x-kom hosting

Proces services.exe zabiera 100% użycia procesora.

BioToxic
utworzono
utworzono

Witam po kilku latach użytkowania komputera bez praktycznie żadnego anty wirusa zlapalem coś poważnego. Komputer jest totalnie zmulony. Proces services.exe zabiera od 80% do 100% użycia procesora. Pisze tego posta z telefonu, bo jak już mówiłem pc się nie nadaje do niczego. Proszę o pomoc, mogę zrobić format, ale wolałbym nie. Przepraszam za chaotycznie napisanego posta, ale jestem bardzo zdenerwowany.

Psycholandia
komentarz
komentarz

Daj loga z OTL: http://www.forumpc.pl/index.php?showtopic=104338
Zainstaluj darmową Avirę.

BioToxic
komentarz
komentarz

[log]OTL logfile created on: 2009-11-20 16:13:00 - Run 1
OTL by OldTimer - Version 3.1.6.0 Folder = H:\Documents and Settings\Mirek\Pulpit\Instalki
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1023,23 Mb Total Physical Memory | 440,84 Mb Available Physical Memory | 43,08% Memory free
2,40 Gb Paging File | 1,95 Gb Available in Paging File | 81,34% Paging File free
Paging file location(s): H:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = H: | %SystemRoot% = H:\windows | %ProgramFiles% = H:\Program Files
C: Drive not present or media not loaded
Drive D: | 5,56 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 149,04 Gb Total Space | 10,59 Gb Free Space | 7,11% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: DOM
Current User Name: Mirek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2009-11-20 16:10:55 | 00,529,408 | ---- | M] (OldTimer Tools) -- H:\Documents and Settings\Mirek\Pulpit\Instalki\OTL.exe
PRC - [2009-11-06 03:14:36 | 03,152,272 | ---- | M] (Xfire Inc.) -- H:\Program Files\Xfire\Xfire.exe
PRC - [2009-09-07 17:34:57 | 00,222,728 | ---- | M] (RealNetworks, Inc.) -- h:\Program Files\Real\RealPlayer\realplay.exe
PRC - [2009-09-07 17:34:55 | 00,198,160 | ---- | M] (RealNetworks, Inc.) -- H:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009-08-24 21:23:38 | 00,908,280 | ---- | M] (Mozilla Corporation) -- H:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-07-21 16:42:04 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- H:\WINDOWS\system32\ati2evxx.exe
PRC - [2009-07-21 16:42:04 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- H:\WINDOWS\system32\ati2evxx.exe
PRC - [2009-07-09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009-05-30 11:30:26 | 00,292,136 | ---- | M] (Apple Inc.) -- H:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009-05-30 11:30:20 | 00,541,992 | ---- | M] (Apple Inc.) -- H:\Program Files\iPod\bin\iPodService.exe
PRC - [2009-04-30 16:23:33 | 00,075,064 | ---- | M] () -- H:\WINDOWS\system32\PnkBstrA.exe
PRC - [2009-04-28 10:29:16 | 00,475,136 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\ArcaVir\AVMenu.exe
PRC - [2009-02-06 17:50:38 | 03,885,408 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2009-02-06 17:39:29 | 00,227,840 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2008-12-16 18:01:32 | 00,158,216 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\ArcaVir\FileMonSV.exe
PRC - [2008-12-12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- H:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008-10-25 11:44:34 | 00,031,072 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2008-09-26 13:02:55 | 00,326,656 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\taskmqr.exe
PRC - [2008-06-10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
PRC - [2008-03-22 12:50:04 | 00,565,760 | ---- | M] (http://tortoisesvn.net) -- H:\Program Files\TortoiseSVN\bin\TSVNCache.exe
PRC - [2008-02-14 00:09:40 | 00,486,856 | ---- | M] (DT Soft Ltd) -- H:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2007-07-12 10:40:32 | 00,303,104 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\ArcaVir\ABregmon.exe
PRC - [2007-06-29 10:28:52 | 00,212,992 | ---- | M] () -- H:\WINDOWS\VMSnap23.exe
PRC - [2007-06-29 10:28:44 | 00,049,152 | ---- | M] (Vimicro) -- H:\WINDOWS\domino.exe
PRC - [2007-06-28 17:23:20 | 00,094,208 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\ArcaVir\NetMonSV.exe
PRC - [2007-06-13 14:23:49 | 01,034,752 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\explorer.exe
PRC - [2007-05-28 17:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- H:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2007-05-04 01:32:52 | 00,961,024 | ---- | M] (Ares Development Group) -- H:\Program Files\Ares\Ares.exe
PRC - [2007-04-16 14:28:22 | 00,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- H:\WINDOWS\soundman.exe
PRC - [2007-02-26 16:04:48 | 00,167,936 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\ArcaUpdate\update.exe
