll [2002-10-16 00:54:04 | 00,153,088 | ---- | C] () -- H:\windows\System32\unrar.dll [2002-03-17 02:00:00 | 00,007,420 | ---- | C] () -- H:\windows\UA000088.DLL [2001-10-26 21:28:10 | 00,003,584 | ---- | C] () -- H:\windows\System32\iprop.dll [2001-07-22 02:16:20 | 00,000,843 | ---- | C] () -- H:\windows\win.ini [2001-07-22 02:15:52 | 00,000,284 | ---- | C] () -- H:\windows\system.ini [color=#E56717]========== LOP Check ==========[/color] [2009-10-06 15:57:50 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\All Users\Dane aplikacji [2009-08-25 14:07:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2009-02-25 20:15:28 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\ACD Systems [2009-02-25 20:05:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Ahead [2009-06-19 19:29:46 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2009-05-20 12:16:53 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\ConeXware [2009-02-25 20:16:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\CyberLink [2009-03-28 21:05:05 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-07-14 19:00:51 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2009-09-03 19:33:31 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Findbasic [2002-01-01 07:56:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\FLEXnet [2009-03-02 16:56:49 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\InterVideo [2009-10-06 15:57:50 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Pinnacle [2009-02-28 15:14:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Teleca [2009-09-06 16:16:04 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\TEMP [2009-04-13 19:29:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited [2009-05-20 14:18:33 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\TrackMania [2009-06-13 17:59:24 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2009-05-19 10:17:48 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems [2009-02-25 20:26:16 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Default User\Dane aplikacji [2009-08-26 19:10:23 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji [2009-02-25 20:15:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\ACD Systems [2009-04-12 22:26:02 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Ahead [2009-06-02 12:02:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Any Video Converter [2009-04-24 21:36:51 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\AVI ReComp [2009-02-25 23:00:08 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\CyberLink [2009-03-28 21:06:01 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\DAEMON Tools [2009-09-06 10:56:25 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\DAEMON Tools Lite [2009-05-03 15:42:37 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\DAEMON Tools Pro [2009-03-14 12:32:34 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Gadu-Gadu [2009-05-14 21:57:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\GetRightToGo [2009-02-28 18:42:06 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Leadertech [2009-02-25 22:15:29 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Nowe Gadu-Gadu [2009-07-27 13:40:58 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\OpenOffice.org [2009-04-20 21:57:58 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Publish Providers [2009-03-27 20:28:41 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\SecuROM [2009-04-20 21:57:34 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Sony [2009-02-26 16:34:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Teleca [2009-06-13 18:05:03 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Ubisoft [2009-03-02 18:11:13 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Ulead Systems [2009-07-29 11:49:41 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\ViStart [2009-08-10 20:38:10 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Xenorate [2009-10-03 18:35:44 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji [2009-02-25 20:30:53 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\ACD Systems [2009-05-16 19:53:50 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Ahead [2009-10-04 00:32:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Any Video Converter [2009-04-03 15:15:04 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\DAEMON Tools [2009-09-05 09:38:11 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\DAEMON Tools Lite [2009-05-08 20:52:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\DAEMON Tools Pro [2009-10-04 22:25:25 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Dark Sector [2009-04-25 22:26:08 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\GetRightToGo [2009-10-03 17:58:55 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\GRETECH [2009-04-07 15:54:23 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\gtk-2.0 [2009-03-03 18:25:07 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Leadertech [2009-05-08 19:10:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\NetMedia Providers [2009-06-29 19:37:32 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Nowe Gadu-Gadu [2009-05-08 20:54:49 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Off Road [2009-09-28 18:39:10 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\OpenOffice.org [2009-05-08 19:10:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Publish Providers [2009-02-27 22:04:11 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Teleca [2009-03-02 16:58:37 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Ulead Systems [2009-08-27 17:45:46 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Xenorate [2009-09-03 19:58:12 | 00,000,000 | ---D | M] -- H:\Documents and Settings\LocalService\Dane aplikacji [2009-02-25 19:34:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\NetworkService\Dane aplikacji [2009-10-04 18:11:30 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji [2009-09-04 15:05:23 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Ahead [2009-07-31 19:02:50 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\AVI ReComp [2009-09-14 19:51:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\DAEMON Tools Pro [2009-10-03 14:26:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Dark Sector [2009-07-30 21:52:00 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Flock [2009-09-20 17:34:12 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\GRETECH [2009-07-30 16:20:17 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Nowe Gadu-Gadu [2009-08-10 20:40:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\OpenOffice.org [2009-08-29 20:29:52 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\SecuROM [2009-07-30 15:58:05 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Teleca [2009-10-01 16:20:02 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\TSRWorkshop [2001-07-22 02:17:50 | 00,000,065 | RH-- | M] () -- H:\windows\Tasks\desktop.ini [2009-10-06 17:46:46 | 00,001,032 | ---- | M] () -- H:\windows\Tasks\GoogleUpdateTaskMachineCore.job [2009-10-06 20:49:00 | 00,001,036 | ---- | M] () -- H:\windows\Tasks\GoogleUpdateTaskMachineUA.job [2009-10-06 17:46:42 | 00,000,006 | -H-- | M] () -- H:\windows\Tasks\SA.DAT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 143 bytes -> H:\Documents and Settings\All Users\Dane aplikacji\TEMP:8CE646EE @Alternate Data Stream - 133 bytes -> H:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF < End of report >[/log] powód: założyłem już wcześniej temat w dziale Awarie Komputera (http://www.forumpc.pl/index.php?showtopic=125885&st=0&gopid=875065&#entry875065), wykonałem wskazówki i zostałem tutaj pokierowany, proszę serdecznie o pomoc i dalsze wskazówki
Psycholandia komentarz 7 października 2009 komentarz 7 października 2009 W okienko OTL wklej poniższy skrypt i klik na Run Fix: [code]:Processes explorer.exe :OTL O4 - HKLM..\Run: [mirc] C:\WINDOWS\WINCRA\mirc.exe File not found O8 - Extra context menu item: &Search - File not found O8 - Extra context menu item: E&ksport do programu Microsoft Excel - H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE File not found :Files H:\windows\tasks\GoogleUpdateTaskMachineUA.job H:\windows\Twunk001.MTX H:\windows\Twain001.Mtx H:\windows\tasks\GoogleUpdateTaskMachineCore.job :Commands [emptytemp] [start explorer] [Reboot][/code] Dajesz loga powstałego po usuwaniu + nowego. Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware)
chrisx94 komentarz 11 października 2009 Autor komentarz 11 października 2009 mam pytanie, czy to niczemu nie zaszkodzi na komputerze? utrata danych, użytkowników czy ustawień? Bo w sumie zostaną usunięte jakieś pliki i zastanawiam się czy są jakieś konsekwencje (robię to pierwszy raz)
MarekM25 komentarz 11 października 2009 komentarz 11 października 2009 Usuwana jest tu tylko kosmetyka, więc nic się nie stanie.
chrisx94 komentarz 11 października 2009 Autor komentarz 11 października 2009 (edytowane) niechcący zrobiłem to Fix 2 razy ale mam nadzieję, że to nic nie zepsuło, po uruchomieniu ponownym komputera wyskoczył plik: [log] File delete failed. H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\h9n4nthe.default\XPC.mfl scheduled to be deleted on reboot. File delete failed. H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\h9n4nthe.default\XUL.mfl scheduled to be deleted on reboot. ->FireFox cache emptied: 3923743 bytes User: LocalService ->Temp folder emptied: 0 bytes File delete failed. H:\Documents and Settings\LocalService\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 32768 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Wiktoria ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 950272 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes File delete failed. H:\windows\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot. File delete failed. H:\windows\temp\Perflib_Perfdata_5a8.dat scheduled to be deleted on reboot. File delete failed. H:\windows\temp\Perflib_Perfdata_91c.dat scheduled to be deleted on reboot. Windows Temp folder emptied: 32919 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 7,66 mb OTL by OldTimer - Version 3.0.18.4 log created on 10112009_204220 Files\Folders moved on Reboot... H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\h9n4nthe.default\Cache\_CACHE_001_ moved successfully. H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\h9n4nthe.default\Cache\_CACHE_002_ moved successfully. H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\h9n4nthe.default\Cache\_CACHE_003_ moved successfully. H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\h9n4nthe.default\Cache\_CACHE_MAP_ moved successfully. H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\h9n4nthe.default\urlclassifier3.sqlite moved successfully. H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\h9n4nthe.default\XPC.mfl moved successfully. H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Mozilla\Firefox\Profiles\h9n4nthe.default\XUL.mfl moved successfully. H:\windows\temp\_avast4_\Webshlock.txt moved successfully. H:\windows\temp\Perflib_Perfdata_5a8.dat moved successfully. H:\windows\temp\Perflib_Perfdata_91c.dat moved successfully. Registry entries deleted on Reboot... [/log] i co teraz jeszcze trzeba zrobić? o tu jest ten pierwszy, ale pod koniec zresetował mi się komp i nie wiedziałem gdzie jest [log] All processes killed ========== PROCESSES ========== Process explorer.exe killed successfully! ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\mirc deleted successfully. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Search\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&ksport do programu Microsoft Excel\ deleted successfully. ========== FILES ========== H:\windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully. H:\windows\Twunk001.MTX moved successfully. H:\windows\Twain001.Mtx moved successfully. H:\windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Gosia File delete failed. H:\Documents and Settings\Gosia\Ustawienia lokalne\Temp\14F0C08.dmp scheduled to be deleted on reboot. ->Temp folder emptied: 1161865514 bytes File delete failed. H:\Documents and Settings\Gosia\Ustawienia lokalne\Temporary Internet Files\Content.IE5\ZIF28YJO\CAMN4L8X.htm scheduled to be deleted on reboot. File delete failed. H:\Documents and Settings\Gosia\Ustawienia lokalne\Temporary Internet Files\Content.IE5\R0YZUQY3\getmainbanner8[1].htm scheduled to be deleted on reboot. File delete failed. H:\Documents and Settings\Gosia\Ustawienia lokalne\Temporary Internet Files\Content.IE5\JO1EAXIU\CANIOR35.htm scheduled to be deleted on reboot. File delete failed. H:\Documents and Settings\Gosia\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 58209579 bytes ->Java cache emptied: 26840155 bytes ->FireFox cache emptied: 59671356 bytes User: Krzysztof ->Temp folder emptied: 637838117 bytes File delete failed. H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Temporary Internet Files\Content.IE5\RTM7KL67\getmainbanner8[2].htm scheduled to be deleted on reboot. File delete failed. H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 134050500 bytes ->Java cache emptied: 26001977 bytes ->FireFox cache emptied: 85374282 bytes User: LocalService ->Temp folder emptied: 65984 bytes File delete failed. H:\Documents and Settings\LocalService\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 1353283 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Wiktoria ->Temp folder emptied: 902359894 bytes File delete failed. H:\Documents and Settings\Wiktoria\Ustawienia lokalne\Temporary Internet Files\Content.IE5\CN2N585V\getmainbanner8[1].htm scheduled to be deleted on reboot. File delete failed. H:\Documents and Settings\Wiktoria\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 52908370 bytes ->Java cache emptied: 25581514 bytes ->FireFox cache emptied: 98313742 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2352022 bytes %systemroot%\System32 .tmp files removed: 8054000 bytes File delete failed. H:\windows\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot. File delete failed. H:\windows\temp\Perflib_Perfdata_5a8.dat scheduled to be deleted on reboot. File delete failed. H:\windows\temp\Perflib_Perfdata_91c.dat scheduled to be deleted on reboot. Windows Temp folder emptied: 3195231 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = -964,04 mb OTL by OldTimer - Version 3.0.18.4 log created on 10112009_203536 Files\Folders moved on Reboot... H:\Documents and Settings\Gosia\Ustawienia lokalne\Temp\14F0C08.dmp moved successfully. H:\Documents and Settings\Gosia\Ustawienia lokalne\Temporary Internet Files\Content.IE5\ZIF28YJO\CAMN4L8X.htm moved successfully. H:\Documents and Settings\Gosia\Ustawienia lokalne\Temporary Internet Files\Content.IE5\R0YZUQY3\getmainbanner8[1].htm moved successfully. H:\Documents and Settings\Gosia\Ustawienia lokalne\Temporary Internet Files\Content.IE5\JO1EAXIU\CANIOR35.htm moved successfully. H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Temporary Internet Files\Content.IE5\RTM7KL67\getmainbanner8[2].htm moved successfully. H:\Documents and Settings\Wiktoria\Ustawienia lokalne\Temporary Internet Files\Content.IE5\CN2N585V\getmainbanner8[1].htm moved successfully. File move failed. H:\windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot. File move failed. H:\windows\temp\Perflib_Perfdata_5a8.dat scheduled to be moved on reboot. File move failed. H:\windows\temp\Perflib_Perfdata_91c.dat scheduled to be moved on reboot. Registry entries deleted on Reboot... [/log]nowy log po skanie z OTL: [log] OTL logfile created on: 2009-10-11 20:57:08 - Run 2 OTL by OldTimer - Version 3.0.18.4 Folder = I:\Programy\logi Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 67,72% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free Paging file location(s): [Binary data over 100 bytes] %SystemDrive% = H: | %SystemRoot% = H:\windows | %ProgramFiles% = H:\Program Files Drive C: | 1,85 Gb Total Space | 1,19 Gb Free Space | 64,13% Space Free | Partition Type: FAT32 D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded Drive G: | 3,53 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive H: | 48,83 Gb Total Space | 17,80 Gb Free Space | 36,46% Space Free | Partition Type: NTFS Drive I: | 156,25 Gb Total Space | 51,15 Gb Free Space | 32,74% Space Free | Partition Type: NTFS Drive J: | 167,53 Gb Total Space | 47,72 Gb Free Space | 28,48% Space Free | Partition Type: NTFS Computer Name: WWW-649A18D4B0C Current User Name: Krzysztof Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2008-11-26 19:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2008-11-26 19:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2009-07-09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- H:\Program Files\Bonjour\mDNSResponder.exe PRC - [2007-03-06 11:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) -- H:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe PRC - [1999-12-12 19:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- H:\windows\System32\CTsvcCDA.exe PRC - [2008-11-12 15:54:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- H:\windows\System32\nvsvc32.exe PRC - [2009-03-29 11:10:42 | 00,066,872 | ---- | M] () -- H:\windows\System32\PnkBstrA.exe PRC - [2009-09-18 16:45:59 | 01,760,928 | ---- | M] (VoiceFive Networks, Inc.) -- H:\Program Files\PremierOpinion\pmropn.exe PRC - [2009-03-24 21:56:16 | 00,133,104 | ---- | M] (Google Inc.) -- H:\Program Files\Google\Update\GoogleUpdate.exe PRC - [2008-04-14 22:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- H:\windows\Explorer.EXE PRC - [2009-10-07 20:33:06 | 00,045,056 | ---- | M] () -- H:\windows\System32\UTSCSI.EXE PRC - [2008-04-14 22:51:52 | 00,218,112 | ---- | M] (Microsoft Corporation) -- H:\windows\System32\wbem\wmiprvse.exe PRC - [2001-10-26 21:30:04 | 00,016,896 | ---- | M] (Microsoft Corporation) -- H:\windows\System32\wbem\unsecapp.exe PRC - [2007-04-10 09:28:44 | 16,126,464 | R--- | M] (Realtek Semiconductor Corp.) -- H:\windows\RTHDCPL.EXE PRC - [2009-07-27 13:38:34 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- H:\Program Files\Java\jre6\bin\jusched.exe PRC - [2008-11-26 19:18:51 | 00,081,000 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2003-08-01 13:11:02 | 00,032,768 | ---- | M] () -- H:\windows\System32\rmctrl.exe PRC - [2007-10-10 07:28:32 | 00,036,352 | ---- | M] () -- H:\Program Files\Winamp\winampa.exe PRC - [2009-02-25 20:09:12 | 00,180,269 | ---- | M] (RealNetworks, Inc.) -- H:\Program Files\Common Files\Real\Update_OB\realsched.exe PRC - [2005-06-07 00:46:24 | 00,057,344 | ---- | M] (Adobe Systems Incorporated) -- H:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe PRC - [2007-11-06 11:08:10 | 00,397,312 | ---- | M] (Creative Technology Ltd) -- H:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe PRC - [2009-07-13 14:03:10 | 00,292,128 | ---- | M] (Apple Inc.) -- H:\Program Files\iTunes\iTunesHelper.exe PRC - [2006-08-16 01:12:00 | 00,024,576 | ---- | M] (Creative Technology Ltd.) -- H:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe PRC - [2006-09-06 19:01:00 | 00,032,768 | R--- | M] (Creative Technology Ltd.) -- H:\windows\V0230Mon.exe PRC - [2006-10-27 00:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe PRC - [2007-05-16 10:27:16 | 00,153,136 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2008-04-14 23:51:32 | 01,695,232 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Messenger\msmsgs.exe PRC - [2009-04-23 15:51:38 | 00,691,656 | ---- | M] (DT Soft Ltd) -- H:\Program Files\DAEMON Tools Lite\daemon.exe PRC - [2004-07-08 16:13:42 | 00,106,496 | ---- | M] (Sony Corporation.) -- H:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe PRC - [2009-04-23 06:47:00 | 07,424,000 | ---- | M] (OpenOffice.org) -- H:\Program Files\OpenOffice.org 3\program\soffice.exe PRC - [2009-04-23 06:48:54 | 07,418,368 | ---- | M] (OpenOffice.org) -- H:\Program Files\OpenOffice.org 3\program\soffice.bin PRC - [2008-11-26 19:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2008-11-26 19:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2007-05-16 10:27:28 | 00,271,920 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe PRC - [2009-07-13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- H:\Program Files\iPod\bin\iPodService.exe PRC - [2009-09-10 20:52:54 | 00,908,280 | ---- | M] (Mozilla Corporation) -- H:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-10-06 16:23:55 | 00,520,704 | ---- | M] (OldTimer Tools) -- I:\Programy\logi\OTL.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-07-09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running]) SRV - [2005-09-23 08:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- H:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) SRV - [2008-11-26 19:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running]) SRV - [2008-11-26 19:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running]) SRV - [2008-11-26 19:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running]) SRV - [2008-11-26 19:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running]) SRV - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- H:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running]) SRV - [2007-03-06 11:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) -- H:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service [Auto | Running]) SRV - [2005-09-23 08:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - [1999-12-12 19:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- H:\windows\System32\CTsvcCDA.exe -- (Creative Service for CDROM Access [Auto | Running]) SRV - [2009-09-02 21:10:00 | 00,054,776 | ---- | M] () -- H:\Documents and Settings\All Users\Dane aplikacji\Findbasic\findbasic121.exe -- (Findbasic Service [Auto | Stopped]) SRV - [2006-10-20 22:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped]) SRV - [2009-03-24 21:56:16 | 00,133,104 | ---- | M] (Google Inc.) -- H:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9acba996552fe [Auto | Stopped]) SRV - [2008-04-14 22:50:46 | 00,038,400 | ---- | M] (Microsoft Corporation) -- H:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2005-04-04 01:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped]) SRV - [2006-10-30 04:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped]) SRV - [2009-07-13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- H:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running]) SRV - [2006-10-27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped]) SRV - [2007-04-13 22:09:56 | 00,792,112 | ---- | M] (Nero AG) -- H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped]) SRV - [2006-10-30 04:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped]) SRV - [2007-05-16 10:27:28 | 00,271,920 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running]) SRV - [2008-11-12 15:54:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- H:\windows\System32\nvsvc32.exe -- (NVSvc [Auto | Running]) SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped]) SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) SRV - [2009-03-29 11:10:42 | 00,066,872 | ---- | M] () -- H:\windows\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Running]) SRV - [2007-02-10 05:29:56 | 00,089,968 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter [Auto | Stopped]) SRV - [2009-10-07 20:33:06 | 00,045,056 | ---- | M] () -- H:\windows\System32\UTSCSI.EXE -- (UTSCSI [Auto | Running]) SRV - [2006-12-01 12:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped]) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2008-11-26 19:15:35 | 00,026,944 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running]) DRV - [2004-03-10 16:27:18 | 00,011,264 | ---- | M] (Pinnacle Systems GmbH) -- H:\windows\System32\drivers\ASAPIW2k.sys -- (ASAPIW2k [On_Demand | Running]) DRV - [2008-11-26 19:17:25 | 00,020,560 | ---- | M] (ALWIL Software) -- H:\windows\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running]) DRV - [2008-11-26 19:18:18 | 00,094,032 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running]) DRV - [2008-11-26 19:16:29 | 00,023,152 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running]) DRV - [2008-11-26 19:17:36 | 00,111,184 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aswSP.sys -- (aswSP [System | Running]) DRV - [2008-11-26 19:16:38 | 00,050,864 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aswTdi.sys -- (aswTdi [System | Running]) DRV - [2007-06-21 04:44:32 | 00,029,696 | R--- | M] (Atheros Communications) -- H:\windows\System32\DRIVERS\l251x86.sys -- (AtcL002 [On_Demand | Running]) DRV - [2004-03-08 12:55:50 | 00,013,567 | ---- | M] (B.H.A Corporation) -- H:\windows\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv [System | Running]) DRV - [2004-11-18 11:49:14 | 00,024,786 | ---- | M] (EUTRON) -- H:\windows\System32\Drivers\eusk2par.sys -- (eusk2par [System | Running]) DRV - [2004-11-18 11:49:14 | 00,045,534 | ---- | M] (EUTRON) -- H:\windows\System32\Drivers\eusk3usb.sys -- (eusk3usb [On_Demand | Stopped]) DRV - [2009-03-19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- H:\windows\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running]) DRV - [2004-05-02 10:47:08 | 00,023,040 | R--- | M] () -- H:\windows\System32\drivers\GVCplDrv.sys -- (GVCplDrv [On_Demand | Stopped]) DRV - [2008-04-13 22:06:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- H:\windows\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running]) DRV - [2007-04-10 13:04:40 | 04,397,568 | R--- | M] (Realtek Semiconductor Corp.) -- H:\windows\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running]) DRV - [2004-03-29 04:06:24 | 00,090,464 | ---- | M] (Pinnacle Systems GmbH) -- H:\windows\System32\DRIVERS\MarvinBus.sys -- (MarvinBus [On_Demand | Running]) DRV - [2004-08-13 04:56:20 | 00,005,810 | R--- | M] () -- H:\windows\System32\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running]) DRV - [2008-11-12 15:54:00 | 06,188,320 | ---- | M] (NVIDIA Corporation) -- H:\windows\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running]) DRV - [2002-03-19 10:29:16 | 00,014,165 | ---- | M] (Pinnacle Systems GmbH) -- H:\windows\System32\drivers\pclepci.sys -- (PCLEPCI [System | Running]) DRV - [2001-08-18 01:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- H:\windows\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- H:\windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running]) DRV - [2006-09-18 15:58:48 | 00,061,600 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27bus.sys -- (SE27bus [On_Demand | Stopped]) DRV - [2006-09-18 15:58:52 | 00,009,360 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27mdfl.sys -- (SE27mdfl [On_Demand | Stopped]) DRV - [2006-09-18 15:58:54 | 00,097,184 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27mdm.sys -- (SE27mdm [On_Demand | Stopped]) DRV - [2006-09-18 15:58:58 | 00,088,688 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27mgmt.sys -- (SE27mgmt [On_Demand | Stopped]) DRV - [2006-09-18 15:59:00 | 00,018,704 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se27nd5.sys -- (se27nd5 [On_Demand | Stopped]) DRV - [2006-09-18 15:59:02 | 00,086,560 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27obex.sys -- (SE27obex [On_Demand | Stopped]) DRV - [2006-09-18 15:59:08 | 00,090,800 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se27unic.sys -- (se27unic [On_Demand | Stopped]) DRV - [2006-11-30 16:13:56 | 00,061,536 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45bus.sys -- (se45bus [On_Demand | Stopped]) DRV - [2006-11-30 16:14:04 | 00,009,360 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45mdfl.sys -- (se45mdfl [On_Demand | Stopped]) DRV - [2006-11-30 16:14:04 | 00,097,088 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45mdm.sys -- (se45mdm [On_Demand | Stopped]) DRV - [2006-11-30 16:14:10 | 00,088,624 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45mgmt.sys -- (se45mgmt [On_Demand | Stopped]) DRV - [2006-11-30 16:14:10 | 00,018,704 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45nd5.sys -- (se45nd5 [On_Demand | Stopped]) DRV - [2006-11-30 16:14:14 | 00,086,432 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45obex.sys -- (se45obex [On_Demand | Stopped]) DRV - [2006-11-30 16:14:22 | 00,090,800 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45unic.sys -- (se45unic [On_Demand | Stopped]) DRV - [2008-04-13 22:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- H:\windows\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2005-08-10 14:44:04 | 00,050,688 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\sfdrv01.sys -- (sfdrv01 [Boot | Running]) DRV - [2005-05-16 15:20:39 | 00,006,656 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\sfhlp02.sys -- (sfhlp02 [Boot | Running]) DRV - [2005-08-10 16:06:28 | 00,019,968 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\sfsync02.sys -- (sfsync02 [Boot | Running]) DRV - [2009-09-04 19:16:25 | 00,721,904 | ---- | M] () -- H:\windows\System32\Drivers\sptd.sys -- (sptd [Boot | Running]) DRV - [2006-03-23 19:00:00 | 00,006,272 | R--- | M] (EyePower Games Pte. Ltd.) -- H:\windows\System32\DRIVERS\V0230Vfx.sys -- (V0230Vfx [On_Demand | Running]) DRV - [2006-09-28 19:01:00 | 00,500,480 | R--- | M] (Creative Technology Ltd.) -- H:\windows\System32\DRIVERS\V0230VID.sys -- (V0230VID [On_Demand | Running]) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = H:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\S-1-5-21-796845957-1343024091-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\S-1-5-21-796845957-1343024091-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://onet.pl" FF - prefs.js..extensions.enabledItems: {6E19037A-12E3-4295-8915-ED48BC341614}:1.3 FF - prefs.js..extensions.enabledItems: {C3F23840-B14B-4B61-AAEF-6BCC3621FA63}:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3 FF - prefs.js..keyword.URL: "http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZCfox000&fl=0&ptb=9D9JkilC01wiJRayfcZ8jA&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor=" FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: H:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-07-27 13:38:36 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: H:\Program Files\PremierOpinion [2009-10-02 14:19:06 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Flock 2.5.1\extensions\\Components: H:\Program Files\Flock\components [2009-08-25 14:06:54 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Flock 2.5.1\extensions\\Plugins: H:\Program Files\Flock\plugins [2009-10-05 19:04:22 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: H:\Program Files\Mozilla Firefox\components [2009-09-10 20:53:01 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: H:\Program Files\Mozilla Firefox\plugins [2009-10-09 18:57:38 | 00,000,000 | ---D | M] [2009-03-10 18:27:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\mozilla\Extensions [2009-03-10 18:27:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-02-25 20:29:51 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\mozilla\Firefox\Profiles\h9n4nthe.default\extensions [2009-06-01 15:00:04 | 00,009,941 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Mozilla\FireFox\Profiles\h9n4nthe.default\searchplugins\mywebsearch.xml [2009-10-11 15:09:31 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions [2009-09-10 20:52:53 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-02-25 20:36:55 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2009-09-03 19:58:11 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions\{C3F23840-B14B-4B61-AAEF-6BCC3621FA63} [2009-07-27 13:38:46 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2009-09-10 20:52:51 | 00,023,544 | ---- | M] (Mozilla Foundation) -- H:\Program Files\mozilla firefox\components\browserdirprovider.dll [2009-09-10 20:52:51 | 00,137,208 | ---- | M] (Mozilla Foundation) -- H:\Program Files\mozilla firefox\components\brwsrcmp.dll [2007-04-10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- H:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-30 16:29:22 | 00,049,152 | ---- | M] (Adobe Systems, Inc.) -- H:\Program Files\mozilla firefox\plugins\np32dsw.dll [2009-07-27 13:38:35 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- H:\Program Files\mozilla firefox\plugins\npdeploytk.dll [2009-09-10 20:52:56 | 00,065,016 | ---- | M] (mozilla.org) -- H:\Program Files\mozilla firefox\plugins\npnul32.dll [2006-10-26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- H:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2009-07-15 21:00:25 | 00,002,767 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2009-07-15 21:00:25 | 00,001,406 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2009-08-26 19:13:33 | 00,002,393 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\findbasic119.xml [2009-09-03 19:58:12 | 00,002,393 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\findbasic121.xml [2009-07-15 21:00:25 | 00,002,371 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\google.xml [2009-07-15 21:00:25 | 00,000,917 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2009-07-15 21:00:25 | 00,000,858 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2009-07-15 21:00:25 | 00,001,183 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2009-07-15 21:00:25 | 00,001,683 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: (731 bytes) - H:\windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Softonic-en Toolbar) - {983ad4d4-8b63-442f-8684-fbc1c067949c} - H:\Program Files\Softonic-en\tbSoft.dll (Conduit Ltd.