BioToxic utworzono 20 listopada 2009 utworzono 20 listopada 2009 Witam po kilku latach użytkowania komputera bez praktycznie żadnego anty wirusa zlapalem coś poważnego. Komputer jest totalnie zmulony. Proces services.exe zabiera od 80% do 100% użycia procesora. Pisze tego posta z telefonu, bo jak już mówiłem pc się nie nadaje do niczego. Proszę o pomoc, mogę zrobić format, ale wolałbym nie. Przepraszam za chaotycznie napisanego posta, ale jestem bardzo zdenerwowany.
Psycholandia komentarz 20 listopada 2009 komentarz 20 listopada 2009 Daj loga z OTL: http://www.forumpc.pl/index.php?showtopic=104338 Zainstaluj darmową Avirę.
BioToxic komentarz 20 listopada 2009 Autor komentarz 20 listopada 2009 [log]OTL logfile created on: 2009-11-20 16:13:00 - Run 1 OTL by OldTimer - Version 3.1.6.0 Folder = H:\Documents and Settings\Mirek\Pulpit\Instalki Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1023,23 Mb Total Physical Memory | 440,84 Mb Available Physical Memory | 43,08% Memory free 2,40 Gb Paging File | 1,95 Gb Available in Paging File | 81,34% Paging File free Paging file location(s): H:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = H: | %SystemRoot% = H:\windows | %ProgramFiles% = H:\Program Files C: Drive not present or media not loaded Drive D: | 5,56 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded Drive H: | 149,04 Gb Total Space | 10,59 Gb Free Space | 7,11% Space Free | Partition Type: NTFS I: Drive not present or media not loaded Computer Name: DOM Current User Name: Mirek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009-11-20 16:10:55 | 00,529,408 | ---- | M] (OldTimer Tools) -- H:\Documents and Settings\Mirek\Pulpit\Instalki\OTL.exe PRC - [2009-11-06 03:14:36 | 03,152,272 | ---- | M] (Xfire Inc.) -- H:\Program Files\Xfire\Xfire.exe PRC - [2009-09-07 17:34:57 | 00,222,728 | ---- | M] (RealNetworks, Inc.) -- h:\Program Files\Real\RealPlayer\realplay.exe PRC - [2009-09-07 17:34:55 | 00,198,160 | ---- | M] (RealNetworks, Inc.) -- H:\Program Files\Common Files\Real\Update_OB\realsched.exe PRC - [2009-08-24 21:23:38 | 00,908,280 | ---- | M] (Mozilla Corporation) -- H:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-07-21 16:42:04 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- H:\WINDOWS\system32\ati2evxx.exe PRC - [2009-07-21 16:42:04 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- H:\WINDOWS\system32\ati2evxx.exe PRC - [2009-07-09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2009-05-30 11:30:26 | 00,292,136 | ---- | M] (Apple Inc.) -- H:\Program Files\iTunes\iTunesHelper.exe PRC - [2009-05-30 11:30:20 | 00,541,992 | ---- | M] (Apple Inc.) -- H:\Program Files\iPod\bin\iPodService.exe PRC - [2009-04-30 16:23:33 | 00,075,064 | ---- | M] () -- H:\WINDOWS\system32\PnkBstrA.exe PRC - [2009-04-28 10:29:16 | 00,475,136 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\ArcaVir\AVMenu.exe PRC - [2009-02-06 17:50:38 | 03,885,408 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Windows Live\Messenger\msnmsgr.exe PRC - [2009-02-06 17:39:29 | 00,227,840 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2008-12-16 18:01:32 | 00,158,216 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\ArcaVir\FileMonSV.exe PRC - [2008-12-12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- H:\Program Files\Bonjour\mDNSResponder.exe PRC - [2008-10-25 11:44:34 | 00,031,072 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe PRC - [2008-09-26 13:02:55 | 00,326,656 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\taskmqr.exe PRC - [2008-06-10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe PRC - [2008-03-22 12:50:04 | 00,565,760 | ---- | M] (http://tortoisesvn.net) -- H:\Program Files\TortoiseSVN\bin\TSVNCache.exe PRC - [2008-02-14 00:09:40 | 00,486,856 | ---- | M] (DT Soft Ltd) -- H:\Program Files\DAEMON Tools Lite\daemon.exe PRC - [2007-07-12 10:40:32 | 00,303,104 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\ArcaVir\ABregmon.exe PRC - [2007-06-29 10:28:52 | 00,212,992 | ---- | M] () -- H:\WINDOWS\VMSnap23.exe PRC - [2007-06-29 10:28:44 | 00,049,152 | ---- | M] (Vimicro) -- H:\WINDOWS\domino.exe PRC - [2007-06-28 17:23:20 | 00,094,208 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\ArcaVir\NetMonSV.exe PRC - [2007-06-13 14:23:49 | 01,034,752 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\explorer.exe PRC - [2007-05-28 17:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- H:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2007-05-04 01:32:52 | 00,961,024 | ---- | M] (Ares Development Group) -- H:\Program Files\Ares\Ares.exe PRC - [2007-04-16 14:28:22 | 00,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- H:\WINDOWS\soundman.exe PRC - [2007-02-26 16:04:48 | 00,167,936 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\ArcaUpdate\update.exe PRC - [2007-01-12 16:42:18 | 00,270,336 | ---- | M] (ArcaBit sp. z o.o.) -- H:\Program Files\ArcaBit\Common\taskscheduler.exe PRC - [2007-01-11 16:01:56 | 00,200,704 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\Common\ArcaBit.Core.Configurator2.exe PRC - [2006-12-13 04:26:42 | 00,020,480 | R--- | M] () -- H:\WINDOWS\Imgtask.exe PRC - [2006-11-02 19:40:12 | 00,174,656 | ---- | M] () -- H:\WINDOWS\system32\PSIService.exe PRC - [2006-11-02 01:17:54 | 00,298,727 | RHS- | M] () -- H:\WINDOWS\patch.exe PRC - [2006-11-02 01:17:54 | 00,298,727 | RHS- | M] () -- H:\WINDOWS\patch.exe PRC - [2006-09-09 10:16:11 | 00,196,608 | ---- | M] (PowerISO Computing, Inc.) -- H:\iso\PowerISO\PWRISOVM.EXE PRC - [2006-07-05 14:02:03 | 00,358,008 | ---- | M] (Protection Technology (StarForce)) -- H:\WINDOWS\system32\sfrem01.exe PRC - [2006-04-24 14:25:44 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- H:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2005-08-11 21:30:30 | 00,081,920 | ---- | M] (Macrovision Corporation) -- H:\Program Files\Common Files\InstallShield\UpdateService\issch.exe PRC - [2005-01-28 12:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\wdfmgr.exe PRC - [2004-10-13 17:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Messenger\msmsgs.exe PRC - [2004-08-03 23:44:28 | 00,139,776 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\taskmgr.exe PRC - [2002-10-11 08:10:00 | 00,106,560 | ---- | M] (WinZip Computing, Inc.) -- H:\Program Files\WinZip\WZQKPICK.EXE PRC - [2001-10-26 18:29:48 | 00,008,192 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\cidaemon.exe PRC - [2001-10-26 18:29:48 | 00,008,192 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\cidaemon.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2009-11-20 16:10:55 | 00,529,408 | ---- | M] (OldTimer Tools) -- H:\Documents and Settings\Mirek\Pulpit\Instalki\OTL.exe MOD - [2009-11-06 03:14:46 | 00,902,544 | ---- | M] (Xfire Inc.) -- H:\Program Files\Xfire\xfire_toucan_40120.dll MOD - [2009-03-26 16:35:39 | 00,034,224 | ---- | M] (Tonec Inc.) -- H:\Program Files\Internet Download Manager\idmmkb.dll MOD - [2006-08-25 16:51:13 | 01,054,208 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2005-01-04 23:03:22 | 00,348,160 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\msvcr71.dll MOD - [2004-08-03 23:44:16 | 00,024,064 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\wsock32.dll MOD - [2004-08-03 23:43:58 | 00,185,856 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\wbem\framedyn.