PRC - [2007-01-12 16:42:18 | 00,270,336 | ---- | M] (ArcaBit sp. z o.o.) -- H:\Program Files\ArcaBit\Common\taskscheduler.exe
PRC - [2007-01-11 16:01:56 | 00,200,704 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\Common\ArcaBit.Core.Configurator2.exe
PRC - [2006-12-13 04:26:42 | 00,020,480 | R--- | M] () -- H:\WINDOWS\Imgtask.exe
PRC - [2006-11-02 19:40:12 | 00,174,656 | ---- | M] () -- H:\WINDOWS\system32\PSIService.exe
PRC - [2006-11-02 01:17:54 | 00,298,727 | RHS- | M] () -- H:\WINDOWS\patch.exe
PRC - [2006-11-02 01:17:54 | 00,298,727 | RHS- | M] () -- H:\WINDOWS\patch.exe
PRC - [2006-09-09 10:16:11 | 00,196,608 | ---- | M] (PowerISO Computing, Inc.) -- H:\iso\PowerISO\PWRISOVM.EXE
PRC - [2006-07-05 14:02:03 | 00,358,008 | ---- | M] (Protection Technology (StarForce)) -- H:\WINDOWS\system32\sfrem01.exe
PRC - [2006-04-24 14:25:44 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- H:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2005-08-11 21:30:30 | 00,081,920 | ---- | M] (Macrovision Corporation) -- H:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2005-01-28 12:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\wdfmgr.exe
PRC - [2004-10-13 17:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Messenger\msmsgs.exe
PRC - [2004-08-03 23:44:28 | 00,139,776 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\taskmgr.exe
PRC - [2002-10-11 08:10:00 | 00,106,560 | ---- | M] (WinZip Computing, Inc.) -- H:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2001-10-26 18:29:48 | 00,008,192 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\cidaemon.exe
PRC - [2001-10-26 18:29:48 | 00,008,192 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\cidaemon.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2009-11-20 16:10:55 | 00,529,408 | ---- | M] (OldTimer Tools) -- H:\Documents and Settings\Mirek\Pulpit\Instalki\OTL.exe
MOD - [2009-11-06 03:14:46 | 00,902,544 | ---- | M] (Xfire Inc.) -- H:\Program Files\Xfire\xfire_toucan_40120.dll
MOD - [2009-03-26 16:35:39 | 00,034,224 | ---- | M] (Tonec Inc.) -- H:\Program Files\Internet Download Manager\idmmkb.dll
MOD - [2006-08-25 16:51:13 | 01,054,208 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2005-01-04 23:03:22 | 00,348,160 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\msvcr71.dll
MOD - [2004-08-03 23:44:16 | 00,024,064 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\wsock32.dll
MOD - [2004-08-03 23:43:58 | 00,185,856 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\wbem\framedyn.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009-09-08 21:12:01 | 00,304,528 | ---- | M] (Protection Technology) -- H:\windows\System32\appdrvrem01.exe -- (appdrvrem01)
SRV - [2009-07-21 16:42:04 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- H:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2009-07-21 09:40:00 | 00,593,920 | ---- | M] () -- H:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2009-07-09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009-05-30 11:30:20 | 00,541,992 | ---- | M] (Apple Inc.) -- H:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009-05-27 23:02:00 | 02,760,021 | ---- | M] (INCA Internet Co., Ltd.) -- H:\windows\System32\GameMon.des -- (npggsvc)
SRV - [2009-04-30 16:23:33 | 00,075,064 | ---- | M] () -- H:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009-02-23 20:52:15 | 00,361,728 | ---- | M] (TuneUp Software GmbH) -- H:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2008-12-16 18:01:32 | 00,158,216 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\ArcaVir\FileMonSV.exe -- (ABFileMon)
SRV - [2008-12-12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- H:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008-11-04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008-10-25 11:44:08 | 00,065,888 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008-07-29 20:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- h:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008-07-29 18:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008-07-29 18:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008-07-25 10:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-07-25 10:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2008-07-18 15:05:40 | 00,028,416 | ---- | M] (TuneUp Software GmbH) -- H:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008-07-07 21:51:15 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- H:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007-10-22 07:42:03 | 00,138,168 | ---- | M] (Google) -- H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2007-10-18 17:41:46 | 01,838,592 | ---- | M] (Google) -- H:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager)