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (Softonic-en Toolbar) - {983ad4d4-8b63-442f-8684-fbc1c067949c} - H:\Program Files\Softonic-en\tbSoft.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\..\Toolbar\WebBrowser: (Softonic-en Toolbar) - {983AD4D4-8B63-442F-8684-FBC1C067949C} - H:\Program Files\Softonic-en\tbSoft.dll (Conduit Ltd.) O4 - HKLM..\Run: [Adobe Photo Downloader] H:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] H:\windows\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avast!] H:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [AVFX Engine] H:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [CTCheck] H:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe (Creative Technology Ltd) O4 - HKLM..\Run: [GrooveMonitor] H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [H:\windows\system32\V0230Cvw.dll] H:\windows\System32\V0230Cvw.dll (Creative Technology Ltd.) O4 - HKLM..\Run: [iTunesHelper] H:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [NeroFilterCheck] H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] H:\windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] H:\windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] H:\windows\System32\nwiz.exe () O4 - HKLM..\Run: [PinnacleDriverCheck] H:\windows\System32\PSDrvCheck.exe () O4 - HKLM..\Run: [QuickTime Task] H:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [RemoteControl] H:\windows\System32\rmctrl.exe () O4 - HKLM..\Run: [RTHDCPL] H:\windows\RTHDCPL.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Sony Ericsson PC Suite] H:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe () O4 - HKLM..\Run: [SunJavaUpdateSched] H:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TkBellExe] H:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [V0230Mon.exe] H:\windows\V0230Mon.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [WinampAgent] H:\Program Files\Winamp\winampa.exe () O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [ares] H:\Program Files\Ares\Ares.exe (Ares Development Group) O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [Creative Live! Cam Manager] H:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe (Creative Technology Ltd.) O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [DAEMON Tools Lite] H:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [MSMSGS] H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [Nowe Gadu-Gadu] H:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.) O4 - Startup: H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package Menu.lnk = H:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe (Sony Corporation) O4 - Startup: H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package VCD Maker.lnk = H:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe (Sony Corporation.) O4 - Startup: H:\Documents and Settings\Gosia\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe () O4 - Startup: H:\Documents and Settings\Krzysztof\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe () O4 - Startup: H:\Documents and Settings\Wiktoria\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xport to Microsoft Excel - H:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\windows\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - H:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - H:\windows\System32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - H:\windows\System32\rsvpsp.dll (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.58 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - H:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter: - text/xml - H:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - H:\windows\Explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\PremierOpinion: DllName - H:\Program Files\PremierOpinion\pmls.dll - H:\Program Files\PremierOpinion\pmls.dll (VoiceFive Networks, Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{46e2a893-0cb8-11de-b09a-001d60a8d52e}\Shell\AutoRun\command - "" = C:\uvsqfgwd.cmd -- File not found O33 - MountPoints2\{46e2a893-0cb8-11de-b09a-001d60a8d52e}\Shell\open\Command - "" = C:\uvsqfgwd.cmd -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - H:\windows\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-10-04 16:14:08 | 00,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help [2009-10-06 15:57:50 | 00,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Dane aplikacji\Pinnacle [2009-10-03 18:35:44 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Dark Sector [2009-10-03 17:58:55 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\GRETECH [2009-09-28 18:39:10 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\OpenOffice.org [2009-09-21 20:51:16 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Conduit [2009-10-11 20:26:59 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\NFS Underground 2 [2009-09-21 20:51:16 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Softonic-en [2009-10-04 00:30:51 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Stardock [2009-10-05 19:15:44 | 00,000,000 | ---D | C] -- H:\Program Files\Common Files\DESIGNER [2009-10-11 20:26:57 | 00,000,000 | ---D | C] -- H:\Program Files\Common Files\DirectX [2009-10-06 21:33:47 | 00,000,000 | ---D | C] -- H:\Program Files\Common Files\muvee Technologies [2009-09-12 23:15:40 | 00,000,000 | ---D | C] -- H:\Program Files\Ares [2009-09-20 17:33:18 | 00,000,000 | ---D | C] -- H:\Program Files\Conduit [2009-09-20 17:33:56 | 00,000,000 | ---D | C] -- H:\Program Files\GRETECH [2009-10-06 16:33:41 | 00,000,000 | ---D | C] -- H:\Program Files\HijackThis [2009-10-05 19:15:44 | 00,000,000 | ---D | C] -- H:\Program Files\Microsoft Visual Studio [2009-10-05 19:13:08 | 00,000,000 | ---D | C] -- H:\Program Files\Microsoft Visual Studio 8 [2009-10-05 19:16:23 | 00,000,000 | ---D | C] -- H:\Program Files\Microsoft Works [2009-10-05 19:15:05 | 00,000,000 | ---D | C] -- H:\Program Files\Microsoft.NET [2009-10-06 15:57:47 | 00,000,000 | ---D | C] -- H:\Program Files\Pinnacle [2009-10-06 21:35:10 | 00,000,000 | ---D | C] -- H:\Program Files\PIXELA [2009-09-20 17:33:18 | 00,000,000 | ---D | C] -- H:\Program Files\Softonic-en [2009-10-06 21:33:43 | 00,000,000 | ---D | C] -- H:\Program Files\Sony Corporation [2009-10-06 21:33:43 | 00,013,567 | ---- | C] (B.H.A Corporation) -- H:\windows\System32\drivers\CDRBSDRV.SYS [2009-10-06 18:05:09 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Moje dokumenty\Pinnacle Hollywood FX for Studio [2009-10-06 17:02:13 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Moje dokumenty\Pinnacle Studio [2009-10-06 16:30:58 | 00,294,912 | ---- | C] (Pegasus Imaging Corporation) -- H:\windows\System32\pvmjpg21.dll [2009-10-06 16:30:58 | 00,081,920 | ---- | C] (Pinnacle Systems) -- H:\windows\System32\vdrmux.dll [2009-10-06 16:30:58 | 00,046,592 | ---- | C] (Pinnacle Systems) -- H:\windows\System32\vdrcodec.dll [2009-10-06 16:28:31 | 00,019,456 | ---- | C] (VoB Computersysteme GmbH) -- H:\windows\System32\asapi.dll [2009-10-06 16:28:29 | 00,090,112 | ---- | C] (MindVision Software) -- H:\windows\unvise32.exe [2009-10-06 16:27:01 | 00,061,440 | ---- | C] (Pinnacle Systems) -- H:\windows\System32\pclepim1.dll [2009-10-06 16:27:00 | 00,049,152 | ---- | C] (Pinnacle Systems) -- H:\windows\System32\PCLEGetGuid.dll [2009-10-05 19:10:12 | 00,000,000 | RH-D | C] -- H:\MSOCache [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2009-10-11 20:51:45 | 00,000,003 | ---- | M] () -- H:\windows\Twain001.Mtx [2009-10-11 20:51:42 | 00,000,156 | ---- | M] () -- H:\windows\Twunk001.MTX [2009-10-11 20:50:31 | 00,002,645 | ---- | M] () -- H:\windows\System32\CONFIG.NT [2009-10-11 20:48:12 | 01,110,350 | ---- | M] () -- H:\windows\System32\PerfStringBackup.INI [2009-10-11 20:48:12 | 00,497,552 | ---- | M] () -- H:\windows\System32\perfh015.dat [2009-10-11 20:48:12 | 00,438,960 | ---- | M] () -- H:\windows\System32\perfh009.dat [2009-10-11 20:48:12 | 00,088,642 | ---- | M] () -- H:\windows\System32\perfc015.dat [2009-10-11 20:48:12 | 00,071,046 | ---- | M] () -- H:\windows\System32\perfc009.dat [2009-10-11 20:44:02 | 00,203,188 | ---- | M] () -- H:\windows\System32\nvapps.xml [2009-10-11 20:43:59 | 00,000,664 | ---- | M] () -- H:\windows\System32\d3d9caps.dat [2009-10-11 20:43:55 | 00,000,006 | -H-- | M] () -- H:\windows\tasks\SA.DAT [2009-10-11 20:43:49 | 00,002,048 | --S- | M] () -- H:\windows\bootstat.dat [2009-10-11 20:25:40 | 00,000,032 | ---- | M] () -- H:\windows\ZSAM.INI [2009-10-11 19:09:09 | 00,000,069 | ---- | M] () -- H:\windows\NeroDigital.ini [2009-10-11 19:07:25 | 00,171,520 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-10-07 20:33:06 | 00,045,056 | ---- | M] () -- H:\windows\System32\UTSCSI.EXE [2009-10-06 21:34:07 | 00,000,763 | ---- | M] () -- H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package Menu.lnk [2009-10-06 21:34:02 | 00,000,813 | ---- | M] () -- H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package VCD Maker.lnk [2009-10-06 18:21:32 | 00,000,063 | ---- | M] () -- H:\windows\PixieTool.INI [2009-10-06 18:19:42 | 00,000,349 | ---- | M] () -- H:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI [2009-10-06 16:54:25 | 01,807,984 | ---- | M] () -- H:\windows\System32\FNTCACHE.DAT [2009-10-06 16:39:50 | 00,198,840 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-10-06 16:33:41 | 00,001,582 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Pulpit\HijackThis.lnk [2009-10-05 19:20:50 | 00,000,843 | ---- | M] () -- H:\windows\win.ini [2009-10-05 15:53:43 | 00,002,206 | ---- | M] () -- H:\windows\System32\wpa.dbl [2009-10-04 00:59:13 | 01,044,604 | -H-- | M] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-10-04 00:36:47 | 00,444,952 | ---- | M] (Creative Labs) -- H:\windows\System32\wrap_oal.dll [2009-10-04 00:36:47 | 00,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- H:\windows\System32\OpenAL32.dll [2009-09-28 18:40:04 | 00,000,866 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk [2009-09-18 23:04:56 | 00,000,768 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Pulpit\Skrót do Ygoow.lnk [color=#E56717]========== Files - No Company Name ==========[/color] [2009-10-11 20:44:41 | 00,000,156 | ---- | C] () -- H:\windows\Twunk001.MTX [2009-10-11 20:44:41 | 00,000,003 | ---- | C] () -- H:\windows\Twain001.Mtx [2009-10-11 20:25:40 | 00,000,032 | ---- | C] () -- H:\windows\ZSAM.INI [2009-10-07 20:33:06 | 00,045,056 | ---- | C] () -- H:\windows\System32\UTSCSI.EXE [2009-10-06 21:34:07 | 00,000,763 | ---- | C] () -- H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package Menu.lnk [2009-10-06 21:34:06 | 00,001,458 | ---- | C] () -- H:\windows\System32\LTOCX12n.INF [2009-10-06 21:34:02 | 00,000,813 | ---- | C] () -- H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package VCD Maker.lnk [2009-10-06 16:33:41 | 00,001,582 | ---- | C] () -- H:\Documents and Settings\Krzysztof\Pulpit\HijackThis.lnk [2009-10-06 16:28:31 | 00,406,016 | ---- | C] () -- H:\windows\System32\PSDrvCheck.exe [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.KOR [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.JPN [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.JP [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.ITA [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.IT [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.FRA [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.FR [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.ESP [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.ES [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.DEU [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.DE [2009-10-06 16:28:31 | 00,026,112 | ---- | C] () -- H:\windows\System32\PSDrvCheck.CHT [2009-10-06 16:28:31 | 00,026,112 | ---- | C] () -- H:\windows\System32\PSDrvCheck.CHS [2009-10-06 16:28:31 | 00,016,896 | ---- | C] () -- H:\windows\System32\PSDrvCheck.NLD [2009-10-06 16:28:31 | 00,016,896 | ---- | C] () -- H:\windows\System32\PSDrvCheck.NL [2009-10-06 16:28:31 | 00,016,896 | ---- | C] () -- H:\windows\System32\PSDrvCheck.KO [2009-10-06 16:27:01 | 00,038,232 | ---- | C] () -- H:\windows\wmprfsky.prx [2009-10-06 16:27:01 | 00,037,916 | ---- | C] () -- H:\windows\wmprffra.prx [2009-10-06 16:27:01 | 00,037,014 | ---- | C] () -- H:\windows\wmprfhun.prx [2009-10-06 16:27:01 | 00,036,594 | ---- | C] () -- H:\windows\wmprfell.prx [2009-10-06 16:27:01 | 00,035,916 | ---- | C] () -- H:\windows\wmprfptg.prx [2009-10-06 16:27:01 | 00,035,680 | ---- | C] () -- H:\windows\wmprfita.prx [2009-10-06 16:27:01 | 00,035,590 | ---- | C] () -- H:\windows\wmprfesp.prx [2009-10-06 16:27:01 | 00,035,474 | ---- | C] () -- H:\windows\wmprfcsy.prx [2009-10-06 16:27:01 | 00,033,820 | ---- | C] () -- H:\windows\WMPrfDeu.prx [2009-10-06 16:27:01 | 00,033,694 | ---- | C] () -- H:\windows\wmprfptb.prx [2009-10-06 16:27:01 | 00,033,580 | ---- | C] () -- H:\windows\wmprfslv.prx [2009-10-06 16:27:01 | 00,033,336 | ---- | C] () -- H:\windows\WMPrfAra.prx [2009-10-06 16:27:01 | 00,033,314 | ---- | C] () -- H:\windows\wmprfsve.prx [2009-10-06 16:27:01 | 00,032,964 | ---- | C] () -- H:\windows\wmprfnld.prx [2009-10-06 16:27:01 | 00,032,852 | ---- | C] () -- H:\windows\wmprfnor.prx [2009-10-06 16:27:01 | 00,032,022 | ---- | C] () -- H:\windows\wmprftrk.prx [2009-10-06 16:27:01 | 00,031,764 | ---- | C] () -- H:\windows\wmprffin.prx [2009-10-06 16:27:01 | 00,031,712 | ---- | C] () -- H:\windows\wmprfdan.prx [2009-10-06 16:27:01 | 00,028,718 | ---- | C] () -- H:\windows\wmprfheb.prx [2009-10-06 16:27:01 | 00,023,304 | ---- | C] () -- H:\windows\WMPrfJpn.prx [2009-10-06 16:27:01 | 00,022,338 | ---- | C] () -- H:\windows\WMPrfKor.prx [2009-10-06 16:27:01 | 00,000,804 | ---- | C] () -- H:\windows\wmprfrus.prx [2009-10-06 16:27:01 | 00,000,136 | ---- | C] () -- H:\windows\WMPrfCHS.prx [2009-10-06 16:27:01 | 00,000,132 | ---- | C] () -- H:\windows\WMPrfCHT.prx [2009-10-06 16:26:22 | 00,000,063 | ---- | C] () -- H:\windows\PixieTool.INI [2009-10-06 16:01:11 | 00,000,349 | ---- | C] () -- H:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI [2009-10-04 00:59:13 | 01,044,604 | -H-- | C] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-09-28 18:40:04 | 00,000,866 | ---- | C] () -- H:\Documents and Settings\Krzysztof\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk [2009-07-30 22:24:15 | 00,024,575 | ---- | C] () -- H:\windows\System32\Qsusengwinsyspio49.dll [2009-07-13 22:09:50 | 00,043,520 | ---- | C] () -- H:\windows\System32\CmdLineExt03.dll [2009-06-23 14:35:45 | 00,354,816 | ---- | C] () -- H:\windows\System32\psisdecd.dll [2009-04-25 22:39:16 | 00,000,000 | ---- | C] () -- H:\windows\PlayDemo.INI [2009-04-22 18:35:37 | 00,069,632 | ---- | C] () -- H:\windows\System32\xmltok.dll [2009-04-22 18:35:37 | 00,036,864 | ---- | C] () -- H:\windows\System32\xmlparse.dll [2009-03-29 18:41:15 | 00,237,568 | ---- | C] () -- H:\windows\System32\lame_enc.dll [2009-03-28 21:27:35 | 00,138,184 | ---- | C] () -- H:\windows\System32\drivers\PnkBstrK.sys [2009-03-14 15:33:54 | 00,721,904 | ---- | C] () -- H:\windows\System32\drivers\sptd.sys [2009-03-07 22:36:23 | 00,012,288 | ---- | C] () -- H:\windows\impborl.dll [2009-03-07 22:27:48 | 00,000,011 | ---- | C] () -- H:\windows\wanpatan.ini [2009-03-02 16:56:47 | 00,210,456 | ---- | C] () -- H:\windows\System32\IVIresizeW7.dll [2009-03-02 16:56:47 | 00,198,168 | ---- | C] () -- H:\windows\System32\IVIresizeP6.dll [2009-03-02 16:56:47 | 00,194,072 | ---- | C] () -- H:\windows\System32\IVIresizePX.dll [2009-03-02 16:56:46 | 00,206,360 | ---- | C] () -- H:\windows\System32\IVIresizeA6.dll [2009-03-02 16:56:46 | 00,198,168 | ---- | C] () -- H:\windows\System32\IVIresizeM6.dll [2009-03-02 16:56:46 | 00,026,136 | ---- | C] () -- H:\windows\System32\IVIresize.dll [2009-02-28 15:38:49 | 00,000,000 | ---- | C] () -- H:\windows\mngui.INI [2009-02-26 21:55:49 | 00,171,520 | ---- | C] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-02-25 22:55:12 | 00,000,069 | ---- | C] () -- H:\windows\NeroDigital.ini [2009-02-25 20:31:40 | 00,198,840 | ---- | C] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-02-25 20:29:05 | 00,000,062 | -HS- | C] () -- H:\Documents and Settings\Krzysztof\Dane aplikacji\desktop.ini [2009-02-25 20:26:16 | 00,000,062 | -HS- | C] () -- H:\Documents and Settings\All Users\Dane aplikacji\desktop.ini [2009-02-25 20:16:41 | 00,036,864 | ---- | C] () -- H:\windows\System32\ctrldll.dll [2009-02-25 20:12:04 | 00,000,421 | ---- | C] () -- H:\windows\ODBC.INI [2009-02-25 19:49:56 | 00,023,040 | R--- | C] () -- H:\windows\System32\drivers\GVCplDrv.sys [2009-02-25 19:39:15 | 00,005,810 | R--- | C] () -- H:\windows\System32\drivers\ASACPI.sys [2009-02-25 19:39:14 | 00,011,839 | ---- | C] () -- H:\windows\Ascd_tmp.ini [2009-02-25 19:39:03 | 00,010,288 | ---- | C] () -- H:\windows\System32\drivers\ASUSHWIO.SYS [2008-12-18 00:30:06 | 00,815,104 | ---- | C] () -- H:\windows\System32\xvidcore.dll [2008-12-18 00:30:06 | 00,180,224 | ---- | C] () -- H:\windows\System32\xvidvfw.dll [2008-11-12 15:54:00 | 01,703,936 | ---- | C] () -- H:\windows\System32\nvwdmcpl.dll [2008-11-12 15:54:00 | 01,486,848 | ---- | C] () -- H:\windows\System32\nview.dll [2008-11-12 15:54:00 | 01,019,904 | ---- | C] () -- H:\windows\System32\nvwimg.dll [2008-11-12 15:54:00 | 00,466,944 | ---- | C] () -- H:\windows\System32\nvshell.dll [2008-10-07 10:13:30 | 00,197,912 | ---- | C] () -- H:\windows\System32\physxcudart_20.dll [2008-10-07 10:13:22 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelTraditionalChinese.dll [2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelSwedish.dll [2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelSpanish.dll [2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelPortugese.dll [2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelKorean.dll [2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelJapanese.dll [2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelGerman.dll [2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelFrench.dll [2007-11-26 21:56:28 | 00,151,415 | ---- | C] () -- H:\windows\System32\xlive.dll.cat [2005-02-23 18:57:35 | 00,971,776 | ---- | C] () -- H:\windows\System32\SSCProt.dll [2004-03-18 07:44:29 | 01,663,068 | ---- | C] () -- H:\windows\System32\libmmd.dll [2002-10-16 00:54:04 | 00,153,088 | ---- | C] () -- H:\windows\System32\unrar.dll [2002-03-17 02:00:00 | 00,007,420 | ---- | C] () -- H:\windows\UA000088.DLL [2001-10-26 21:28:10 | 00,003,584 | ---- | C] () -- H:\windows\System32\iprop.dll [2001-07-22 02:16:20 | 00,000,843 | ---- | C] () -- H:\windows\win.ini [2001-07-22 02:15:52 | 00,000,284 | ---- | C] () -- H:\windows\system.ini [color=#E56717]========== LOP Check ==========[/color] [2009-10-06 15:57:50 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\All Users\Dane aplikacji [2009-08-25 14:07:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2009-02-25 20:15:28 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\ACD Systems [2009-02-25 20:05:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Ahead [2009-06-19 19:29:46 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2009-05-20 12:16:53 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\ConeXware [2009-02-25 20:16:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\CyberLink [2009-03-28 21:05:05 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-07-14 19:00:51 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2009-09-03 19:33:31 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Findbasic [2002-01-01 07:56:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\FLEXnet [2009-03-02 16:56:49 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\InterVideo [2009-10-06 15:57:50 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Pinnacle [2009-02-28 15:14:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Teleca [2009-09-06 16:16:04 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\TEMP [2009-04-13 19:29:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited [2009-05-20 14:18:33 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\TrackMania [2009-06-13 17:59:24 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2009-05-19 10:17:48 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems [2009-02-25 20:26:16 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Default User\Dane aplikacji [2009-08-26 19:10:23 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji [2009-02-25 20:15:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\ACD Systems [2009-04-12 22:26:02 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Ahead [2009-06-02 12:02:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Any Video Converter [2009-04-24 21:36:51 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\AVI ReComp [2009-02-25 23:00:08 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\CyberLink [2009-03-28 21:06:01 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\DAEMON Tools [2009-09-06 10:56:25 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\DAEMON Tools Lite [2009-05-03 15:42:37 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\DAEMON Tools Pro [2009-03-14 12:32:34 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Gadu-Gadu [2009-05-14 21:57:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\GetRightToGo [2009-02-28 18:42:06 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Leadertech [2009-02-25 22:15:29 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Nowe Gadu-Gadu [2009-07-27 13:40:58 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\OpenOffice.org [2009-04-20 21:57:58 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Publish Providers [2009-03-27 20:28:41 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\SecuROM [2009-04-20 21:57:34 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Sony [2009-02-26 16:34:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Teleca [2009-06-13 18:05:03 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Ubisoft [2009-03-02 18:11:13 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Ulead Systems [2009-07-29 11:49:41 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\ViStart [2009-08-10 20:38:10 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Xenorate [2009-10-07 20:33:26 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji [2009-02-25 20:30:53 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\ACD Systems [2009-05-16 19:53:50 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Ahead [2009-10-04 00:32:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Any Video Converter [2009-04-03 15:15:04 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\DAEMON Tools [2009-09-05 09:38:11 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\DAEMON Tools Lite [2009-05-08 20:52:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\DAEMON Tools Pro [2009-10-11 14:54:08 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Dark Sector [2009-04-25 22:26:08 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\GetRightToGo [2009-10-03 17:58:55 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\GRETECH [2009-04-07 15:54:23 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\gtk-2.0 [2009-03-03 18:25:07 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Leadertech [2009-05-08 19:10:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\NetMedia Providers [2009-06-29 19:37:32 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Nowe Gadu-Gadu [2009-05-08 20:54:49 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Off Road [2009-09-28 18:39:10 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\OpenOffice.org [2009-05-08 19:10:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Publish Providers [2009-02-27 22:04:11 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Teleca [2009-03-02 16:58:37 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Ulead Systems [2009-08-27 17:45:46 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Xenorate [2009-09-03 19:58:12 | 00,000,000 | ---D | M] -- H:\Documents and Settings\LocalService\Dane aplikacji [2009-02-25 19:34:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\NetworkService\Dane aplikacji [2009-10-10 16:27:04 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji [2009-09-04 15:05:23 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Ahead [2009-07-31 19:02:50 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\AVI ReComp [2009-09-14 19:51:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\DAEMON Tools Pro [2009-10-03 14:26:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Dark Sector [2009-07-30 21:52:00 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Flock [2009-09-20 17:34:12 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\GRETECH [2009-07-30 16:20:17 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Nowe Gadu-Gadu [2009-08-10 20:40:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\OpenOffice.org [2009-08-29 20:29:52 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\SecuROM [2009-10-10 16:25:20 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Teleca [2009-10-01 16:20:02 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\TSRWorkshop [2001-07-22 02:17:50 | 00,000,065 | RH-- | M] () -- H:\windows\Tasks\desktop.ini [2009-10-11 20:43:55 | 00,000,006 | -H-- | M] () -- H:\windows\Tasks\SA.DAT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 143 bytes -> H:\Documents and Settings\All Users\Dane aplikacji\TEMP:8CE646EE @Alternate Data Stream - 133 bytes -> H:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF < End of report > [/log]zrobiłem skan Malwarebytes i brawo, znalazł mi ponad 50 zainfekowanych, większość to trojany i registry key, ale są też wśród tych plików pliki systemowe stąd pytanie czy na pewno usunąć zaznaczone pliki- zamieszczam screenproszę, log z Malwarebytes: [log] Malwarebytes' Anti-Malware 1.41 Wersja bazy definicji: 2943 Windows 5.1.2600 Dodatek Service Pack 3 2009-10-11 21:16:29 mbam-log-2009-10-11 (21-16-26).txt Typ skanowania: Szybkie skanowanie Przeskanowane obiekty: 115197 Upłynęło: 2 minute(s), 20 second(s) Zainfekowane procesy w pamięci: 1 Zainfekowane moduły pamięci: 2 Zainfekowane klucze rejestru: 26 Zainfekowane wartości rejestru: 2 Zainfekowane pliki rejestru: 0 Zainfekowane foldery: 8 Zainfekowane pliki: 18 Zainfekowane procesy w pamięci: H:\Program Files\PremierOpinion\pmropn.exe (Trojan.Agent) -> No action taken. Zainfekowane moduły pamięci: H:\Program Files\PremierOpinion\pmls.dll (Trojan.Agent) -> No action taken. H:\Program Files\PremierOpinion\components\pmxg.dll (Trojan.Agent) -> No action taken. Zainfekowane klucze rejestru: HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken. HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> No action taken. HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken. HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{eeb86aef-4a5d-4b75-9d74-f16d438fc286} (Adware.PremierOpinion) -> No action taken. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> No action taken. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> No action taken. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> No action taken. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> No action taken. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> No action taken. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\premieropinion (Trojan.Agent) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken. Zainfekowane wartości rejestru: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\h:\windows\system32\v0230cvw.dll (Trojan.Agent) -> No action taken. Zainfekowane pliki rejestru: (Nie wykryto groźnych plików) Zainfekowane foldery: H:\Program Files\MyWebSearch (Adware.MyWebSearch) -> No action taken. H:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken. H:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> No action taken. H:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> No action taken. H:\Program Files\premieropinion (Trojan.Agent) -> No action taken. H:\Program Files\premieropinion\components (Trojan.Agent) -> No action taken. H:\Documents and Settings\All Users\Menu Start\Programy\PremierOpinion (Adware.PremierOpinion) -> No action taken. H:\WINDOWS\system32\lowsec (Stolen.data) -> No action taken. Zainfekowane pliki: H:\Program Files\MyWebSearch\bar\History\search3 (Adware.MyWebSearch) -> No action taken. H:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken. H:\Program Files\premieropinion\chrome.manifest (Trojan.Agent) -> No action taken. H:\Program Files\premieropinion\install.rdf (Trojan.Agent) -> No action taken. H:\Program Files\premieropinion\pmls.dll (Trojan.Agent) -> No action taken. H:\Program Files\premieropinion\pmoci.bin (Trojan.Agent) -> No action taken. H:\Program Files\premieropinion\pmph.dll (Trojan.Agent) -> No action taken. H:\Program Files\premieropinion\pmropn.exe (Trojan.Agent) -> No action taken. H:\Program Files\premieropinion\pmservice.exe (Trojan.Agent) -> No action taken. H:\Program Files\premieropinion\pmxf.dll (Trojan.Agent) -> No action taken. H:\Program Files\premieropinion\components\pmxg.dll (Trojan.Agent) -> No action taken. H:\Documents and Settings\All Users\Menu Start\Programy\PremierOpinion\About PremierOpinion.lnk (Adware.PremierOpinion) -> No action taken. H:\Documents and Settings\All Users\Menu Start\Programy\PremierOpinion\Privacy Policy and User License Agreement.lnk (Adware.PremierOpinion) -> No action taken. H:\Documents and Settings\All Users\Menu Start\Programy\PremierOpinion\Support.lnk (Adware.PremierOpinion) -> No action taken. H:\Documents and Settings\All Users\Menu Start\Programy\PremierOpinion\Uninstall Instructions.lnk (Adware.PremierOpinion) -> No action taken. H:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> No action taken. H:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> No action taken. H:\WINDOWS\system32\lowsec\user.ds.lll (Stolen.data) -> No action taken. [/log]
Gość komentarz 12 października 2009 komentarz 12 października 2009 Usuń to co znalazł MBAM i będzie Oki. .