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-09-08 21:12:01 | 00,304,528 | ---- | M] (Protection Technology) -- H:\windows\System32\appdrvrem01.exe -- (appdrvrem01) SRV - [2009-07-21 16:42:04 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- H:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller) SRV - [2009-07-21 09:40:00 | 00,593,920 | ---- | M] () -- H:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart) SRV - [2009-07-09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2009-05-30 11:30:20 | 00,541,992 | ---- | M] (Apple Inc.) -- H:\Program Files\iPod\bin\iPodService.exe -- (iPod Service) SRV - [2009-05-27 23:02:00 | 02,760,021 | ---- | M] (INCA Internet Co., Ltd.) -- H:\windows\System32\GameMon.des -- (npggsvc) SRV - [2009-04-30 16:23:33 | 00,075,064 | ---- | M] () -- H:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA) SRV - [2009-02-23 20:52:15 | 00,361,728 | ---- | M] (TuneUp Software GmbH) -- H:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2008-12-16 18:01:32 | 00,158,216 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\ArcaVir\FileMonSV.exe -- (ABFileMon) SRV - [2008-12-12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- H:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service) SRV - [2008-11-04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2008-10-25 11:44:08 | 00,065,888 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) SRV - [2008-07-29 20:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- h:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0) SRV - [2008-07-29 18:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc) SRV - [2008-07-29 18:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2008-07-25 10:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008-07-25 10:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state) SRV - [2008-07-18 15:05:40 | 00,028,416 | ---- | M] (TuneUp Software GmbH) -- H:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp) SRV - [2008-07-07 21:51:15 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- H:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2007-10-22 07:42:03 | 00,138,168 | ---- | M] (Google) -- H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc) SRV - [2007-10-18 17:41:46 | 01,838,592 | ---- | M] (Google) -- H:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager) SRV - [2007-06-28 17:23:20 | 00,094,208 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\ArcaVir\NetMonSV.exe -- (ABNetMon) SRV - [2007-05-28 17:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- H:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2007-04-18 20:04:44 | 00,069,120 | ---- | M] (BOONTY) -- H:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe -- (Boonty Games) SRV - [2007-03-20 02:19:14 | 00,263,168 | ---- | M] (Ares Development Group) -- H:\Program Files\Ares\chatServer.exe -- (AresChatServer) SRV - [2007-02-26 16:04:48 | 00,167,936 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\ArcaUpdate\update.exe -- (AVUpdate) SRV - [2007-01-12 16:42:18 | 00,270,336 | ---- | M] (ArcaBit sp. z o.o.) -- H:\Program Files\ArcaBit\Common\TaskScheduler.exe -- (ArcaBit.TaskScheduler) SRV - [2007-01-11 16:03:58 | 00,237,568 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\Common\ArcaBit.Core.LoggingService.exe -- (ArcaBit.Core.LoggingService) SRV - [2007-01-11 16:01:56 | 00,200,704 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\Common\ArcaBit.Core.Configurator2.exe -- (ArcaBit.Core.Configurator) SRV - [2006-11-02 19:40:12 | 00,174,656 | ---- | M] () -- H:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing) SRV - [2006-10-26 12:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2006-07-05 14:02:03 | 00,358,008 | ---- | M] (Protection Technology (StarForce)) -- H:\windows\System32\sfrem01.exe -- (sfrem01) SRV - [2006-06-05 13:59:18 | 00,174,080 | ---- | M] (Nokia.) -- H:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe -- (ServiceLayer) SRV - [2006-04-24 14:25:44 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- H:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService) SRV - [2005-01-28 12:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\wdfmgr.exe -- (UMWdf) SRV - [2004-10-22 02:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- H:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2004-08-03 23:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-11-16 14:34:46 | 00,053,312 | ---- | M] (microOLAP Technologies LTD) -- H:\WINDOWS\system32\drivers\pssdklbf.sys -- (PsSdkLBF) DRV - [2009-11-16 14:34:46 | 00,036,928 | ---- | M] (microOLAP Technologies LTD) -- H:\WINDOWS\system32\drivers\pssdk40.sys -- (PsSdk40) DRV - [2009-10-30 19:38:07 | 00,023,217 | ---- | M] (INCA Internet Co., Ltd.) -- H:\Program Files\Lineage II\system\npkcrypt.sys -- (npkcrypt) DRV - [2009-10-12 14:55:39 | 00,016,224 | ---- | M] (LogMeIn, Inc.) -- H:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2009-09-08 21:12:01 | 02,915,944 | ---- | M] (Protection Technology) -- H:\WINDOWS\system32\drivers\appdrv01.sys -- (appdrv01) DRV - [2009-07-21 17:30:48 | 03,565,056 | ---- | M] (ATI Technologies Inc.) -- H:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009-07-09 11:16:16 | 00,039,424 | ---- | M] (Apple, Inc.) -- H:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL) DRV - [2009-03-19 15:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- H:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2008-09-24 09:40:22 | 04,122,368 | R--- | M] (Realtek Semiconductor Corp.) -- H:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) DRV - [2008-05-16 13:00:36 | 00,021,920 | ---- | M] (Screaming Bee LLC) -- H:\WINDOWS\system32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER) DRV - [2008-03-04 09:51:15 | 00,716,272 | ---- | M] () -- H:\windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2007-11-13 11:25:55 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- H:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2007-09-12 13:37:47 | 00,030,208 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\ArcaVir\ABFLT.sys -- (ABFLT) DRV - [2007-05-08 14:45:02 | 00,044,032 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\ArcaVir\ABTDI.sys -- (ABTDI) DRV - [2007-04-03 16:22:12 | 00,260,224 | ---- | M] (Vimicro Corporation) -- H:\WINDOWS\system32\drivers\usbvm323.sys -- (ZSMC326) DRV - [2007-03-20 10:33:26 | 00,028,672 | ---- | M] (http://libusb-win32.sourceforge.net) -- H:\WINDOWS\system32\drivers\libusb0.sys -- (libusb0) DRV - [2007-03-08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- H:\windows\system32\DRIVERS\PxHelp20.sys -- (PxHelp20) DRV - [2006-12-02 08:49:41 | 00,271,360 | ---- | M] () -- H:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2006-12-02 08:49:40 | 00,018,048 | ---- | M] () -- H:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2006-09-09 10:31:39 | 00,030,988 | ---- | M] (PowerISO Computing, Inc.) -- H:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu) DRV - [2006-08-08 11:25:40 | 00,476,672 | ---- | M] (Vimicro Corporation) -- H:\WINDOWS\system32\drivers\vmfilter323.sys -- (vmfilter323) DRV - [2006-06-14 15:56:56 | 00,013,680 | ---- | M] (Protection Technology (StarForce)) -- H:\windows\System32\drivers\sfhlp02.sys -- (sfhlp02) DRV - [2006-05-29 08:26:38 | 00,127,488 | ---- | M] (Nokia) -- H:\WINDOWS\system32\drivers\nmwcd.sys -- (Nokia USB Phone Parent) DRV - [2006-05-29 08:26:36 | 00,013,312 | ---- | M] (Nokia) -- H:\WINDOWS\system32\drivers\nmwcdcm.sys -- (Nokia USB Modem) DRV - [2006-05-29 08:26:36 | 00,008,704 | ---- | M] (Nokia) -- H:\WINDOWS\system32\drivers\nmwcdc.sys -- (Nokia USB Generic) DRV - [2005-11-03 15:40:07 | 00,063,488 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\sfvfs02.sys -- (sfvfs02) DRV - [2005-08-10 13:44:04 | 00,050,688 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\sfdrv01.sys -- (sfdrv01) DRV - [2004-08-09 12:33:26 | 00,114,016 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\prohlp02.sys -- (prohlp02) DRV - [2004-08-09 12:29:28 | 00,053,920 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\prodrv06.sys -- (prodrv06) DRV - [2004-08-03 22:04:34 | 00,012,672 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS) DRV - [2004-07-19 15:49:54 | 00,007,040 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\prosync1.sys -- (prosync1) DRV - [2004-01-08 05:37:02 | 00,812,416 | ---- | M] (C-Media Inc) -- H:\WINDOWS\system32\drivers\cmuda.sys -- (cmuda) DRV - [2003-12-01 16:20:52 | 00,004,832 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\sfhlp01.sys -- (sfhlp01) DRV - [2003-08-04 13:22:44 | 00,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- H:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5) DRV - [2002-12-10 09:11:42 | 00,006,852 | ---- | M] () -- H:\WINDOWS\system32\drivers\Vcs.sys -- (Vcs) DRV - [2001-08-17 22:57:36 | 00,005,888 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM) DRV - [2001-08-17 22:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- H:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) DRV - [2001-08-17 21:13:08 | 00,027,165 | ---- | M] (VIA Technologies, Inc. ) -- H:\WINDOWS\system32\drivers\fetnd5.sys -- (FETNDIS) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-746137067-1202660629-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5.0&Ar=ie5update&O1=b1 IE - HKU\S-1-5-21-746137067-1202660629-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1 IE - HKU\S-1-5-21-746137067-1202660629-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com IE - HKU\S-1-5-21-746137067-1202660629-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl IE - HKU\S-1-5-21-746137067-1202660629-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-746137067-1202660629-725345543-1003\S-1-5-21-746137067-1202660629-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-746137067-1202660629-725345543-1003\S-1-5-21-746137067-1202660629-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Live Search" FF - prefs.js..browser.search.defaulturl: "http://search.live.com/results.aspx?FORM=IEFM1&q=" FF - prefs.js..browser.search.order.1: "Yahoo" FF - prefs.js..browser.search.param.yahoo-fr: "megaup" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2 FF - prefs.js..extensions.enabledItems: {582195F5-92E7-40a0-A127-DB71295901D7}:0.5.7.3 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090123.1 FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:6.7 FF - prefs.js..extensions.enabledItems: flashplugin@idm:4.1.0.067 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07 FF - prefs.js..extensions.enabledItems: {D249FD00-4DF9-11D9-9FDC-0080481ADA61}:1.1.23 FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:0.0.0 FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3789 FF - prefs.js..extensions.enabledItems: {bc03d92d-9a29-4663-a16b-26fb5538975c}:20080808 FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:3.0.3 FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20090414 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3 FF - prefs.js..keyword.URL: "http://search.live.com/results.aspx?FORM=IEFM1&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: h:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-09-02 22:40:50 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: H:\Program Files\Mozilla Firefox\components [2009-10-08 11:11:08 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: H:\Program Files\Mozilla Firefox\plugins [2009-09-13 22:18:40 | 00,000,000 | ---D | M] [2009-08-10 11:11:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Extensions [2009-08-10 11:11:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-11-20 15:56:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\extensions [2009-08-15 10:43:08 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2009-08-10 11:19:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\extensions\{582195F5-92E7-40a0-A127-DB71295901D7} [2009-08-10 11:19:53 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2009-08-15 10:43:11 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\extensions\{bc03d92d-9a29-4663-a16b-26fb5538975c} [2009-08-15 10:43:12 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2009-08-10 11:12:14 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\extensions\{D249FD00-4DF9-11D9-9FDC-0080481ADA61} [2007-11-13 14:38:08 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\extensions\{d8646e86-22ba-4f3d-8751-23c723ebd7b9} [2009-08-06 22:52:25 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2009-08-10 11:12:17 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\extensions\en-US@dictionaries.addons.mozilla.org [2008-01-22 17:01:42 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\extensions\flashplugin@idm [2008-03-04 09:55:27 | 00,002,920 | ---- | M] () -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\searchplugins\daemon-search.xml [2009-07-28 09:55:26 | 00,001,632 | ---- | M] () -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\searchplugins\live-search.xml [2009-01-08 21:19:51 | 00,001,274 | ---- | M] () -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\searchplugins\pwn-sjp.xml [2008-04-03 20:42:20 | 00,000,615 | ---- | M] () -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\searchplugins\yahoo-search.xml [2009-11-20 15:56:37 | 00,000,000 | ---D | M] -- H:\Program Files\Mozilla Firefox\extensions [2009-09-13 22:18:40 | 00,000,000 | ---D | M] -- H:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-08-24 09:54:22 | 00,000,000 | ---D | M] -- H:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2008-01-09 20:48:18 | 00,000,000 | ---D | M] -- H:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [2008-08-13 11:49:32 | 00,000,000 | ---D | M] -- H:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [2009-08-24 21:23:38 | 00,023,544 | ---- | M] (Mozilla Foundation) -- H:\Program Files\Mozilla Firefox\components\browserdirprovider.dll [2009-08-24 21:23:38 | 00,137,208 | ---- | M] (Mozilla Foundation) -- H:\Program Files\Mozilla Firefox\components\brwsrcmp.dll [2007-10-18 17:32:34 | 00,135,680 | ---- | M] (Google) -- H:\Program Files\Mozilla Firefox\components\GoogleDesktopMozilla.dll [2007-08-07 12:35:32 | 00,049,152 | ---- | M] (Adobe Systems, Inc.) -- H:\Program Files\Mozilla Firefox\plugins\np32dsw.dll [2008-11-21 22:45:04 | 01,332,224 | ---- | M] (DivX,Inc.) -- H:\Program Files\Mozilla Firefox\plugins\npdivx32.dll [2008-08-19 16:31:28 | 00,098,304 | ---- | M] (ASP) -- H:\Program Files\Mozilla Firefox\plugins\NPHoldemFireLauncher.dll [2007-11-29 11:00:52 | 00,066,208 | ---- | M] (Joost Technologies B.V. ) -- H:\Program Files\Mozilla Firefox\plugins\npJoostPlugin.dll [2009-02-11 14:57:22 | 00,172,032 | ---- | M] (MGame) -- H:\Program Files\Mozilla Firefox\plugins\NPMFireLauncher.dll [2009-08-24 21:23:38 | 00,065,016 | ---- | M] (mozilla.org) -- H:\Program Files\Mozilla Firefox\plugins\npnul32.dll [2006-10-26 19:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL [2009-09-07 17:35:13 | 00,140,864 | ---- | M] (RealNetworks, Inc.) -- H:\Program Files\Mozilla Firefox\plugins\nppl3260.dll [2009-08-12 20:26:02 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll [2009-08-12 20:26:02 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll [2009-08-12 20:26:02 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll [2009-08-12 20:26:02 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll [2009-08-12 20:26:02 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll [2009-08-12 20:26:02 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll [2009-08-12 20:26:02 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll [2009-08-12 20:26:02 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\Mozilla Firefox\plugins\npqtplugin8.dll [2009-09-07 17:35:18 | 00,008,192 | ---- | M] (RealNetworks, Inc.) -- H:\Program Files\Mozilla Firefox\plugins\nprjplug.dll [2009-09-07 17:35:10 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- H:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll [2009-08-24 20:19:13 | 00,002,767 | ---- | M] () -- H:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2009-08-24 20:19:13 | 00,001,406 | ---- | M] () -- H:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2009-08-24 20:19:13 | 00,002,371 | ---- | M] () -- H:\Program Files\Mozilla Firefox\searchplugins\google.xml [2009-08-24 20:19:13 | 00,000,917 | ---- | M] () -- H:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2009-08-24 20:19:13 | 00,000,858 | ---- | M] () -- H:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2009-08-24 20:19:13 | 00,001,183 | ---- | M] () -- H:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2009-08-24 20:19:13 | 00,001,683 | ---- | M] () -- H:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: (988 bytes) - H:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 69.16.243.105 L2authd.lineage2.com O1 - Hosts: 69.16.243.105 L2testauthd.lineage2.com O1 - Hosts: 69.16.243.105 auth.lineage2.com.tw O1 - Hosts: 69.16.243.105 auth.lineage2.jp O1 - Hosts: 69.16.243.105 L2auth.Lineage2.in.th O1 - Hosts: 69.16.243.105 L2auth.Lineage2.ph O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - H:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.) O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - H:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation) O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Winamp Toolbar BHO) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - H:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC) O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - H:\Program Files\FlashGet\jccatch.dll (www.flashget.com) O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - H:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll (BitComet) O2 - BHO: (no name) - {3BDEF609-4137-4BD2-9D10-95D4FEC2BE9C} - H:\WINDOWS\system32\combddin.dll () O2 - BHO: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - H:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD ) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (no name) - {85F685C3-20D9-4943-95E4-EB4224056C3F} - No CLSID value found. O2 - BHO: (Pomocnik rejestracji usługi Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - h:\Program Files\Google\GoogleToolbar2.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll (Google Inc.) O2 - BHO: (IECatcher Class) - {B930BA63-9E5A-11D3-A288-0000E80E2EDE} - H:\Program Files\Mass Downloader\mdhelper.dll () O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - H:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - H:\Program Files\FlashGet\getflash.dll (www.flashget.com) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - H:\Documents and Settings\Mirek\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - h:\Program Files\Google\GoogleToolbar2.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - H:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD ) O3 - HKLM\..\Toolbar: (no name) - {85F685C3-20D9-4943-95E4-EB4224056C3F} - No CLSID value found. O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - H:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation) O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - H:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - H:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKU\S-1-5-21-746137067-1202660629-725345543-1003\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - h:\Program Files\Google\GoogleToolbar2.dll (Google Inc.) O3 - HKU\S-1-5-21-746137067-1202660629-725345543-1003\..\Toolbar\ShellBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - H:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC) O3 - HKU\S-1-5-21-746137067-1202660629-725345543-1003\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - h:\Program Files\Google\GoogleToolbar2.dll (Google Inc.) O3 - HKU\S-1-5-21-746137067-1202660629-725345543-1003\..\Toolbar\WebBrowser: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - H:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD ) O3 - HKU\S-1-5-21-746137067-1202660629-725345543-1003\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - H:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC) O3 - HKU\S-1-5-21-746137067-1202660629-725345543-1003\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - H:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [ABRegmon] H:\Program Files\ArcaBit\ArcaVir\ABregmon.exe (ArcaBit) O4 - HKLM..\Run: [Adobe Gama Loader.Ink] H:\WINDOWS\system32\taskmqr.exe (Microsoft Corporation) O4 - HKLM..\Run: [ArcaCheck] H:\Program Files\ArcaBit\ArcaVir\ArcaCheck.exe (ArcaBit) O4 - HKLM..\Run: [AvMenu] H:\Program Files\ArcaBit\ArcaVir\AVMenu.exe (ArcaBit) O4 - HKLM..\Run: [BigDogPath323Domino] H:\WINDOWS\domino.exe (Vimicro) O4 - HKLM..\Run: [BigDogPath323VMSnap] H:\WINDOWS\VMSnap23.exe () O4 - HKLM..\Run: [GrooveMonitor] H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [ImgTask] H:\WINDOWS\Imgtask.exe () O4 - HKLM..\Run: [ISUSPM Startup] H:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) O4 - HKLM..\Run: [ISUSScheduler] H:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation) O4 - HKLM..\Run: [iTunesHelper] H:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [PWRISOVM.EXE] H:\iso\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.) O4 - HKLM..\Run: [SoundMan] H:\windows\soundman.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [StartCCC] H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TkBellExe] H:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-21-746137067-1202660629-725345543-1003..\Run: [ares] H:\Program Files\Ares\Ares.exe (Ares Development Group) O4 - HKU\S-1-5-21-746137067-1202660629-725345543-1003..\Run: [DAEMON Tools Lite] H:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-746137067-1202660629-725345543-1003..\Run: [EA Core] H:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts) O4 - HKU\S-1-5-21-746137067-1202660629-725345543-1003..\Run: [Gadu-Gadu] H:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) O4 - HKU\S-1-5-21-746137067-1202660629-725345543-1003..\Run: [iPhone PC Suite] H:\Documents and Settings\Mirek\Pulpit\Programy\iPhone PC Suite 2.3.1.86\iPhone PC Suite.exe () O4 - HKU\S-1-5-21-746137067-1202660629-725345543-1003..\Run: [Mousotron] H:\Program Files\Mousotron\Mousotron.exe (Blacksun Software) O4 - HKU\S-1-5-21-746137067-1202660629-725345543-1003..\Run: [MSMSGS] H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-746137067-1202660629-725345543-1003..\Run: [msnmsgr] H:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-746137067-1202660629-725345543-1003..\Run: [Nowe Gadu-Gadu] H:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.) O4 - Startup: H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = H:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O4 - Startup: H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\WinZip Quick Pick.lnk = H:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.) O4 - Startup: H:\Documents and Settings\Mirek\Menu Start\Programy\Autostart\Xfire.lnk = H:\Program Files\Xfire\Xfire.exe (Xfire Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-746137067-1202660629-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data] O8 - Extra context menu item: &D&ownload &with BitComet - H:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: &D&ownload all video with BitComet - H:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: &D&ownload all with BitComet - H:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: &Sciagnij przy pomocy FlashGet'a - Reg Error: Value error. File not found O8 - Extra context menu item: &Sciagnij wszystko przy pomocy FlashGet'a - Reg Error: Value error. File not found O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - H:\Program Files\FlashGet\JC_LINK.HTM () O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - H:\Program Files\FlashGet\JC_ALL.HTM () O8 - Extra context menu item: &Winamp Toolbar Search - H:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html () O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - H:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Œci¹gnij przez IDM - H:\Program Files\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Œci¹gnij wszystkie linki przez IDM - H:\Program Files\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Œci¹gnij zawartoœæ wideo FLV przez IDM - H:\Program Files\Internet Download Manager\IEGetVL.htm () O8 - Extra context menu item: Pobierz &Wszystko u¿ywaj¹c Mass Downloader'a - H:\Program Files\Mass Downloader\add_all.htm () O8 - Extra context menu item: Pobierz &Wszystko uzywajac Mass Downloader'a - Reg Error: Value error. File not found O8 - Extra context menu item: Pobierz &Wszystko używając Mass Downloader'a - H:\Program Files\Mass Downloader\add_all.htm () O8 - Extra context menu item: Pobierz u¿ywaj¹c &Mass Downloader'a - H:\Program Files\Mass Downloader\add_url.htm () O8 - Extra context menu item: Pobierz uzywajac &Mass Downloader'a - Reg Error: Value error. File not found O8 - Extra context menu item: Pobierz używając &Mass Downloader'a - H:\Program Files\Mass Downloader\add_url.htm () O8 - Extra context menu item: Pobierz z &BitSpirit - H:\Program Files\BitSpirit\bsurl.htm () O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.) O9 - Extra Button: Mass Downloader - {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - H:\Program Files\Mass Downloader\massdown.exe (MetaProducts corp.) O9 - Extra 'Tools' menuitem : &Mass Downloader - {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - H:\Program Files\Mass Downloader\massdown.exe (MetaProducts corp.) O9 - Extra Button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - H:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll (BitComet) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - H:\Program Files\FlashGet\flashget.exe (FlashGet.com) O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - H:\Program Files\FlashGet\flashget.exe (FlashGet.com) O9 - Extra Button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - H:\Program Files\Ghost Navigator2_8_1\Ghost.exe (NetScop.Net) O9 - Extra 'Tools' menuitem : Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - H:\Program Files\Ghost Navigator2_8_1\Ghost.exe (NetScop.Net) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - H:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found O12 - Plugin for: .spop - H:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - H:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - H:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - H:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - H:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - H:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (H:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - H:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (Explorer.exe) - H:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - ("H:\windows\patch.exe") - H:\windows\patch.exe () O20 - HKLM Winlogon: UserInit - ("H:\windows\patch.exe") - H:\windows\patch.exe () O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - H:\windows\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\TS_LogonListener: DllName - TS_LogonListener.dll - H:\windows\System32\TS_LogonListener.dll (ArcaBit sp. z o.o.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-04-30 03:57:32 | 00,054,544 | R--- | M] (Electronic Arts) - D:\Autorun.exe -- [ UDF ] O32 - AutoRun File - [2008-10-22 00:48:37 | 00,000,045 | R--- | M] () - D:\Autorun.inf -- [ UDF ] O32 - AutoRun File - [2008-04-04 23:02:44 | 00,000,000 | ---D | M] - H:\Automap -- [ NTFS ] O33 - MountPoints2\{82a39c31-bb03-11de-827e-001e7418ab07}\Shell\AutoRun\command - "" = C:\3n8awsyg.exe -- File not found O33 - MountPoints2\{82a39c31-bb03-11de-827e-001e7418ab07}\Shell\open\Command - "" = C:\3n8awsyg.exe -- File not found O33 - MountPoints2\{a8738290-f628-11dd-80cd-4d6564696130}\Shell - "" = AutoRun O33 - MountPoints2\{f716887c-7df6-11db-b6d8-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{f716887c-7df6-11db-b6d8-806d6172696f}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2009-04-30 03:57:32 | 00,054,544 | R--- | M] (Electronic Arts) O33 - MountPoints2\{fc57172e-9c44-11de-822c-001e7418ab07}\Shell\AutoRun\command - "" = 86l2qw.bat O33 - MountPoints2\{fc57172e-9c44-11de-822c-001e7418ab07}\Shell\open\Command - "" = 86l2qw.bat O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - H:\windows\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-11-09 11:55:42 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Mirek\Pulpit\Interlude sys org [2009-11-09 11:19:56 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Mirek\Pulpit\Nowy folder (3) [2009-11-08 20:37:13 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Mirek\Pulpit\l2 darkzone [2009-11-04 18:51:11 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Mirek\Pulpit\l2inf [2009-11-03 19:24:18 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Mirek\Pulpit\L2tiberius [2009-11-01 13:57:29 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Mirek\Pulpit\l2 wloch [2009-11-01 10:42:06 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Mirek\Pulpit\L2c [2009-10-30 17:58:57 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Mirek\Pulpit\L2 gracia final sys itp [2009-10-30 17:43:27 | 00,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- H:\windows\System32\npptNT2.sys [2009-10-30 17:28:00 | 00,000,000 | ---D | C] -- H:\Program Files\Lineage II [2009-10-29 16:34:50 | 00,000,000 | RH-D | C] -- H:\Documents and Settings\Mirek\Recent [2009-10-26 20:15:36 | 00,000,000 | ---D | C] -- H:\Program Files\THQ [2009-10-24 23:32:43 | 00,000,000 | ---D | C] -- H:\Program Files\LD-Anime [2009-10-24 23:27:46 | 00,000,000 | ---D | C] -- H:\Program Files\Combined Community Codec Pack [2009-10-21 18:28:58 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Mirek\Pulpit\Theme_105 [2009-10-21 18:28:13 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Mirek\Pulpit\Inaise.theme [2009-10-21 17:48:48 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Mirek\Ustawienia lokalne\Dane aplikacji\Cranium_Consulting_and_Cu [2009-10-21 17:47:57 | 00,000,000 | ---D | C] -- H:\Program Files\iPhoneBrowser [7 H:\windows\System32\*.tmp files -> H:\windows\System32\*.tmp -> ] [4 H:\windows\*.tmp files -> H:\windows\*.tmp -> ] [1 H:\Documents and Settings\Mirek\Pulpit\*.tmp files -> H:\Documents and Settings\Mirek\Pulpit\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2009-11-20 16:00:02 | 00,000,540 | ---- | M] () -- H:\windows\tasks\Konserwacja jednym kliknięciem.job [2009-11-20 15:11:45 | 00,000,260 | ---- | M] () -- H:\windows\tasks\WGASetup.job [2009-11-20 15:11:23 | 00,000,006 | -H-- | M] () -- H:\windows\tasks\SA.DAT [2009-11-20 15:11:15 | 00,002,048 | --S- | M] () -- H:\windows\bootstat.dat [2009-11-20 14:58:37 | 00,002,267 | ---- | M] () -- H:\Documents and Settings\All Users\Pulpit\Skype.lnk [2009-11-19 23:32:17 | 16,252,928 | -H-- | M] () -- H:\Documents and Settings\Mirek\NTUSER.DAT [2009-11-19 23:31:56 | 00,000,292 | -HS- | M] () -- H:\Documents and Settings\Mirek\ntuser.ini [2009-11-19 16:00:19 | 00,002,206 | ---- | M] () -- H:\windows\System32\wpa.dbl [2009-11-18 20:39:53 | 00,001,723 | ---- | M] () -- H:\Documents and Settings\Mirek\Pulpit\The Sims™ 3.lnk [2009-11-16 21:48:40 | 00,215,104 | ---- | M] () -- H:\windows\System32\PnkBstrB.xtr [2009-11-16 21:48:40 | 00,215,104 | ---- | M] () -- H:\windows\System32\PnkBstrB.exe [2009-11-16 21:48:34 | 00,138,576 | ---- | M] () -- H:\windows\System32\drivers\PnkBstrK.sys [2009-11-16 14:44:44 | 00,002,603 | ---- | M] () -- H:\windows\l2control.ini [2009-11-16 14:34:46 | 00,053,312 | ---- | M] (microOLAP Technologies LTD) -- H:\windows\System32\drivers\pssdklbf.sys [2009-11-16 14:34:46 | 00,036,928 | ---- | M] (microOLAP Technologies LTD) -- H:\windows\System32\drivers\pssdk40.sys [2009-11-14 16:53:54 | 00,000,284 | ---- | M] () -- H:\windows\tasks\AppleSoftwareUpdate.job [2009-11-13 17:15:51 | 00,000,376 | ---- | M] () -- H:\windows\tasks\1-Click Maintenance.job [2009-11-12 23:59:45 | 00,000,116 | ---- | M] () -- H:\windows\NeroDigital.ini [2009-11-12 18:19:40 | 00,014,042 | ---- | M] () -- H:\Documents and Settings\Mirek\Pulpit\Pod hasłem.docx [2009-11-12 12:45:37 | 01,568,152 | ---- | M] () -- H:\windows\System32\FNTCACHE.DAT [2009-11-11 22:27:01 | 02,647,236 | -H-- | M] () -- H:\Documents and Settings\Mirek\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-11-10 21:45:34 | 00,000,844 | ---- | M] () -- H:\Documents and Settings\All Users\Pulpit\ACP.lnk [2009-11-10 14:23:51 | 00,000,683 | ---- | M] () -- H:\Documents and Settings\Mirek\Pulpit\Play InfiniteL2.lnk [2009-11-09 17:33:09 | 00,074,008 | ---- | M] () -- H:\Documents