SRV - [2007-06-28 17:23:20 | 00,094,208 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\ArcaVir\NetMonSV.exe -- (ABNetMon)
SRV - [2007-05-28 17:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- H:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2007-04-18 20:04:44 | 00,069,120 | ---- | M] (BOONTY) -- H:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe -- (Boonty Games)
SRV - [2007-03-20 02:19:14 | 00,263,168 | ---- | M] (Ares Development Group) -- H:\Program Files\Ares\chatServer.exe -- (AresChatServer)
SRV - [2007-02-26 16:04:48 | 00,167,936 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\ArcaUpdate\update.exe -- (AVUpdate)
SRV - [2007-01-12 16:42:18 | 00,270,336 | ---- | M] (ArcaBit sp. z o.o.) -- H:\Program Files\ArcaBit\Common\TaskScheduler.exe -- (ArcaBit.TaskScheduler)
SRV - [2007-01-11 16:03:58 | 00,237,568 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\Common\ArcaBit.Core.LoggingService.exe -- (ArcaBit.Core.LoggingService)
SRV - [2007-01-11 16:01:56 | 00,200,704 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\Common\ArcaBit.Core.Configurator2.exe -- (ArcaBit.Core.Configurator)
SRV - [2006-11-02 19:40:12 | 00,174,656 | ---- | M] () -- H:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006-10-26 12:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006-07-05 14:02:03 | 00,358,008 | ---- | M] (Protection Technology (StarForce)) -- H:\windows\System32\sfrem01.exe -- (sfrem01)
SRV - [2006-06-05 13:59:18 | 00,174,080 | ---- | M] (Nokia.) -- H:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe -- (ServiceLayer)
SRV - [2006-04-24 14:25:44 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- H:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2005-01-28 12:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\wdfmgr.exe -- (UMWdf)
SRV - [2004-10-22 02:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- H:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004-08-03 23:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-11-16 14:34:46 | 00,053,312 | ---- | M] (microOLAP Technologies LTD) -- H:\WINDOWS\system32\drivers\pssdklbf.sys -- (PsSdkLBF)
DRV - [2009-11-16 14:34:46 | 00,036,928 | ---- | M] (microOLAP Technologies LTD) -- H:\WINDOWS\system32\drivers\pssdk40.sys -- (PsSdk40)
DRV - [2009-10-30 19:38:07 | 00,023,217 | ---- | M] (INCA Internet Co., Ltd.) -- H:\Program Files\Lineage II\system\npkcrypt.sys -- (npkcrypt)
DRV - [2009-10-12 14:55:39 | 00,016,224 | ---- | M] (LogMeIn, Inc.) -- H:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009-09-08 21:12:01 | 02,915,944 | ---- | M] (Protection Technology) -- H:\WINDOWS\system32\drivers\appdrv01.sys -- (appdrv01)
DRV - [2009-07-21 17:30:48 | 03,565,056 | ---- | M] (ATI Technologies Inc.) -- H:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009-07-09 11:16:16 | 00,039,424 | ---- | M] (Apple, Inc.) -- H:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009-03-19 15:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- H:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2008-09-24 09:40:22 | 04,122,368 | R--- | M] (Realtek Semiconductor Corp.) -- H:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM)
DRV - [2008-05-16 13:00:36 | 00,021,920 | ---- | M] (Screaming Bee LLC) -- H:\WINDOWS\system32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - [2008-03-04 09:51:15 | 00,716,272 | ---- | M] () -- H:\windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2007-11-13 11:25:55 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- H:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007-09-12 13:37:47 | 00,030,208 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\ArcaVir\ABFLT.sys -- (ABFLT)
DRV - [2007-05-08 14:45:02 | 00,044,032 | ---- | M] (ArcaBit) -- H:\Program Files\ArcaBit\ArcaVir\ABTDI.sys -- (ABTDI)
DRV - [2007-04-03 16:22:12 | 00,260,224 | ---- | M] (Vimicro Corporation) -- H:\WINDOWS\system32\drivers\usbvm323.sys -- (ZSMC326)
DRV - [2007-03-20 10:33:26 | 00,028,672 | ---- | M] (http://libusb-win32.sourceforge.net) -- H:\WINDOWS\system32\drivers\libusb0.sys -- (libusb0)
DRV - [2007-03-08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- H:\windows\system32\DRIVERS\PxHelp20.sys -- (PxHelp20)
DRV - [2006-12-02 08:49:41 | 00,271,360 | ---- | M] () -- H:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2006-12-02 08:49:40 | 00,018,048 | ---- | M] () -- H:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2006-09-09 10:31:39 | 00,030,988 | ---- | M] (PowerISO Computing, Inc.) -- H:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2006-08-08 11:25:40 | 00,476,672 | ---- | M] (Vimicro Corporation) -- H:\WINDOWS\system32\drivers\vmfilter323.sys -- (vmfilter323)