chrisx94 komentarz 12 października 2009 Autor komentarz 12 października 2009 ok, usunąłem wszystkie pliki oprócz systemowych i pytam po raz ostatni czy ich też trzeba się pozbyć? bo na razie nie widzę żadnych skutków tych skanów i usunięć
MarekM25 komentarz 12 października 2009 komentarz 12 października 2009 Usuń wszystko co znalazł MBAM. No i to tyle ogólnie nic takiego groźnego nie miałeś, więc skutków możesz nie odczuwać.
chrisx94 komentarz 13 października 2009 Autor komentarz 13 października 2009 sugerujecie w takim razie, że te problemy mogą być czym spowodowane? C/:windows rozruch, samoczynne otwieranie się Moich Dokumentów, jakaś idiotyczna notatka o SQL Writer, błąd biblioteki dll, strasznie mi to wszystko przeszkadza, zwłaszcza, że komp jest używany przez wielu użytkowników. W takim razie jakieś inne porady co do tych problemów???
MarekM25 komentarz 13 października 2009 komentarz 13 października 2009 Hmm daj jeszcze loga z Hijackthis lub otl. + załącz screeny co jest dokładnie na starcie systemu
chrisx94 komentarz 14 października 2009 Autor komentarz 14 października 2009 (edytowane) log z HijackThis: [log] Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:19:58, on 2009-10-14 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: H:\windows\System32\smss.exe H:\windows\system32\winlogon.exe H:\windows\system32\services.exe H:\windows\system32\lsass.exe H:\windows\system32\svchost.exe H:\windows\System32\svchost.exe H:\windows\system32\svchost.exe H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe H:\Program Files\Alwil Software\Avast4\ashServ.exe H:\windows\system32\spoolsv.exe H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe H:\Program Files\Bonjour\mDNSResponder.exe H:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe H:\windows\system32\CTsvcCDA.exe H:\windows\system32\nvsvc32.exe H:\windows\system32\PnkBstrA.exe H:\windows\system32\svchost.exe H:\Program Files\Google\Update\GoogleUpdate.exe H:\windows\system32\UTSCSI.EXE H:\windows\RTHDCPL.EXE H:\Program Files\Java\jre6\bin\jusched.exe H:\windows\system32\RUNDLL32.EXE H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe H:\WINDOWS\system32\rmctrl.exe H:\Program Files\Winamp\winampa.exe H:\Program Files\Common Files\Real\Update_OB\realsched.exe H:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe H:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe H:\Program Files\iTunes\iTunesHelper.exe H:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe H:\windows\V0230Mon.exe H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe H:\windows\system32\ctfmon.exe H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe H:\Program Files\Messenger\msmsgs.exe H:\Program Files\DAEMON Tools Lite\daemon.exe H:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe H:\Program Files\Ares\Ares.exe H:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe H:\Program Files\OpenOffice.org 3\program\soffice.exe H:\Program Files\OpenOffice.org 3\program\soffice.bin H:\windows\system32\wuauclt.exe H:\windows\system32\wuauclt.exe H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe H:\Program Files\Alwil Software\Avast4\ashWebSv.exe H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe H:\Program Files\iPod\bin\iPodService.exe H:\Program Files\Common Files\Teleca Shared\Generic.exe H:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe H:\windows\explorer.exe H:\Program Files\Mozilla Firefox\firefox.exe H:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza F2 - REG:system.ini: UserInit=H:\WINDOWS\system32\userinit.exe,userinit.exe, O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: Softonic-en Toolbar - {983ad4d4-8b63-442f-8684-fbc1c067949c} - H:\Program Files\Softonic-en\tbSoft.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Softonic-en Toolbar - {983ad4d4-8b63-442f-8684-fbc1c067949c} - H:\Program Files\Softonic-en\tbSoft.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast!] H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] H:\WINDOWS\system32\rmctrl.exe O4 - HKLM\..\Run: [WinampAgent] "H:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [TkBellExe] "H:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "H:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [Adobe Photo Downloader] "H:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [CTCheck] H:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "H:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVFX Engine] H:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe O4 - HKLM\..\Run: [V0230Mon.exe] H:\windows\V0230Mon.exe O4 - HKLM\..\Run: [GrooveMonitor] "H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [PinnacleDriverCheck] H:\windows\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "H:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [CTFMON.EXE] H:\windows\system32\ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MSMSGS] "H:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Nowe Gadu-Gadu] "H:\Program Files\Nowe Gadu-Gadu\gg.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "H:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [Creative Live! Cam Manager] "H:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" O4 - HKCU\..\Run: [ares] "H:\Program Files\Ares\Ares.exe" -h O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'SYSTEM') O4 - .DEFAULT Startup: OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Default user') O4 - Startup: OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: Adobe Gamma Loader.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Picture Package Menu.lnk = ? O4 - Global Startup: Picture Package VCD Maker.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bonjour Service - Apple Inc. - H:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Capture Device Service - InterVideo Inc. - H:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - H:\windows\system32\CTsvcCDA.exe O23 - Service: Findbasic Service - Unknown owner - H:\Documents and Settings\All Users\Dane aplikacji\Findbasic\findbasic121.exe O23 - Service: Google Update Service (gupdate1c9acba996552fe) (gupdate1c9acba996552fe) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - H:\Program Files\iPod\bin\iPodService.exe O23 - Service: NBService - Nero AG - H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\windows\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - H:\windows\system32\PnkBstrA.exe O23 - Service: CLCV0 (UTSCSI) - Unknown owner - H:\windows\system32\UTSCSI.EXE -- End of file - 10206 bytes [/log] OTL: [log] OTL logfile created on: 2009-10-14 11:20:57 - Run 3 OTL by OldTimer - Version 3.0.18.4 Folder = I:\Programy\logi Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 69,83% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free Paging file location(s): [Binary data over 100 bytes] %SystemDrive% = H: | %SystemRoot% = H:\windows | %ProgramFiles% = H:\Program Files C: Drive not present or media not loaded D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded Drive G: | 3,53 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive H: | 48,83 Gb Total Space | 17,65 Gb Free Space | 36,15% Space Free | Partition Type: NTFS Drive I: | 156,25 Gb Total Space | 50,19 Gb Free Space | 32,12% Space Free | Partition Type: NTFS Drive J: | 167,53 Gb Total Space | 47,72 Gb Free Space | 28,48% Space Free | Partition Type: NTFS Drive M: | 981,84 Mb Total Space | 12,86 Mb Free Space | 1,31% Space Free | Partition Type: FAT Computer Name: WWW-649A18D4B0C Current User Name: Krzysztof Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2008-11-26 19:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe PRC - [2008-11-26 19:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashServ.exe PRC - [2009-07-09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- H:\Program Files\Bonjour\mDNSResponder.exe PRC - [2007-03-06 11:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) -- H:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe PRC - [1999-12-12 19:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- H:\windows\System32\CTsvcCDA.exe PRC - [2008-11-12 15:54:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- H:\windows\System32\nvsvc32.exe PRC - [2009-03-29 11:10:42 | 00,066,872 | ---- | M] () -- H:\windows\System32\PnkBstrA.exe PRC - [2009-03-24 21:56:16 | 00,133,104 | ---- | M] (Google Inc.) -- H:\Program Files\Google\Update\GoogleUpdate.exe PRC - [2009-10-07 20:33:06 | 00,045,056 | ---- | M] () -- H:\windows\System32\UTSCSI.EXE PRC - [2007-04-10 09:28:44 | 16,126,464 | R--- | M] (Realtek Semiconductor Corp.) -- H:\windows\RTHDCPL.EXE PRC - [2009-07-27 13:38:34 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- H:\Program Files\Java\jre6\bin\jusched.exe PRC - [2008-11-26 19:18:51 | 00,081,000 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashDisp.exe PRC - [2003-08-01 13:11:02 | 00,032,768 | ---- | M] () -- H:\windows\System32\rmctrl.exe PRC - [2007-10-10 07:28:32 | 00,036,352 | ---- | M] () -- H:\Program Files\Winamp\winampa.exe PRC - [2009-02-25 20:09:12 | 00,180,269 | ---- | M] (RealNetworks, Inc.) -- H:\Program Files\Common Files\Real\Update_OB\realsched.exe PRC - [2005-06-07 00:46:24 | 00,057,344 | ---- | M] (Adobe Systems Incorporated) -- H:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe PRC - [2007-11-06 11:08:10 | 00,397,312 | ---- | M] (Creative Technology Ltd) -- H:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe PRC - [2009-07-13 14:03:10 | 00,292,128 | ---- | M] (Apple Inc.) -- H:\Program Files\iTunes\iTunesHelper.exe PRC - [2006-08-16 01:12:00 | 00,024,576 | ---- | M] (Creative Technology Ltd.) -- H:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe PRC - [2006-09-06 19:01:00 | 00,032,768 | R--- | M] (Creative Technology Ltd.) -- H:\windows\V0230Mon.exe PRC - [2006-10-27 00:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe PRC - [2007-05-16 10:27:16 | 00,153,136 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2008-04-14 23:51:32 | 01,695,232 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Messenger\msmsgs.exe PRC - [2009-04-23 15:51:38 | 00,691,656 | ---- | M] (DT Soft Ltd) -- H:\Program Files\DAEMON Tools Lite\daemon.exe PRC - [2006-09-06 09:42:00 | 00,143,360 | ---- | M] (Creative Technology Ltd.) -- H:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe PRC - [2008-12-13 06:23:30 | 00,882,176 | ---- | M] (Ares Development Group) -- H:\Program Files\Ares\Ares.exe PRC - [2004-07-08 16:13:42 | 00,106,496 | ---- | M] (Sony Corporation.) -- H:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe PRC - [2009-04-23 06:47:00 | 07,424,000 | ---- | M] (OpenOffice.org) -- H:\Program Files\OpenOffice.org 3\program\soffice.exe PRC - [2009-04-23 06:48:54 | 07,418,368 | ---- | M] (OpenOffice.org) -- H:\Program Files\OpenOffice.org 3\program\soffice.bin PRC - [2008-11-26 19:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe PRC - [2008-11-26 19:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashWebSv.exe PRC - [2007-05-16 10:27:28 | 00,271,920 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe PRC - [2009-07-13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- H:\Program Files\iPod\bin\iPodService.exe PRC - [2006-10-13 10:11:16 | 00,983,040 | R--- | M] (Obigo AB) -- H:\Program Files\Common Files\Teleca Shared\Generic.exe PRC - [2006-11-13 16:17:38 | 00,872,448 | R--- | M] (Sony Ericsson Mobile Communications AB) -- H:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe PRC - [2008-04-14 22:51:52 | 00,218,112 | ---- | M] (Microsoft Corporation) -- H:\windows\System32\wbem\wmiprvse.exe PRC - [2008-04-14 22:51:18 | 01,035,264 | ---- | M] (Microsoft Corporation) -- H:\windows\explorer.exe PRC - [2009-09-10 20:52:54 | 00,908,280 | ---- | M] (Mozilla Corporation) -- H:\Program Files\Mozilla Firefox\firefox.exe PRC - [2008-04-14 22:51:52 | 00,218,112 | ---- | M] (Microsoft Corporation) -- H:\windows\System32\wbem\wmiprvse.exe PRC - [2009-10-06 16:23:55 | 00,520,704 | ---- | M] (OldTimer Tools) -- I:\Programy\logi\OTL.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-07-09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running]) SRV - [2005-09-23 08:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- H:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) SRV - [2008-11-26 19:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running]) SRV - [2008-11-26 19:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running]) SRV - [2008-11-26 19:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running]) SRV - [2008-11-26 19:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- H:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running]) SRV - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- H:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running]) SRV - [2007-03-06 11:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) -- H:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service [Auto | Running]) SRV - [2005-09-23 08:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - [1999-12-12 19:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- H:\windows\System32\CTsvcCDA.exe -- (Creative Service for CDROM Access [Auto | Running]) SRV - [2009-09-02 21:10:00 | 00,054,776 | ---- | M] () -- H:\Documents and Settings\All Users\Dane aplikacji\Findbasic\findbasic121.exe -- (Findbasic Service [Auto | Stopped]) SRV - [2006-10-20 22:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped]) SRV - [2009-03-24 21:56:16 | 00,133,104 | ---- | M] (Google Inc.) -- H:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9acba996552fe [Auto | Stopped]) SRV - [2008-04-14 22:50:46 | 00,038,400 | ---- | M] (Microsoft Corporation) -- H:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2005-04-04 01:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped]) SRV - [2006-10-30 04:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped]) SRV - [2009-07-13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- H:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running]) SRV - [2006-10-27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped]) SRV - [2007-04-13 22:09:56 | 00,792,112 | ---- | M] (Nero AG) -- H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped]) SRV - [2006-10-30 04:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped]) SRV - [2007-05-16 10:27:28 | 00,271,920 | ---- | M] (Nero AG) -- H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running]) SRV - [2008-11-12 15:54:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- H:\windows\System32\nvsvc32.exe -- (NVSvc [Auto | Running]) SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped]) SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) SRV - [2009-03-29 11:10:42 | 00,066,872 | ---- | M] () -- H:\windows\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Running]) SRV - [2007-02-10 05:29:56 | 00,089,968 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter [Auto | Stopped]) SRV - [2009-10-07 20:33:06 | 00,045,056 | ---- | M] () -- H:\windows\System32\UTSCSI.EXE -- (UTSCSI [Auto | Running]) SRV - [2006-12-01 12:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped]) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2008-11-26 19:15:35 | 00,026,944 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running]) DRV - [2004-03-10 16:27:18 | 00,011,264 | ---- | M] (Pinnacle Systems GmbH) -- H:\windows\System32\drivers\ASAPIW2k.sys -- (ASAPIW2k [On_Demand | Running]) DRV - [2008-11-26 19:17:25 | 00,020,560 | ---- | M] (ALWIL Software) -- H:\windows\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running]) DRV - [2008-11-26 19:18:18 | 00,094,032 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running]) DRV - [2008-11-26 19:16:29 | 00,023,152 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running]) DRV - [2008-11-26 19:17:36 | 00,111,184 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aswSP.sys -- (aswSP [System | Running]) DRV - [2008-11-26 19:16:38 | 00,050,864 | ---- | M] (ALWIL Software) -- H:\windows\System32\drivers\aswTdi.sys -- (aswTdi [System | Running]) DRV - [2007-06-21 04:44:32 | 00,029,696 | R--- | M] (Atheros Communications) -- H:\windows\System32\DRIVERS\l251x86.sys -- (AtcL002 [On_Demand | Running]) DRV - [2004-03-08 12:55:50 | 00,013,567 | ---- | M] (B.H.A Corporation) -- H:\windows\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv [System | Running]) DRV - [2004-11-18 11:49:14 | 00,024,786 | ---- | M] (EUTRON) -- H:\windows\System32\Drivers\eusk2par.sys -- (eusk2par [System | Running]) DRV - [2004-11-18 11:49:14 | 00,045,534 | ---- | M] (EUTRON) -- H:\windows\System32\Drivers\eusk3usb.sys -- (eusk3usb [On_Demand | Stopped]) DRV - [2009-03-19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- H:\windows\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running]) DRV - [2004-05-02 10:47:08 | 00,023,040 | R--- | M] () -- H:\windows\System32\drivers\GVCplDrv.sys -- (GVCplDrv [On_Demand | Stopped]) DRV - [2008-04-13 22:06:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- H:\windows\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running]) DRV - [2007-04-10 13:04:40 | 04,397,568 | R--- | M] (Realtek Semiconductor Corp.) -- H:\windows\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running]) DRV - [2004-03-29 04:06:24 | 00,090,464 | ---- | M] (Pinnacle Systems GmbH) -- H:\windows\System32\DRIVERS\MarvinBus.sys -- (MarvinBus [On_Demand | Running]) DRV - [2004-08-13 04:56:20 | 00,005,810 | R--- | M] () -- H:\windows\System32\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running]) DRV - [2008-11-12 15:54:00 | 06,188,320 | ---- | M] (NVIDIA Corporation) -- H:\windows\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running]) DRV - [2002-03-19 10:29:16 | 00,014,165 | ---- | M] (Pinnacle Systems GmbH) -- H:\windows\System32\drivers\pclepci.sys -- (PCLEPCI [System | Running]) DRV - [2001-08-18 01:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- H:\windows\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- H:\windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running]) DRV - [2006-09-18 15:58:48 | 00,061,600 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27bus.sys -- (SE27bus [On_Demand | Stopped]) DRV - [2006-09-18 15:58:52 | 00,009,360 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27mdfl.sys -- (SE27mdfl [On_Demand | Stopped]) DRV - [2006-09-18 15:58:54 | 00,097,184 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27mdm.sys -- (SE27mdm [On_Demand | Stopped]) DRV - [2006-09-18 15:58:58 | 00,088,688 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27mgmt.sys -- (SE27mgmt [On_Demand | Stopped]) DRV - [2006-09-18 15:59:00 | 00,018,704 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se27nd5.sys -- (se27nd5 [On_Demand | Stopped]) DRV - [2006-09-18 15:59:02 | 00,086,560 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\SE27obex.sys -- (SE27obex [On_Demand | Stopped]) DRV - [2006-09-18 15:59:08 | 00,090,800 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se27unic.sys -- (se27unic [On_Demand | Stopped]) DRV - [2006-11-30 16:13:56 | 00,061,536 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45bus.sys -- (se45bus [On_Demand | Stopped]) DRV - [2006-11-30 16:14:04 | 00,009,360 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45mdfl.sys -- (se45mdfl [On_Demand | Stopped]) DRV - [2006-11-30 16:14:04 | 00,097,088 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45mdm.sys -- (se45mdm [On_Demand | Stopped]) DRV - [2006-11-30 16:14:10 | 00,088,624 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45mgmt.sys -- (se45mgmt [On_Demand | Stopped]) DRV - [2006-11-30 16:14:10 | 00,018,704 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45nd5.sys -- (se45nd5 [On_Demand | Stopped]) DRV - [2006-11-30 16:14:14 | 00,086,432 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45obex.sys -- (se45obex [On_Demand | Stopped]) DRV - [2006-11-30 16:14:22 | 00,090,800 | R--- | M] (MCCI) -- H:\windows\System32\DRIVERS\se45unic.sys -- (se45unic [On_Demand | Stopped]) DRV - [2008-04-13 22:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- H:\windows\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2005-08-10 14:44:04 | 00,050,688 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\sfdrv01.sys -- (sfdrv01 [Boot | Running]) DRV - [2005-05-16 15:20:39 | 00,006,656 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\sfhlp02.sys -- (sfhlp02 [Boot | Running]) DRV - [2005-08-10 16:06:28 | 00,019,968 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\sfsync02.sys -- (sfsync02 [Boot | Running]) DRV - [2009-09-04 19:16:25 | 00,721,904 | ---- | M] () -- H:\windows\System32\Drivers\sptd.sys -- (sptd [Boot | Running]) DRV - [2006-03-23 19:00:00 | 00,006,272 | R--- | M] (EyePower Games Pte. Ltd.) -- H:\windows\System32\DRIVERS\V0230Vfx.sys -- (V0230Vfx [On_Demand | Running]) DRV - [2006-09-28 19:01:00 | 00,500,480 | R--- | M] (Creative Technology Ltd.) -- H:\windows\System32\DRIVERS\V0230VID.sys -- (V0230VID [On_Demand | Running]) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = H:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\S-1-5-21-796845957-1343024091-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\S-1-5-21-796845957-1343024091-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://onet.pl" FF - prefs.js..extensions.enabledItems: {C3F23840-B14B-4B61-AAEF-6BCC3621FA63}:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3 FF - prefs.js..keyword.URL: "http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZCfox000&fl=0&ptb=9D9JkilC01wiJRayfcZ8jA&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor=" FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: H:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-07-27 13:38:36 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: H:\Program Files\PremierOpinion FF - HKLM\software\mozilla\Flock 2.5.1\extensions\\Components: H:\Program Files\Flock\components [2009-08-25 14:06:54 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Flock 2.5.1\extensions\\Plugins: H:\Program Files\Flock\plugins [2009-10-05 19:04:22 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: H:\Program Files\Mozilla Firefox\components [2009-09-10 20:53:01 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: H:\Program Files\Mozilla Firefox\plugins [2009-10-09 18:57:38 | 00,000,000 | ---D | M] [2009-03-10 18:27:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\mozilla\Extensions [2009-03-10 18:27:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-02-25 20:29:51 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\mozilla\Firefox\Profiles\h9n4nthe.default\extensions [2009-06-01 15:00:04 | 00,009,941 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Mozilla\FireFox\Profiles\h9n4nthe.default\searchplugins\mywebsearch.xml [2009-10-13 17:40:14 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions [2009-09-10 20:52:53 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-02-25 20:36:55 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2009-09-03 19:58:11 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions\{C3F23840-B14B-4B61-AAEF-6BCC3621FA63} [2009-07-27 13:38:46 | 00,000,000 | ---D | M] -- H:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2009-09-10 20:52:51 | 00,023,544 | ---- | M] (Mozilla Foundation) -- H:\Program Files\mozilla firefox\components\browserdirprovider.dll [2009-09-10 20:52:51 | 00,137,208 | ---- | M] (Mozilla Foundation) -- H:\Program Files\mozilla firefox\components\brwsrcmp.dll [2007-04-10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- H:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-30 16:29:22 | 00,049,152 | ---- | M] (Adobe Systems, Inc.) -- H:\Program Files\mozilla firefox\plugins\np32dsw.dll [2009-07-27 13:38:35 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- H:\Program Files\mozilla firefox\plugins\npdeploytk.dll [2009-09-10 20:52:56 | 00,065,016 | ---- | M] (mozilla.org) -- H:\Program Files\mozilla firefox\plugins\npnul32.dll [2006-10-26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- H:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2009-08-25 14:06:54 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2009-07-15 21:00:25 | 00,002,767 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2009-07-15 21:00:25 | 00,001,406 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2009-08-26 19:13:33 | 00,002,393 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\findbasic119.xml [2009-09-03 19:58:12 | 00,002,393 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\findbasic121.xml [2009-07-15 21:00:25 | 00,002,371 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\google.xml [2009-07-15 21:00:25 | 00,000,917 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2009-07-15 21:00:25 | 00,000,858 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2009-07-15 21:00:25 | 00,001,183 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2009-07-15 21:00:25 | 00,001,683 | ---- | M] () -- H:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: (731 bytes) - H:\windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Softonic-en Toolbar) - {983ad4d4-8b63-442f-8684-fbc1c067949c} - H:\Program Files\Softonic-en\tbSoft.dll (Conduit Ltd.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (Softonic-en Toolbar) - {983ad4d4-8b63-442f-8684-fbc1c067949c} - H:\Program Files\Softonic-en\tbSoft.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\..\Toolbar\WebBrowser: (Softonic-en Toolbar) - {983AD4D4-8B63-442F-8684-FBC1C067949C} - H:\Program Files\Softonic-en\tbSoft.dll (Conduit Ltd.) O4 - HKLM..\Run: [Adobe Photo Downloader] H:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] H:\windows\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avast!] H:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [AVFX Engine] H:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [CTCheck] H:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe (Creative Technology Ltd) O4 - HKLM..\Run: [GrooveMonitor] H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [iTunesHelper] H:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] H:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NeroFilterCheck] H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] H:\windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] H:\windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] H:\windows\System32\nwiz.exe () O4 - HKLM..\Run: [PinnacleDriverCheck] H:\windows\System32\PSDrvCheck.exe () O4 - HKLM..\Run: [QuickTime Task] H:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [RemoteControl] H:\windows\System32\rmctrl.exe () O4 - HKLM..\Run: [RTHDCPL] H:\windows\RTHDCPL.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Sony Ericsson PC Suite] H:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe () O4 - HKLM..\Run: [SunJavaUpdateSched] H:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TkBellExe] H:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [V0230Mon.exe] H:\windows\V0230Mon.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [WinampAgent] H:\Program Files\Winamp\winampa.exe () O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [ares] H:\Program Files\Ares\Ares.exe (Ares Development Group) O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [Creative Live! Cam Manager] H:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe (Creative Technology Ltd.) O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [DAEMON Tools Lite] H:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [MSMSGS] H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004..