and Settings\Mirek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-11-09 14:37:42 | 00,001,553 | ---- | M] () -- H:\Documents and Settings\All Users\Pulpit\Settlers IV - Z³ota Edycja.lnk [2009-11-06 03:14:42 | 00,041,872 | ---- | M] () -- H:\windows\System32\xfcodec.dll [2009-11-05 18:36:21 | 26,768,832 | ---- | M] (Microsoft Corporation) -- H:\windows\System32\MRT.exe [2009-11-04 22:21:52 | 00,001,374 | ---- | M] () -- H:\windows\imsins.BAK [2009-10-28 21:32:45 | 00,001,061 | ---- | M] () -- H:\Documents and Settings\Mirek\Pulpit\Skrót do ArtificialAiming-Radar-v2.6.exe.lnk [2009-10-27 18:23:47 | 00,000,063 | ---- | M] () -- H:\windows\vbaddin.ini [2009-10-27 18:16:23 | 00,001,377 | ---- | M] () -- H:\windows\win.ini [2009-10-25 19:38:28 | 00,469,914 | ---- | M] () -- H:\windows\System32\perfh015.dat [2009-10-25 19:38:28 | 00,444,996 | ---- | M] () -- H:\windows\System32\perfh009.dat [2009-10-25 19:38:28 | 00,072,962 | ---- | M] () -- H:\windows\System32\perfc015.dat [2009-10-25 19:38:28 | 00,072,428 | ---- | M] () -- H:\windows\System32\perfc009.dat [2009-10-25 11:24:07 | 00,525,946 | ---- | M] () -- H:\windows\System32\PerfStringBackup.INI [2009-10-22 19:06:15 | 00,000,933 | ---- | M] () -- H:\Documents and Settings\Mirek\Pulpit\Skrót do Run_S.T.A.L.K.E.R Clear Sky.cmd.lnk [2009-10-21 18:29:37 | 00,000,600 | ---- | M] () -- H:\Documents and Settings\Mirek\Dane aplikacji\winscp.rnd [2009-10-21 17:42:25 | 00,000,606 | ---- | M] () -- H:\Documents and Settings\Mirek\Pulpit\WinSCP.lnk [7 H:\windows\System32\*.tmp files -> H:\windows\System32\*.tmp -> ] [4 H:\windows\*.tmp files -> H:\windows\*.tmp -> ] [1 H:\Documents and Settings\Mirek\Pulpit\*.tmp files -> H:\Documents and Settings\Mirek\Pulpit\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2009-11-18 20:39:53 | 00,001,723 | ---- | C] () -- H:\Documents and Settings\Mirek\Pulpit\The Sims™ 3.lnk [2009-11-12 17:51:14 | 00,014,042 | ---- | C] () -- H:\Documents and Settings\Mirek\Pulpit\Pod hasłem.docx [2009-11-10 21:45:34 | 00,000,844 | ---- | C] () -- H:\Documents and Settings\All Users\Pulpit\ACP.lnk [2009-11-09 14:37:42 | 00,001,553 | ---- | C] () -- H:\Documents and Settings\All Users\Pulpit\Settlers IV - Z³ota Edycja.lnk [2009-11-06 03:14:42 | 00,041,872 | ---- | C] () -- H:\windows\System32\xfcodec.dll [2009-11-04 22:21:49 | 00,001,374 | ---- | C] () -- H:\windows\imsins.BAK [2009-10-30 17:43:27 | 00,005,174 | ---- | C] () -- H:\windows\System32\nppt9x.vxd [2009-10-30 17:41:06 | 05,586,046 | ---- | C] () -- H:\Documents and Settings\Mirek\Pulpit\Giran_Village_T.utx [2009-10-28 21:32:45 | 00,001,061 | ---- | C] () -- H:\Documents and Settings\Mirek\Pulpit\Skrót do ArtificialAiming-Radar-v2.6.exe.lnk [2009-10-23 23:52:32 | 00,427,668 | ---- | C] () -- H:\Documents and Settings\Mirek\Pulpit\l2.exe [2009-10-22 19:06:15 | 00,000,933 | ---- | C] () -- H:\Documents and Settings\Mirek\Pulpit\Skrót do Run_S.T.A.L.K.E.R Clear Sky.cmd.lnk [2009-10-21 17:42:25 | 00,000,606 | ---- | C] () -- H:\Documents and Settings\Mirek\Pulpit\WinSCP.lnk [2009-09-11 18:14:09 | 00,000,250 | ---- | C] () -- H:\windows\XIIIHooligans.ini [2009-09-07 21:25:07 | 02,647,236 | -H-- | C] () -- H:\Documents and Settings\Mirek\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-08-08 17:48:17 | 00,002,603 | ---- | C] () -- H:\windows\l2control.ini [2009-06-06 21:49:05 | 00,000,046 | ---- | C] () -- H:\windows\adiras.ini [2009-06-06 21:29:38 | 00,028,672 | R--- | C] () -- H:\windows\System32\adinst32.dll [2009-04-21 23:19:06 | 00,172,173 | ---- | C] () -- H:\windows\System32\xlive.dll.cat [2009-02-13 15:18:26 | 00,020,480 | ---- | C] () -- H:\windows\System32\H@tKeysH@@k.DLL [2008-11-29 20:50:54 | 00,000,082 | ---- | C] () -- H:\windows\mafosav.INI [2008-11-29 19:50:52 | 00,000,000 | ---- | C] () -- H:\windows\System32\msexcr.ini [2008-11-26 23:33:50 | 00,001,268 | ---- | C] () -- H:\windows\bestplayer.ini [2008-11-09 23:53:37 | 00,000,094 | ---- | C] () -- H:\windows\bpw.ini [2008-10-30 16:09:45 | 00,000,600 | ---- | C] () -- H:\Documents and Settings\Mirek\Dane aplikacji\winscp.rnd [2008-10-07 08:13:30 | 00,197,912 | ---- | C] () -- H:\windows\System32\physxcudart_20.dll [2008-10-07 08:13:22 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelTraditionalChinese.dll [2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelSwedish.dll [2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelSpanish.dll [2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelPortugese.dll [2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelKorean.dll [2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelJapanese.dll [2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelGerman.dll [2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelFrench.dll [2008-10-02 14:03:36 | 00,002,243 | ---- | C] () -- H:\windows\wincmd.ini [2008-09-22 14:57:56 | 00,000,110 | ---- | C] () -- H:\windows\GMouse.ini [2008-07-16 17:27:27 | 00,001,045 | ---- | C] () -- H:\windows\ARPR.INI [2008-06-30 17:49:13 | 00,181,248 | ---- | C] () -- H:\windows\System32\PPUNINST.dll [2008-06-30 17:49:13 | 00,036,864 | ---- | C] () -- H:\windows\System32\PDUNINST.DLL [2008-06-06 14:25:59 | 00,860,211 | --S- | C] () -- H:\windows\System32\XSIFtk-3.6.2.1.dll [2008-04-24 17:31:29 | 00,000,000 | ---- | C] () -- H:\windows\PROTOCOL.INI [2008-04-24 17:01:25 | 00,000,952 | -HS- | C] () -- H:\windows\System32\KGyGaAvL.sys [2008-04-24 17:01:25 | 00,000,088 | RHS- | C] () -- H:\windows\System32\86981EB56D.sys [2008-03-04 13:01:35 | 00,014,848 | ---- | C] () -- H:\windows\System32\combddin.dll [2008-01-19 23:30:09 | 00,000,097 | ---- | C] () -- H:\windows\System32\PICSDK.ini [2008-01-19 23:09:16 | 00,000,026 | ---- | C] () -- H:\windows\CDE DX4400DEFGIPS.ini [2008-01-03 15:39:44 | 00,404,992 | ---- | C] () -- H:\windows\System32\libmplayer.dll [2008-01-03 15:39:25 | 00,122,880 | ---- | C] () -- H:\windows\System32\libmpeg2_ff.dll [2008-01-03 15:39:21 | 03,097,088 | ---- | C] () -- H:\windows\System32\libavcodec.dll [2008-01-03 15:38:43 | 00,026,624 | ---- | C] () -- H:\windows\System32\ff_wmv9.dll [2008-01-03 15:38:39 | 00,056,320 | ---- | C] () -- H:\windows\System32\ff_unrar.dll [2008-01-03 15:38:36 | 00,102,912 | ---- | C] () -- H:\windows\System32\ff_tremor.dll [2008-01-03 15:38:28 | 00,188,416 | ---- | C] () -- H:\windows\System32\ff_theora.dll [2008-01-03 15:38:20 | 00,118,784 | ---- | C] () -- H:\windows\System32\ff_realaac.dll [2008-01-03 15:38:15 | 00,143,360 | ---- | C] () -- H:\windows\System32\ff_libmad.dll [2008-01-03 15:38:10 | 00,397,312 | ---- | C] () -- H:\windows\System32\ff_libfaad2.dll [2008-01-03 15:37:58 | 00,167,936 | ---- | C] () -- H:\windows\System32\ff_libdts.dll [2008-01-03 15:37:53 | 00,054,784 | ---- | C] () -- H:\windows\System32\ff_liba52.dll [2008-01-03 15:37:26 | 00,009,216 | ---- | C] () -- H:\windows\System32\cpuinf32.dll [2008-01-03 15:36:11 | 01,559,040 | ---- | C] () -- H:\windows\System32\xvidcore.dll [2008-01-03 15:35:36 | 00,123,392 | ---- | C] () -- H:\windows\System32\ogm.dll [2008-01-03 15:35:31 | 00,110,592 | ---- | C] () -- H:\windows\System32\avi.dll [2008-01-03 15:35:19 | 00,167,936 | ---- | C] () -- H:\windows\System32\ts.dll [2008-01-03 15:35:10 | 00,142,848 | ---- | C] () -- H:\windows\System32\mp4.dll [2008-01-03 15:35:05 | 00,079,360 | ---- | C] () -- H:\windows\System32\mkzlib.dll [2008-01-03 15:35:00 | 00,151,040 | ---- | C] () -- H:\windows\System32\mkx.dll [2008-01-03 15:34:49 | 00,023,552 | ---- | C] () -- H:\windows\System32\mkunicode.dll [2007-12-19 10:41:43 | 00,237,568 | ---- | C] () -- H:\windows\System32\lame_enc.dll [2007-12-17 20:24:59 | 00,000,118 | ---- | C] () -- H:\windows\cdplayer.ini [2007-12-17 19:26:35 | 00,034,308 | ---- | C] () -- H:\windows\System32\BASSMOD.dll [2007-12-17 19:18:17 | 00,006,852 | ---- | C] () -- H:\windows\System32\drivers\Vcs.sys [2007-11-27 19:21:44 | 00,138,576 | ---- | C] () -- H:\windows\System32\drivers\PnkBstrK.sys [2007-11-27 19:21:44 | 00,022,328 | ---- | C] () -- H:\Documents