DRV - [2006-06-14 15:56:56 | 00,013,680 | ---- | M] (Protection Technology (StarForce)) -- H:\windows\System32\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [2006-05-29 08:26:38 | 00,127,488 | ---- | M] (Nokia) -- H:\WINDOWS\system32\drivers\nmwcd.sys -- (Nokia USB Phone Parent)
DRV - [2006-05-29 08:26:36 | 00,013,312 | ---- | M] (Nokia) -- H:\WINDOWS\system32\drivers\nmwcdcm.sys -- (Nokia USB Modem)
DRV - [2006-05-29 08:26:36 | 00,008,704 | ---- | M] (Nokia) -- H:\WINDOWS\system32\drivers\nmwcdc.sys -- (Nokia USB Generic)
DRV - [2005-11-03 15:40:07 | 00,063,488 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\sfvfs02.sys -- (sfvfs02)
DRV - [2005-08-10 13:44:04 | 00,050,688 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2004-08-09 12:33:26 | 00,114,016 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004-08-09 12:29:28 | 00,053,920 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004-08-03 22:04:34 | 00,012,672 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2004-07-19 15:49:54 | 00,007,040 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2004-01-08 05:37:02 | 00,812,416 | ---- | M] (C-Media Inc) -- H:\WINDOWS\system32\drivers\cmuda.sys -- (cmuda)
DRV - [2003-12-01 16:20:52 | 00,004,832 | ---- | M] (Protection Technology) -- H:\windows\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003-08-04 13:22:44 | 00,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- H:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2002-12-10 09:11:42 | 00,006,852 | ---- | M] () -- H:\WINDOWS\system32\drivers\Vcs.sys -- (Vcs)
DRV - [2001-08-17 22:57:36 | 00,005,888 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV - [2001-08-17 22:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- H:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2001-08-17 21:13:08 | 00,027,165 | ---- | M] (VIA Technologies, Inc. ) -- H:\WINDOWS\system32\drivers\fetnd5.sys -- (FETNDIS)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-746137067-1202660629-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5.0&Ar=ie5update&O1=b1
IE - HKU\S-1-5-21-746137067-1202660629-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-746137067-1202660629-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
IE - HKU\S-1-5-21-746137067-1202660629-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
IE - HKU\S-1-5-21-746137067-1202660629-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-746137067-1202660629-725345543-1003\S-1-5-21-746137067-1202660629-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-746137067-1202660629-725345543-1003\S-1-5-21-746137067-1202660629-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Live Search"
FF - prefs.js..browser.search.defaulturl: "http://search.live.com/results.aspx?FORM=IEFM1&q="
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2
FF - prefs.js..extensions.enabledItems: {582195F5-92E7-40a0-A127-DB71295901D7}:0.5.7.3
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090123.1
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:6.7
FF - prefs.js..extensions.enabledItems: flashplugin@idm:4.1.0.067
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {D249FD00-4DF9-11D9-9FDC-0080481ADA61}:1.1.23
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:0.0.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3789
FF - prefs.js..extensions.enabledItems: {bc03d92d-9a29-4663-a16b-26fb5538975c}:20080808
FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:3.0.3
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20090414
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - prefs.js..keyword.URL: "http://search.live.com/results.aspx?FORM=IEFM1&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: h:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-09-02 22:40:50 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: H:\Program Files\Mozilla Firefox\components [2009-10-08 11:11:08 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: H:\Program Files\Mozilla Firefox\plugins [2009-09-13 22:18:40 | 00,000,000 | ---D | M]

[2009-08-10 11:11:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Extensions
[2009-08-10 11:11:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-11-20 15:56:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\extensions
[2009-08-15 10:43:08 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009-08-10 11:19:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\extensions\{582195F5-92E7-40a0-A127-DB71295901D7}