\Run: [Nowe Gadu-Gadu] H:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.) O4 - Startup: H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package Menu.lnk = H:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe (Sony Corporation) O4 - Startup: H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package VCD Maker.lnk = H:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe (Sony Corporation.) O4 - Startup: H:\Documents and Settings\Gosia\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe () O4 - Startup: H:\Documents and Settings\Krzysztof\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe () O4 - Startup: H:\Documents and Settings\Wiktoria\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk = H:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-796845957-1343024091-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xport to Microsoft Excel - H:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\windows\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - H:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - H:\windows\System32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - H:\windows\System32\rsvpsp.dll (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.58 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - H:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter: - text/xml - H:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - H:\windows\Explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{46e2a893-0cb8-11de-b09a-001d60a8d52e}\Shell\AutoRun\command - "" = C:\uvsqfgwd.cmd -- File not found O33 - MountPoints2\{46e2a893-0cb8-11de-b09a-001d60a8d52e}\Shell\open\Command - "" = C:\uvsqfgwd.cmd -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - H:\windows\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-10-11 20:59:58 | 00,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2009-10-04 16:14:08 | 00,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help [2009-10-06 15:57:50 | 00,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Dane aplikacji\Pinnacle [2009-10-03 18:35:44 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Dark Sector [2009-10-03 17:58:55 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\GRETECH [2009-10-11 21:00:03 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Malwarebytes [2009-09-28 18:39:10 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\OpenOffice.org [2009-09-21 20:51:16 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Conduit [2009-10-11 20:26:59 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\NFS Underground 2 [2009-09-21 20:51:16 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Softonic-en [2009-10-04 00:30:51 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\Stardock [2009-10-05 19:15:44 | 00,000,000 | ---D | C] -- H:\Program Files\Common Files\DESIGNER [2009-10-11 20:26:57 | 00,000,000 | ---D | C] -- H:\Program Files\Common Files\DirectX [2009-10-06 21:33:47 | 00,000,000 | ---D | C] -- H:\Program Files\Common Files\muvee Technologies [2009-09-20 17:33:18 | 00,000,000 | ---D | C] -- H:\Program Files\Conduit [2009-09-20 17:33:56 | 00,000,000 | ---D | C] -- H:\Program Files\GRETECH [2009-10-06 16:33:41 | 00,000,000 | ---D | C] -- H:\Program Files\HijackThis [2009-10-11 20:59:58 | 00,000,000 | ---D | C] -- H:\Program Files\Malwarebytes' Anti-Malware [2009-10-05 19:15:44 | 00,000,000 | ---D | C] -- H:\Program Files\Microsoft Visual Studio [2009-10-05 19:13:08 | 00,000,000 | ---D | C] -- H:\Program Files\Microsoft Visual Studio 8 [2009-10-05 19:16:23 | 00,000,000 | ---D | C] -- H:\Program Files\Microsoft Works [2009-10-05 19:15:05 | 00,000,000 | ---D | C] -- H:\Program Files\Microsoft.NET [2009-10-06 15:57:47 | 00,000,000 | ---D | C] -- H:\Program Files\Pinnacle [2009-10-06 21:35:10 | 00,000,000 | ---D | C] -- H:\Program Files\PIXELA [2009-09-20 17:33:18 | 00,000,000 | ---D | C] -- H:\Program Files\Softonic-en [2009-10-06 21:33:43 | 00,000,000 | ---D | C] -- H:\Program Files\Sony Corporation [2009-10-11 21:00:00 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- H:\windows\System32\drivers\mbamswissarmy.sys [2009-10-11 20:59:58 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- H:\windows\System32\drivers\mbam.sys [2009-10-06 21:33:43 | 00,013,567 | ---- | C] (B.H.A Corporation) -- H:\windows\System32\drivers\CDRBSDRV.SYS [2009-10-06 18:05:09 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Moje dokumenty\Pinnacle Hollywood FX for Studio [2009-10-06 17:02:13 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Krzysztof\Moje dokumenty\Pinnacle Studio [2009-10-06 16:30:58 | 00,294,912 | ---- | C] (Pegasus Imaging Corporation) -- H:\windows\System32\pvmjpg21.dll [2009-10-06 16:30:58 | 00,081,920 | ---- | C] (Pinnacle Systems) -- H:\windows\System32\vdrmux.dll [2009-10-06 16:30:58 | 00,046,592 | ---- | C] (Pinnacle Systems) -- H:\windows\System32\vdrcodec.dll [2009-10-06 16:28:31 | 00,019,456 | ---- | C] (VoB Computersysteme GmbH) -- H:\windows\System32\asapi.dll [2009-10-06 16:28:29 | 00,090,112 | ---- | C] (MindVision Software) -- H:\windows\unvise32.exe [2009-10-06 16:27:01 | 00,061,440 | ---- | C] (Pinnacle Systems) -- H:\windows\System32\pclepim1.dll [2009-10-06 16:27:00 | 00,049,152 | ---- | C] (Pinnacle Systems) -- H:\windows\System32\PCLEGetGuid.dll [2009-10-05 19:10:12 | 00,000,000 | RH-D | C] -- H:\MSOCache [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2009-10-14 11:20:14 | 00,000,156 | ---- | M] () -- H:\windows\Twunk001.MTX [2009-10-14 11:20:14 | 00,000,004 | ---- | M] () -- H:\windows\Twain001.Mtx [2009-10-14 11:18:24 | 01,110,350 | ---- | M] () -- H:\windows\System32\PerfStringBackup.INI [2009-10-14 11:18:24 | 00,497,552 | ---- | M] () -- H:\windows\System32\perfh015.dat [2009-10-14 11:18:24 | 00,438,960 | ---- | M] () -- H:\windows\System32\perfh009.dat [2009-10-14 11:18:24 | 00,088,642 | ---- | M] () -- H:\windows\System32\perfc015.dat [2009-10-14 11:18:24 | 00,071,046 | ---- | M] () -- H:\windows\System32\perfc009.dat [2009-10-14 11:16:05 | 00,002,645 | ---- | M] () -- H:\windows\System32\CONFIG.NT [2009-10-14 11:14:13 | 00,203,188 | ---- | M] () -- H:\windows\System32\nvapps.xml [2009-10-14 11:14:06 | 00,000,006 | -H-- | M] () -- H:\windows\tasks\SA.DAT [2009-10-14 11:14:03 | 00,002,048 | --S- | M] () -- H:\windows\bootstat.dat [2009-10-11 20:43:59 | 00,000,664 | ---- | M] () -- H:\windows\System32\d3d9caps.dat [2009-10-11 20:25:40 | 00,000,032 | ---- | M] () -- H:\windows\ZSAM.INI [2009-10-11 19:09:09 | 00,000,069 | ---- | M] () -- H:\windows\NeroDigital.ini [2009-10-11 19:07:25 | 00,171,520 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-10-07 20:33:06 | 00,045,056 | ---- | M] () -- H:\windows\System32\UTSCSI.EXE [2009-10-06 21:34:07 | 00,000,763 | ---- | M] () -- H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package Menu.lnk [2009-10-06 21:34:02 | 00,000,813 | ---- | M] () -- H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package VCD Maker.lnk [2009-10-06 18:21:32 | 00,000,063 | ---- | M] () -- H:\windows\PixieTool.INI [2009-10-06 18:19:42 | 00,000,349 | ---- | M] () -- H:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI [2009-10-06 16:54:25 | 01,807,984 | ---- | M] () -- H:\windows\System32\FNTCACHE.DAT [2009-10-06 16:39:50 | 00,198,840 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-10-06 16:33:41 | 00,001,582 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Pulpit\HijackThis.lnk [2009-10-05 19:20:50 | 00,000,843 | ---- | M] () -- H:\windows\win.ini [2009-10-05 15:53:43 | 00,002,206 | ---- | M] () -- H:\windows\System32\wpa.dbl [2009-10-04 00:59:13 | 01,044,604 | -H-- | M] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-10-04 00:36:47 | 00,444,952 | ---- | M] (Creative Labs) -- H:\windows\System32\wrap_oal.dll [2009-10-04 00:36:47 | 00,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- H:\windows\System32\OpenAL32.dll [2009-09-28 18:40:04 | 00,000,866 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk [2009-09-18 23:04:56 | 00,000,768 | ---- | M] () -- H:\Documents and Settings\Krzysztof\Pulpit\Skrót do Ygoow.lnk [color=#E56717]========== Files - No Company Name ==========[/color] [2009-10-11 20:44:41 | 00,000,156 | ---- | C] () -- H:\windows\Twunk001.MTX [2009-10-11 20:44:41 | 00,000,004 | ---- | C] () -- H:\windows\Twain001.Mtx [2009-10-11 20:25:40 | 00,000,032 | ---- | C] () -- H:\windows\ZSAM.INI [2009-10-07 20:33:06 | 00,045,056 | ---- | C] () -- H:\windows\System32\UTSCSI.EXE [2009-10-06 21:34:07 | 00,000,763 | ---- | C] () -- H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package Menu.lnk [2009-10-06 21:34:06 | 00,001,458 | ---- | C] () -- H:\windows\System32\LTOCX12n.INF [2009-10-06 21:34:02 | 00,000,813 | ---- | C] () -- H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Picture Package VCD Maker.lnk [2009-10-06 16:33:41 | 00,001,582 | ---- | C] () -- H:\Documents and Settings\Krzysztof\Pulpit\HijackThis.lnk [2009-10-06 16:28:31 | 00,406,016 | ---- | C] () -- H:\windows\System32\PSDrvCheck.exe [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.KOR [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.JPN [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.JP [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.ITA [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.IT [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.FRA [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.FR [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.ESP [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.ES [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.DEU [2009-10-06 16:28:31 | 00,026,624 | ---- | C] () -- H:\windows\System32\PSDrvCheck.DE [2009-10-06 16:28:31 | 00,026,112 | ---- | C] () -- H:\windows\System32\PSDrvCheck.CHT [2009-10-06 16:28:31 | 00,026,112 | ---- | C] () -- H:\windows\System32\PSDrvCheck.CHS [2009-10-06 16:28:31 | 00,016,896 | ---- | C] () -- H:\windows\System32\PSDrvCheck.NLD [2009-10-06 16:28:31 | 00,016,896 | ---- | C] () -- H:\windows\System32\PSDrvCheck.NL [2009-10-06 16:28:31 | 00,016,896 | ---- | C] () -- H:\windows\System32\PSDrvCheck.KO [2009-10-06 16:27:01 | 00,038,232 | ---- | C] () -- H:\windows\wmprfsky.prx [2009-10-06 16:27:01 | 00,037,916 | ---- | C] () -- H:\windows\wmprffra.prx [2009-10-06 16:27:01 | 00,037,014 | ---- | C] () -- H:\windows\wmprfhun.prx [2009-10-06 16:27:01 | 00,036,594 | ---- | C] () -- H:\windows\wmprfell.prx [2009-10-06 16:27:01 | 00,035,916 | ---- | C] () -- H:\windows\wmprfptg.prx [2009-10-06 16:27:01 | 00,035,680 | ---- | C] () -- H:\windows\wmprfita.prx [2009-10-06 16:27:01 | 00,035,590 | ---- | C] () -- H:\windows\wmprfesp.prx [2009-10-06 16:27:01 | 00,035,474 | ---- | C] () -- H:\windows\wmprfcsy.prx [2009-10-06 16:27:01 | 00,033,820 | ---- | C] () -- H:\windows\WMPrfDeu.prx [2009-10-06 16:27:01 | 00,033,694 | ---- | C] () -- H:\windows\wmprfptb.prx [2009-10-06 16:27:01 | 00,033,580 | ---- | C] () -- H:\windows\wmprfslv.prx [2009-10-06 16:27:01 | 00,033,336 | ---- | C] () -- H:\windows\WMPrfAra.prx [2009-10-06 16:27:01 | 00,033,314 | ---- | C] () -- H:\windows\wmprfsve.prx [2009-10-06 16:27:01 | 00,032,964 | ---- | C] () -- H:\windows\wmprfnld.prx [2009-10-06 16:27:01 | 00,032,852 | ---- | C] () -- H:\windows\wmprfnor.prx [2009-10-06 16:27:01 | 00,032,022 | ---- | C] () -- H:\windows\wmprftrk.prx [2009-10-06 16:27:01 | 00,031,764 | ---- | C] () -- H:\windows\wmprffin.prx [2009-10-06 16:27:01 | 00,031,712 | ---- | C] () -- H:\windows\wmprfdan.prx [2009-10-06 16:27:01 | 00,028,718 | ---- | C] () -- H:\windows\wmprfheb.prx [2009-10-06 16:27:01 | 00,023,304 | ---- | C] () -- H:\windows\WMPrfJpn.prx [2009-10-06 16:27:01 | 00,022,338 | ---- | C] () -- H:\windows\WMPrfKor.prx [2009-10-06 16:27:01 | 00,000,804 | ---- | C] () -- H:\windows\wmprfrus.prx [2009-10-06 16:27:01 | 00,000,136 | ---- | C] () -- H:\windows\WMPrfCHS.prx [2009-10-06 16:27:01 | 00,000,132 | ---- | C] () -- H:\windows\WMPrfCHT.prx [2009-10-06 16:26:22 | 00,000,063 | ---- | C] () -- H:\windows\PixieTool.INI [2009-10-06 16:01:11 | 00,000,349 | ---- | C] () -- H:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI [2009-10-04 00:59:13 | 01,044,604 | -H-- | C] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-09-28 18:40:04 | 00,000,866 | ---- | C] () -- H:\Documents and Settings\Krzysztof\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk [2009-07-30 22:24:15 | 00,024,575 | ---- | C] () -- H:\windows\System32\Qsusengwinsyspio49.dll [2009-07-13 22:09:50 | 00,043,520 | ---- | C] () -- H:\windows\System32\CmdLineExt03.dll [2009-06-23 14:35:45 | 00,354,816 | ---- | C] () -- H:\windows\System32\psisdecd.dll [2009-04-25 22:39:16 | 00,000,000 | ---- | C] () -- H:\windows\PlayDemo.INI [2009-04-22 18:35:37 | 00,069,632 | ---- | C] () -- H:\windows\System32\xmltok.dll [2009-04-22 18:35:37 | 00,036,864 | ---- | C] () -- H:\windows\System32\xmlparse.dll [2009-03-29 18:41:15 | 00,237,568 | ---- | C] () -- H:\windows\System32\lame_enc.dll [2009-03-28 21:27:35 | 00,138,184 | ---- | C] () -- H:\windows\System32\drivers\PnkBstrK.sys [2009-03-14 15:33:54 | 00,721,904 | ---- | C] () -- H:\windows\System32\drivers\sptd.sys [2009-03-07 22:36:23 | 00,012,288 | ---- | C] () -- H:\windows\impborl.dll [2009-03-07 22:27:48 | 00,000,011 | ---- | C] () -- H:\windows\wanpatan.ini [2009-03-02 16:56:47 | 00,210,456 | ---- | C] () -- H:\windows\System32\IVIresizeW7.dll [2009-03-02 16:56:47 | 00,198,168 | ---- | C] () -- H:\windows\System32\IVIresizeP6.dll [2009-03-02 16:56:47 | 00,194,072 | ---- | C] () -- H:\windows\System32\IVIresizePX.dll [2009-03-02 16:56:46 | 00,206,360 | ---- | C] () -- H:\windows\System32\IVIresizeA6.dll [2009-03-02 16:56:46 | 00,198,168 | ---- | C] () -- H:\windows\System32\IVIresizeM6.dll [2009-03-02 16:56:46 | 00,026,136 | ---- | C] () -- H:\windows\System32\IVIresize.dll [2009-02-28 15:38:49 | 00,000,000 | ---- | C] () -- H:\windows\mngui.INI [2009-02-26 21:55:49 | 00,171,520 | ---- | C] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-02-25 22:55:12 | 00,000,069 | ---- | C] () -- H:\windows\NeroDigital.ini [2009-02-25 20:31:40 | 00,198,840 | ---- | C] () -- H:\Documents and Settings\Krzysztof\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-02-25 20:29:05 | 00,000,062 | -HS- | C] () -- H:\Documents and Settings\Krzysztof\Dane aplikacji\desktop.ini [2009-02-25 20:26:16 | 00,000,062 | -HS- | C] () -- H:\Documents and Settings\All Users\Dane aplikacji\desktop.ini [2009-02-25 20:16:41 | 00,036,864 | ---- | C] () -- H:\windows\System32\ctrldll.dll [2009-02-25 20:12:04 | 00,000,421 | ---- | C] () -- H:\windows\ODBC.INI [2009-02-25 19:49:56 | 00,023,040 | R--- | C] () -- H:\windows\System32\drivers\GVCplDrv.sys [2009-02-25 19:39:15 | 00,005,810 | R--- | C] () -- H:\windows\System32\drivers\ASACPI.sys [2009-02-25 19:39:14 | 00,011,839 | ---- | C] () -- H:\windows\Ascd_tmp.ini [2009-02-25 19:39:03 | 00,010,288 | ---- | C] () -- H:\windows\System32\drivers\ASUSHWIO.SYS [2008-12-18 00:30:06 | 00,815,104 | ---- | C] () -- H:\windows\System32\xvidcore.dll [2008-12-18 00:30:06 | 00,180,224 | ---- | C] () -- H:\windows\System32\xvidvfw.dll [2008-11-12 15:54:00 | 01,703,936 | ---- | C] () -- H:\windows\System32\nvwdmcpl.dll [2008-11-12 15:54:00 | 01,486,848 | ---- | C] () -- H:\windows\System32\nview.dll [2008-11-12 15:54:00 | 01,019,904 | ---- | C] () -- H:\windows\System32\nvwimg.dll [2008-11-12 15:54:00 | 00,466,944 | ---- | C] () -- H:\windows\System32\nvshell.dll [2008-10-07 10:13:30 | 00,197,912 | ---- | C] () -- H:\windows\System32\physxcudart_20.dll [2008-10-07 10:13:22 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelTraditionalChinese.dll [2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelSwedish.dll [2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelSpanish.dll [2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelPortugese.dll [2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelKorean.dll [2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelJapanese.dll [2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelGerman.dll [2008-10-07 10:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelFrench.dll [2007-11-26 21:56:28 | 00,151,415 | ---- | C] () -- H:\windows\System32\xlive.dll.cat [2005-02-23 18:57:35 | 00,971,776 | ---- | C] () -- H:\windows\System32\SSCProt.dll [2004-03-18 07:44:29 | 01,663,068 | ---- | C] () -- H:\windows\System32\libmmd.dll [2002-10-16 00:54:04 | 00,153,088 | ---- | C] () -- H:\windows\System32\unrar.dll [2002-03-17 02:00:00 | 00,007,420 | ---- | C] () -- H:\windows\UA000088.DLL [2001-10-26 21:28:10 | 00,003,584 | ---- | C] () -- H:\windows\System32\iprop.dll [2001-07-22 02:16:20 | 00,000,843 | ---- | C] () -- H:\windows\win.ini [2001-07-22 02:15:52 | 00,000,284 | ---- | C] () -- H:\windows\system.ini [color=#E56717]========== LOP Check ==========[/color] [2009-10-11 20:59:58 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\All Users\Dane aplikacji [2009-08-25 14:07:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2009-02-25 20:15:28 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\ACD Systems [2009-02-25 20:05:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Ahead [2009-06-19 19:29:46 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Codemasters [2009-05-20 12:16:53 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\ConeXware [2009-02-25 20:16:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\CyberLink [2009-03-28 21:05:05 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-07-14 19:00:51 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2009-09-03 19:33:31 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Findbasic [2002-01-01 07:56:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\FLEXnet [2009-03-02 16:56:49 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\InterVideo [2009-10-06 15:57:50 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Pinnacle [2009-02-28 15:14:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Teleca [2009-09-06 16:16:04 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\TEMP [2009-04-13 19:29:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited [2009-05-20 14:18:33 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\TrackMania [2009-06-13 17:59:24 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2009-05-19 10:17:48 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems [2009-02-25 20:26:16 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Default User\Dane aplikacji [2009-08-26 19:10:23 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji [2009-02-25 20:15:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\ACD Systems [2009-04-12 22:26:02 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Ahead [2009-06-02 12:02:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Any Video Converter [2009-04-24 21:36:51 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\AVI ReComp [2009-02-25 23:00:08 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\CyberLink [2009-03-28 21:06:01 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\DAEMON Tools [2009-09-06 10:56:25 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\DAEMON Tools Lite [2009-05-03 15:42:37 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\DAEMON Tools Pro [2009-03-14 12:32:34 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Gadu-Gadu [2009-05-14 21:57:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\GetRightToGo [2009-02-28 18:42:06 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Leadertech [2009-02-25 22:15:29 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Nowe Gadu-Gadu [2009-07-27 13:40:58 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\OpenOffice.org [2009-04-20 21:57:58 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Publish Providers [2009-03-27 20:28:41 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\SecuROM [2009-04-20 21:57:34 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Sony [2009-02-26 16:34:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Teleca [2009-06-13 18:05:03 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Ubisoft [2009-03-02 18:11:13 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Ulead Systems [2009-07-29 11:49:41 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\ViStart [2009-08-10 20:38:10 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Gosia\Dane aplikacji\Xenorate [2009-10-11 21:00:03 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji [2009-02-25 20:30:53 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\ACD Systems [2009-05-16 19:53:50 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Ahead [2009-10-04 00:32:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Any Video Converter [2009-04-03 15:15:04 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\DAEMON Tools [2009-09-05 09:38:11 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\DAEMON Tools Lite [2009-05-08 20:52:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\DAEMON Tools Pro [2009-10-11 14:54:08 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Dark Sector [2009-04-25 22:26:08 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\GetRightToGo [2009-10-03 17:58:55 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\GRETECH [2009-04-07 15:54:23 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\gtk-2.0 [2009-03-03 18:25:07 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Leadertech [2009-05-08 19:10:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\NetMedia Providers [2009-06-29 19:37:32 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Nowe Gadu-Gadu [2009-05-08 20:54:49 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Off Road [2009-09-28 18:39:10 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\OpenOffice.org [2009-05-08 19:10:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Publish Providers [2009-02-27 22:04:11 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Teleca [2009-03-02 16:58:37 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Ulead Systems [2009-08-27 17:45:46 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Krzysztof\Dane aplikacji\Xenorate [2009-09-03 19:58:12 | 00,000,000 | ---D | M] -- H:\Documents and Settings\LocalService\Dane aplikacji [2009-02-25 19:34:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\NetworkService\Dane aplikacji [2009-10-12 17:19:17 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji [2009-09-04 15:05:23 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Ahead [2009-07-31 19:02:50 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\AVI ReComp [2009-09-14 19:51:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\DAEMON Tools Pro [2009-10-03 14:26:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Dark Sector [2009-07-30 21:52:00 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Flock [2009-09-20 17:34:12 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\GRETECH [2009-07-30 16:20:17 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Nowe Gadu-Gadu [2009-08-10 20:40:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\OpenOffice.org [2009-08-29 20:29:52 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\SecuROM [2009-10-10 16:25:20 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\Teleca [2009-10-01 16:20:02 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Wiktoria\Dane aplikacji\TSRWorkshop [2001-07-22 02:17:50 | 00,000,065 | RH-- | M] () -- H:\windows\Tasks\desktop.ini [2009-10-14 11:14:06 | 00,000,006 | -H-- | M] () -- H:\windows\Tasks\SA.DAT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 143 bytes -> H:\Documents and Settings\All Users\Dane aplikacji\TEMP:8CE646EE @Alternate Data Stream - 133 bytes -> H:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF < End of report > [/log] czytałem o pliku BOOT.INI i podobno jest on uszkodzony, można włożyć płytkę windows, zainstalować konsolę odzyskiwania i wpisać odpowiednią komendę ale to dla mnie trochę czarna magia, czy ktoś już to kiedyś robił??? co do moich dokumentów to proste- nie mijają 2 sekundy a tuż po zalogowaniu się na któregokolwiek użytkownika samoczynnie uruchamiają się one. tu jest adres do tego SQL który wyskakuje na samym początku w wyborze użytkownika: http://www.forumpc.pl/index.php?app=core&module=attach§ion=attach&attach_id=7841 no i dlaczego przed włączeniem kompa muszę odłączyć neta? jeśli tego nie zrobię to zawiesi się na logowaniu i ponadto słyszę dźwięki jakby się uruchamiał... a tutaj screen z błędu dll [attachment=8128:dlld.JPG]co do SQL znalazłem na innej stronce, że ktoś miał podobny problem i został poproszony o LOG z folderu C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG w moim przypadku zamiast C jest H ale znalazłem ów folder i log- Summary więc go tutaj umieszczę: [log] Microsoft SQL Server 2005 9.00.3042.00 ============================== OS Version : Microsoft Windows XP Professional Dodatek Service Pack 3 (Build 2600) Time : Mon Apr 27 22:36:55 2009 Machine : WWW-649A18D4B0C Product : Microsoft SQL Server Setup Support Files (English) Product Version : 9.00.3042.00 Install : Successful Log File : H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_SQLSupport_1.log -------------------------------------------------------------------------------- Machine : WWW-649A18D4B0C Product : Microsoft SQL Server Native Client Product Version : 9.00.3042.00 Install : Successful Log File : H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_SQLNCLI_1.log -------------------------------------------------------------------------------- Machine : WWW-649A18D4B0C Product : Microsoft SQL Server VSS Writer Product Version : 9.00.3042.00 Install : Successful Log File : H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_SqlWriter_1.log -------------------------------------------------------------------------------- Machine : WWW-649A18D4B0C Product : MSXML6 Error : The Windows Installer service cannot update the system file H:\windows\system32\msxml6r.dll because the file is protected by Windows. You may need to update your operating system for this program to work correctly. -------------------------------------------------------------------------------- Machine : WWW-649A18D4B0C Product : MSXML 6.0 Parser Product Version : 6.10.1129.0 Install : Failed Log File : H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_MSXML6_1.log Last Action : InstallFinalize Error String : The Windows Installer service cannot update the system file H:\windows\system32\msxml6r.dll because the file is protected by Windows. You may need to update your operating system for this program to work correctly. Package version: 6.0.3883.0, OS Protected version: 6.0.3883.0 Error Number : 1931 -------------------------------------------------------------------------------- SQL Server Setup failed. For more information, review the Setup log file in %ProgramFiles%\Microsoft SQL Server\90\Setup Bootstrap\LOG\Summary.txt. Time : Mon Apr 27 22:37:49 2009 List of log files: H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_Core(Local).log H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_SQLSupport_1.log H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_SQLNCLI_1.log H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_SqlWriter_1.log H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_MSXML6_1.log H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_Datastore.xml H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_.NET Framework 2.0.log H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_SNAC.log H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_Core.log H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Summary.txt H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_Support.log H:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Files\SQLSetup0001_WWW-649A18D4B0C_SCC.log [/log]co do Moich Dokumentów to też już chyba znalazłem rozwiązanie, kwestia wpisu userinit w winlogon, część userinit.exe była zdublowana więc usunąłem to co po przecinku jak radzili i zobaczymy jak uruchomię kompa następnym razem
MarekM25 komentarz 14 października 2009 komentarz 14 października 2009 Niestety/na szczęście to nie jest spowodowane wirusami. Znaczy tylko jedna rzecz z Twojej gehenny jest z nimi związana, czyli moje dokumenty przy starcie: Uruchom [b]HiJackThis[/b] i kliknij [b]Do a system scan only[/b]. Potem zaznacz wpis:[code]F2 - REG:system.ini: UserInit=H:\WINDOWS\system32\userinit.exe,userinit.exe,[/code] i kliknij [b]fix chcecked[/b] Powinno już nie być moich dokumentów przy starcie. Sprawdź czy dalej się pojawiają? Jeszcze co z logu mogę powiedzieć, ale raczej to nic nie da w tym problemie: start->uruchom->wpisz [b]msconfig[/b]-> i odznacz nie potrzebne rzeczy z Uruchamianie, ponieważ masz bardzo dużo rzeczy w autostarcie. Zaktualizuj IE do najnowszej wersji. Co do reszty problemów to załóż wątek w innych działach np Win XP lub Internet. [edit] Widzę, że na moje dokumenty już sam znalazłeś rozwiązanie.
chrisx94 komentarz 14 października 2009 Autor komentarz 14 października 2009 w takim razie tylko zostaje mi podziękować za wsparcie i jeśli jeszcze będę miał kiedyś kłopot to z pewnością napiszę
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.