and Settings\Mirek\Dane aplikacji\PnkBstrK.sys [2007-11-22 14:46:32 | 00,000,319 | ---- | C] () -- H:\windows\game.ini [2007-10-04 12:28:37 | 00,000,360 | ---- | C] () -- H:\windows\Makao.ini [2007-09-29 08:50:08 | 00,000,160 | ---- | C] () -- H:\windows\Ricochet Lost WorldsCD.INI [2007-08-31 20:54:22 | 00,000,202 | ---- | C] () -- H:\windows\ROM2 Map Editor.INI [2007-04-23 09:49:42 | 00,000,116 | ---- | C] () -- H:\windows\NeroDigital.ini [2007-04-19 14:22:51 | 00,000,189 | ---- | C] () -- H:\windows\GSdx9-sse2.INI [2007-04-19 14:17:42 | 00,000,189 | ---- | C] () -- H:\windows\GSdx9-sse-TT.INI [2007-04-12 18:18:39 | 00,000,196 | ---- | C] () -- H:\windows\GSdx9-sse2-icc-TT.INI [2007-03-01 12:27:05 | 00,000,564 | ---- | C] () -- H:\windows\ODBC.INI [2007-01-12 14:45:09 | 00,000,183 | ---- | C] () -- H:\windows\disneysy.ini [2007-01-07 22:52:12 | 00,000,151 | ---- | C] () -- H:\windows\PhotoSnapViewer.INI [2007-01-06 21:31:03 | 00,017,920 | ---- | C] () -- H:\windows\System32\IMPLODE.DLL [2007-01-01 19:01:11 | 00,069,632 | R--- | C] () -- H:\windows\System32\xmltok.dll [2007-01-01 19:01:11 | 00,036,864 | R--- | C] () -- H:\windows\System32\xmlparse.dll [2006-12-18 15:03:46 | 00,716,272 | ---- | C] () -- H:\windows\System32\drivers\sptd.sys [2006-12-16 12:20:58 | 00,000,155 | ---- | C] () -- H:\windows\winamp.ini [2006-12-12 20:59:02 | 00,000,095 | ---- | C] () -- H:\windows\alik.ini [2006-12-11 18:27:26 | 00,012,538 | ---- | C] () -- H:\Program Files\INSTALL.LOG [2006-12-11 18:27:25 | 00,129,024 | ---- | C] () -- H:\Program Files\UNWISE.EXE [2006-12-09 12:44:18 | 00,056,320 | R--- | C] () -- H:\windows\System32\Iyvu9_32.dll [2006-12-09 12:44:11 | 00,010,240 | ---- | C] () -- H:\windows\System32\vidx16.dll [2006-12-07 17:35:43 | 00,061,952 | ---- | C] () -- H:\Documents and Settings\Mirek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006-12-02 08:49:41 | 00,271,360 | ---- | C] () -- H:\windows\System32\drivers\atksgt.sys [2006-12-02 08:49:40 | 00,018,048 | ---- | C] () -- H:\windows\System32\drivers\lirsgt.sys [2006-12-01 18:15:26 | 00,001,866 | ---- | C] () -- H:\windows\disney.ini [2006-11-28 15:58:55 | 00,000,023 | ---- | C] () -- H:\windows\BlendSettings.ini [2006-11-28 13:16:03 | 00,000,227 | ---- | C] () -- H:\windows\RtlRack.ini [2006-11-28 13:15:40 | 00,147,456 | ---- | C] () -- H:\windows\System32\RtlCPAPI.dll [2006-11-28 13:08:08 | 00,000,092 | ---- | C] () -- H:\windows\CMISETUP.INI [2006-11-28 13:08:07 | 00,000,057 | ---- | C] () -- H:\windows\Wininit.ini [2006-11-28 13:08:07 | 00,000,026 | ---- | C] () -- H:\windows\CMCDPLAY.INI [2006-11-28 13:08:06 | 00,028,672 | ---- | C] () -- H:\windows\System32\cmirmdrv.dll [2006-11-28 13:07:59 | 00,028,672 | ---- | C] () -- H:\windows\CMIRmDriver.dll [2006-11-28 12:30:46 | 00,000,130 | ---- | C] () -- H:\Documents and Settings\Mirek\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2006-11-27 16:14:59 | 00,074,008 | ---- | C] () -- H:\Documents and Settings\Mirek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2006-11-27 10:15:52 | 00,000,062 | -HS- | C] () -- H:\Documents and Settings\All Users\Dane aplikacji\desktop.ini [2006-11-27 10:08:49 | 00,000,062 | -HS- | C] () -- H:\Documents and Settings\Mirek\Dane aplikacji\desktop.ini [2006-06-29 13:58:52 | 00,030,808 | ---- | C] () -- H:\windows\Fonts\GlobalUserInterface.CompositeFont [2006-06-29 13:53:56 | 00,026,489 | ---- | C] () -- H:\windows\Fonts\GlobalSansSerif.CompositeFont [2006-04-18 14:39:28 | 00,029,779 | ---- | C] () -- H:\windows\Fonts\GlobalSerif.CompositeFont [2006-04-18 14:39:28 | 00,026,040 | ---- | C] () -- H:\windows\Fonts\GlobalMonospace.CompositeFont [2005-12-07 12:31:00 | 00,202,752 | R--- | C] () -- H:\windows\System32\CddbCdda.dll [2004-09-02 03:33:56 | 00,045,056 | ---- | C] () -- H:\windows\System32\xfire_lsp_9028.dll [2003-09-16 16:41:44 | 00,045,056 | R--- | C] () -- H:\windows\System32\ogg.dll [2002-10-06 19:42:58 | 00,237,568 | R--- | C] () -- H:\windows\System32\OggDS.dll [2002-10-05 00:04:26 | 00,921,600 | R--- | C] () -- H:\windows\System32\vorbisenc.dll [2002-10-05 00:04:26 | 00,188,416 | R--- | C] () -- H:\windows\System32\vorbis.dll [2001-07-21 23:16:20 | 00,001,377 | ---- | C] () -- H:\windows\win.ini [2001-07-21 23:15:52 | 00,000,231 | ---- | C] () -- H:\windows\system.ini [1999-01-22 17:46:58 | 00,065,536 | ---- | C] () -- H:\windows\System32\MSRTEDIT.DLL [color=#E56717]========== LOP Check ==========[/color] [2009-02-20 16:14:22 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\2DBoy [2007-12-23 10:43:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\ArcaBit [2009-09-10 18:37:57 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\ATI [2007-12-09 21:47:06 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Awem [2007-10-25 15:04:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Azureus [2008-12-02 15:43:22 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Blizzard [2007-04-18 20:04:47 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\BOONTY [2008-04-24 16:59:10 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Corel [2008-02-02 20:20:36 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Downloaded Installations [2009-06-06 00:41:20 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2008-01-19 23:48:15 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\EPSON [2008-11-04 15:49:11 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Fugazo [2007-12-10 15:28:35 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\InterAction studios [2007-10-18 18:19:29 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Last.fm [2007-04-18 20:04:53 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\MumboJumbo [2007-10-03 19:51:03 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\n7-89-o9-3r-4t-r9 [2007-10-18 18:17:48 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks [2008-02-02 19:31:11 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2008-05-13 18:39:08 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\PlayPond [2008-08-25 19:27:22 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Screaming Bee [2008-05-16 19:15:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\TechSmith [2009-11-11 00:02:32 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\TEMP [2007-04-23 13:46:49 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited [2008-01-10 20:40:13 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software [2009-09-08 18:20:37 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2008-01-19 23:32:19 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\UDL [2007-07-08 12:25:51 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Urban FreeStyle Soccer [2009-08-12 20:28:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2007-12-23 01:25:54 | 00,000,000 | ---D | M] -- H:\Documents and Settings\LocalService\Dane aplikacji\ArcaBit [2007-11-25 18:27:44 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\.BitTornado [2008-04-03 17:40:15 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Ambient Design [2009-09-10 18:37:57 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\ATI [2007-10-25 15:19:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Azureus [2007-10-22 13:58:46 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\BitSpirit [2008-10-29 17:18:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\cmw [2007-12-19 10:43:34 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\concept design [2008-04-24 17:01:24 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Corel [2008-03-04 09:51:12 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\DAEMON Tools [2008-06-29 18:27:39 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Datalayer [2007-01-13 11:34:23 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Desperate Housewives [2008-03-28 16:47:53 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Dev-Cpp [2009-11-20 16:01:33 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\DMCache [2008-10-02 20:44:30 