[2009-08-10 11:19:53 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009-08-15 10:43:11 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\extensions\{bc03d92d-9a29-4663-a16b-26fb5538975c}
[2009-08-15 10:43:12 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009-08-10 11:12:14 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\extensions\{D249FD00-4DF9-11D9-9FDC-0080481ADA61}
[2007-11-13 14:38:08 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\extensions\{d8646e86-22ba-4f3d-8751-23c723ebd7b9}
[2009-08-06 22:52:25 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009-08-10 11:12:17 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\extensions\en-US@dictionaries.addons.mozilla.org
[2008-01-22 17:01:42 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\extensions\flashplugin@idm
[2008-03-04 09:55:27 | 00,002,920 | ---- | M] () -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\searchplugins\daemon-search.xml
[2009-07-28 09:55:26 | 00,001,632 | ---- | M] () -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\searchplugins\live-search.xml
[2009-01-08 21:19:51 | 00,001,274 | ---- | M] () -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\searchplugins\pwn-sjp.xml
[2008-04-03 20:42:20 | 00,000,615 | ---- | M] () -- H:\Documents and Settings\Mirek\Dane aplikacji\Mozilla\Firefox\Profiles\z1el2z89.default\searchplugins\yahoo-search.xml
[2009-11-20 15:56:37 | 00,000,000 | ---D | M] -- H:\Program Files\Mozilla Firefox\extensions
[2009-09-13 22:18:40 | 00,000,000 | ---D | M] -- H:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-08-24 09:54:22 | 00,000,000 | ---D | M] -- H:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2008-01-09 20:48:18 | 00,000,000 | ---D | M] -- H:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2008-08-13 11:49:32 | 00,000,000 | ---D | M] -- H:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009-08-24 21:23:38 | 00,023,544 | ---- | M] (Mozilla Foundation) -- H:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009-08-24 21:23:38 | 00,137,208 | ---- | M] (Mozilla Foundation) -- H:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2007-10-18 17:32:34 | 00,135,680 | ---- | M] (Google) -- H:\Program Files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
[2007-08-07 12:35:32 | 00,049,152 | ---- | M] (Adobe Systems, Inc.) -- H:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
[2008-11-21 22:45:04 | 01,332,224 | ---- | M] (DivX,Inc.) -- H:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
[2008-08-19 16:31:28 | 00,098,304 | ---- | M] (ASP) -- H:\Program Files\Mozilla Firefox\plugins\NPHoldemFireLauncher.dll
[2007-11-29 11:00:52 | 00,066,208 | ---- | M] (Joost Technologies B.V. ) -- H:\Program Files\Mozilla Firefox\plugins\npJoostPlugin.dll
[2009-02-11 14:57:22 | 00,172,032 | ---- | M] (MGame) -- H:\Program Files\Mozilla Firefox\plugins\NPMFireLauncher.dll
[2009-08-24 21:23:38 | 00,065,016 | ---- | M] (mozilla.org) -- H:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2006-10-26 19:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
[2009-09-07 17:35:13 | 00,140,864 | ---- | M] (RealNetworks, Inc.) -- H:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2009-08-12 20:26:02 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2009-08-12 20:26:02 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2009-08-12 20:26:02 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2009-08-12 20:26:02 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2009-08-12 20:26:02 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2009-08-12 20:26:02 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2009-08-12 20:26:02 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2009-08-12 20:26:02 | 00,143,360 | ---- | M] (Apple Inc.) -- H:\Program Files\Mozilla Firefox\plugins\npqtplugin8.dll
[2009-09-07 17:35:18 | 00,008,192 | ---- | M] (RealNetworks, Inc.) -- H:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
[2009-09-07 17:35:10 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- H:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2009-08-24 20:19:13 | 00,002,767 | ---- | M] () -- H:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-08-24 20:19:13 | 00,001,406 | ---- | M] () -- H:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-08-24 20:19:13 | 00,002,371 | ---- | M] () -- H:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009-08-24 20:19:13 | 00,000,917 | ---- | M] () -- H:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-08-24 20:19:13 | 00,000,858 | ---- | M] () -- H:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-08-24 20:19:13 | 00,001,183 | ---- | M] () -- H:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-08-24 20:19:13 | 00,001,683 | ---- | M] () -- H:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (988 bytes) - H:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 69.16.243.105 L2authd.lineage2.com
O1 - Hosts: 69.16.243.105 L2testauthd.lineage2.com
O1 - Hosts: 69.16.243.105 auth.lineage2.com.tw
O1 - Hosts: 69.16.243.105 auth.lineage2.jp
O1 - Hosts: 69.16.243.105 L2auth.Lineage2.in.th
O1 - Hosts: 69.16.243.105 L2auth.Lineage2.ph
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - H:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - H:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar BHO) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - H:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - H:\Program Files\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - H:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll (BitComet)
O2 - BHO: (no name) - {3BDEF609-4137-4BD2-9D10-95D4FEC2BE9C} - H:\WINDOWS\system32\combddin.dll ()
O2 - BHO: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - H:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {85F685C3-20D9-4943-95E4-EB4224056C3F} - No CLSID value found.
O2 - BHO: (Pomocnik rejestracji usługi Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - h:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll (Google Inc.)
O2 - BHO: (IECatcher Class) - {B930BA63-9E5A-11D3-A288-0000E80E2EDE} - H:\Program Files\Mass Downloader\mdhelper.dll ()
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - H:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - H:\Program Files\FlashGet\getflash.dll (www.flashget.com)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - H:\Documents and Settings\Mirek\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - h:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - H:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
O3 - HKLM\..\Toolbar: (no name) - {85F685C3-20D9-4943-95E4-EB4224056C3F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - H:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - H:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - H:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-746137067-1202660629-725345543-1003\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - h:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKU\S-1-5-21-746137067-1202660629-725345543-1003\..\Toolbar\ShellBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - H:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC)
O3 - HKU\S-1-5-21-746137067-1202660629-725345543-1003\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - h:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKU\S-1-5-21-746137067-1202660629-725345543-1003\..\Toolbar\WebBrowser: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - H:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
O3 - HKU\S-1-5-21-746137067-1202660629-725345543-1003\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - H:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC)
O3 - HKU\S-1-5-21-746137067-1202660629-725345543-1003\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - H:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [ABRegmon] H:\Program Files\ArcaBit\ArcaVir\ABregmon.exe (ArcaBit)
O4 - HKLM..\Run: [Adobe Gama Loader.Ink] H:\WINDOWS\system32\taskmqr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ArcaCheck] H:\Program Files\ArcaBit\ArcaVir\ArcaCheck.exe (ArcaBit)
O4 - HKLM..\Run: [AvMenu] H:\Program Files\ArcaBit\ArcaVir\AVMenu.exe (ArcaBit)
O4 - HKLM..\Run: [BigDogPath323Domino] H:\WINDOWS\domino.exe (Vimicro)
O4 - HKLM..\Run: [BigDogPath323VMSnap] H:\WINDOWS\VMSnap23.exe ()
O4 - HKLM..\Run: [GrooveMonitor] H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ImgTask] H:\WINDOWS\Imgtask.exe ()
O4 - HKLM..\Run: [ISUSPM Startup] H:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] H:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [iTunesHelper] H:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [PWRISOVM.EXE] H:\iso\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [SoundMan] H:\windows\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] H:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] H:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-746137067-1202660629-725345543-1003..\Run: [ares] H:\Program Files\Ares\Ares.exe (Ares Development Group)
O4 - HKU\S-1-5-21-746137067-1202660629-725345543-1003..\Run: [DAEMON Tools Lite] H:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-746137067-1202660629-725345543-1003..\Run: [EA Core] H:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKU\S-1-5-21-746137067-1202660629-725345543-1003..\Run: [Gadu-Gadu] H:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