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\EPSON [2008-06-20 20:17:51 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\FarmingSimulator2008 [2008-11-08 22:00:35 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\fretsonfire [2007-10-30 15:38:53 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Gadu-Gadu [2007-10-03 19:50:58 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\GameHouse [2008-11-08 10:32:39 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Gamelab [2008-09-11 19:42:59 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\gtk-2.0 [2009-10-09 19:31:46 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\IDM [2008-07-08 15:31:49 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\ImgBurn [2006-11-30 08:26:41 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\InterTrust [2007-12-13 16:42:25 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\iWin [2006-12-18 15:32:43 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Leadertech [2008-05-14 18:05:16 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\LEGO Company [2007-12-13 15:17:54 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Magic Academy [2009-11-02 15:45:18 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\MegauploadToolbar [2008-02-26 17:13:17 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Meridian93 [2008-08-13 11:36:29 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\MetaProducts [2008-02-02 19:32:32 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Nokia [2008-02-06 14:42:16 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Nokia Multimedia Player [2009-10-11 22:09:17 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Nowe Gadu-Gadu [2008-01-11 22:24:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Opera [2008-02-02 19:31:14 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\PC Suite [2009-06-03 21:49:05 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Red Kawa [2008-08-25 19:27:23 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Screaming Bee [2007-03-06 17:25:38 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\SecuROM [2007-12-21 21:12:14 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Soldat [2008-08-20 11:56:41 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\SPORE Creature Creator [2008-03-31 21:03:58 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Subversion [2009-06-01 18:15:34 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\TeamViewer [2009-05-25 22:11:36 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\TechSmith [2009-06-22 22:47:00 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Teeworlds [2007-12-20 23:09:25 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Thinstall [2008-12-21 11:21:29 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Tibia [2008-01-10 20:40:27 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\TuneUp Software [2008-03-04 13:01:35 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Ubisoft [2007-12-18 10:17:22 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\URSoft [2007-11-19 17:43:55 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Wildfire [2008-04-28 16:04:49 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\WoDBO [2009-09-20 13:42:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\XRay Engine [2009-11-13 17:15:51 | 00,000,376 | ---- | M] () -- H:\windows\Tasks\1-Click Maintenance.job [2001-07-21 23:17:50 | 00,000,065 | RH-- | M] () -- H:\windows\Tasks\desktop.ini [2009-11-20 16:00:02 | 00,000,540 | ---- | M] () -- H:\windows\Tasks\Konserwacja jednym kliknięciem.job [2009-11-20 15:11:23 | 00,000,006 | -H-- | M] () -- H:\windows\Tasks\SA.DAT [2009-11-20 15:11:45 | 00,000,260 | ---- | M] () -- H:\windows\Tasks\WGASetup.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 225 bytes -> H:\Documents and Settings\All Users\Dane aplikacji\TEMP:4EE74317 @Alternate Data Stream - 168 bytes -> H:\Documents and Settings\All Users\Dane aplikacji\TEMP:B3D74A13 < End of report >[/log]Dodam, że gdy próbuje zamknąć plik services.exe nie mogę go zamknąć i wyskakuje okioenko z napisem: "Menadzer nie może zamknąć tego procesu, gdyż jest to krytyczny proces systemu." Przepraszam, za double posta, ale mam takiego lagga, że nie mogę edytować postów.Dodam, że gdy próbuje zamknąć plik services.exe nie mogę go zamknąć i wyskakuje okioenko z napisem: "Menadzer nie może zamknąć tego procesu, gdyż jest to krytyczny proces systemu." Przepraszam, za double posta, ale mam takiego lagga, że nie mogę edytować postów. Acha i jeszcze jedno, ściągnąłem tą avirę, ale gdy chcę ją zainstalować (klikam dwuklikiem/prawy potem otworz) nic się nie dzieje.
Psycholandia komentarz 20 listopada 2009 komentarz 20 listopada 2009 1. Usuń Bonjour: http://andziorka.wordpress.com/2009/11/09/usuwanie-bonjour/ 2. W okienko OTL wklej poniższy skrypt i klik na Run Fix: [code]:Processes explorer.exe :OTL O2 - BHO: (no name) - {85F685C3-20D9-4943-95E4-EB4224056C3F} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {85F685C3-20D9-4943-95E4-EB4224056C3F} - No CLSID value found. O4 - HKLM..\Run: [KernelFaultCheck] File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Reg Error: Key error.) O32 - AutoRun File - [2008-10-22 00:48:37 | 00,000,045 | R--- | M] () - D:\Autorun.inf -- [ UDF ] O32 - AutoRun File - [2008-04-04 23:02:44 | 00,000,000 | ---D | M] - H:\Automap -- [ NTFS ] O33 - MountPoints2\{82a39c31-bb03-11de-827e-001e7418ab07}\Shell\AutoRun\command - "" = C:\3n8awsyg.exe -- File not found O33 - MountPoints2\{82a39c31-bb03-11de-827e-001e7418ab07}\Shell\open\Command - "" = C:\3n8awsyg.exe -- File not found O33 - MountPoints2\{a8738290-f628-11dd-80cd-4d6564696130}\Shell - "" = AutoRun O33 - MountPoints2\{f716887c-7df6-11db-b6d8-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{f716887c-7df6-11db-b6d8-806d6172696f}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2009-04-30 03:57:32 | 00,054,544 | R--- | M] (Electronic Arts) O33 - MountPoints2\{fc57172e-9c44-11de-822c-001e7418ab07}\Shell\AutoRun\command - "" = 86l2qw.bat O33 - MountPoints2\{fc57172e-9c44-11de-822c-001e7418ab07}\Shell\open\Command - "" = 86l2qw.bat :Files H:\WINDOWS\patch.exe H:\windows\System32\86981EB56D.sys :Commands [emptytemp] [start explorer] [Reboot][/code] 3. Otwórz notatnik tekstowy i wklej do niego poniższy tekst: [code]Windows Registry Editor Version 5.00 [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] [/code] Zapisz jako->Wybierz [b]Wszystkie pliki[/b]->wpisz [b]Fix.reg[/b]->Następnie kliknij na zapisany plik i uruchom komputer ponownie. 4. Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware)
BioToxic komentarz 20 listopada 2009 Autor komentarz 20 listopada 2009 Zrobiłem tak jak trzeba(oprócz pkt 4), ale nadal servicess pożera cały procesor. Na dodatek chyba nie działa Internet a podczas wylaczania komputera powstają błędy ( zakończ teraz) takich programów:realsched.exe , CRTMediaController , miernik energii
Psycholandia komentarz 20 listopada 2009 komentarz 20 listopada 2009 [quote]6. CWShredder obciąża proces services.exe na 100%CPU Dotyczy to systemów Windows 2000/XP/2003 i jest związane z faktem korzystania z pliku HOSTS do blokowania szpegowskich stron. Usługa Klient DNS stoi w konflikcie z CWShredderem powodując również pady procesu services.exe w momencie próby podglądnięcia lub wyczyszczenia cache DNS. Obejściem problemu jest całkowite skasowanie pliku HOSTS. Można też po prostu wyłączyć usługę Klient DNS. Start >>> Run (Uruchom) >>> services.msc i po kliknięciu podwójnie w usługę Klient DNS ustaw jej Typ Startowana na Wyłączona. Po akcji restart kompa.[/quote] [i]Źródło: http://www.searchengines.pl/index.php?showtopic=14185[/i]
BioToxic komentarz 21 listopada 2009 Autor komentarz 21 listopada 2009 Zrobiłem tak jak kazales, najpierrw wylaczylem dnsy, nie podzialalo (robiłem restart) usunalem plik host nadal to samo services.exe cały czas zabiera 100% cpu.@Edite: Zrobiłem dziś format'a, dzięki za próbę pomocy. Pozdrawiam.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.