O4 - HKU\S-1-5-21-746137067-1202660629-725345543-1003..\Run: [iPhone PC Suite] H:\Documents and Settings\Mirek\Pulpit\Programy\iPhone PC Suite 2.3.1.86\iPhone PC Suite.exe ()
O4 - HKU\S-1-5-21-746137067-1202660629-725345543-1003..\Run: [Mousotron] H:\Program Files\Mousotron\Mousotron.exe (Blacksun Software)
O4 - HKU\S-1-5-21-746137067-1202660629-725345543-1003..\Run: [MSMSGS] H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-746137067-1202660629-725345543-1003..\Run: [msnmsgr] H:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-746137067-1202660629-725345543-1003..\Run: [Nowe Gadu-Gadu] H:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.)
O4 - Startup: H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = H:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: H:\Documents and Settings\All Users\Menu Start\Programy\Autostart\WinZip Quick Pick.lnk = H:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)
O4 - Startup: H:\Documents and Settings\Mirek\Menu Start\Programy\Autostart\Xfire.lnk = H:\Program Files\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-746137067-1202660629-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O8 - Extra context menu item: &D&ownload &with BitComet - H:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all video with BitComet - H:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - H:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &Sciagnij przy pomocy FlashGet'a - Reg Error: Value error. File not found
O8 - Extra context menu item: &Sciagnij wszystko przy pomocy FlashGet'a - Reg Error: Value error. File not found
O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - H:\Program Files\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - H:\Program Files\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Winamp Toolbar Search - H:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - H:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Œci¹gnij przez IDM - H:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Œci¹gnij wszystkie linki przez IDM - H:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Œci¹gnij zawartoœæ wideo FLV przez IDM - H:\Program Files\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Pobierz &Wszystko u¿ywaj¹c Mass Downloader'a - H:\Program Files\Mass Downloader\add_all.htm ()
O8 - Extra context menu item: Pobierz &Wszystko uzywajac Mass Downloader'a - Reg Error: Value error. File not found
O8 - Extra context menu item: Pobierz &Wszystko używając Mass Downloader'a - H:\Program Files\Mass Downloader\add_all.htm ()
O8 - Extra context menu item: Pobierz u¿ywaj¹c &Mass Downloader'a - H:\Program Files\Mass Downloader\add_url.htm ()
O8 - Extra context menu item: Pobierz uzywajac &Mass Downloader'a - Reg Error: Value error. File not found
O8 - Extra context menu item: Pobierz używając &Mass Downloader'a - H:\Program Files\Mass Downloader\add_url.htm ()
O8 - Extra context menu item: Pobierz z &BitSpirit - H:\Program Files\BitSpirit\bsurl.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Mass Downloader - {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - H:\Program Files\Mass Downloader\massdown.exe (MetaProducts corp.)
O9 - Extra 'Tools' menuitem : &Mass Downloader - {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - H:\Program Files\Mass Downloader\massdown.exe (MetaProducts corp.)
O9 - Extra Button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - H:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll (BitComet)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - H:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - H:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra Button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - H:\Program Files\Ghost Navigator2_8_1\Ghost.exe (NetScop.Net)
O9 - Extra 'Tools' menuitem : Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - H:\Program Files\Ghost Navigator2_8_1\Ghost.exe (NetScop.Net)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - H:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found
O12 - Plugin for: .spop - H:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - H:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - H:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - H:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - H:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - H:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (H:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - H:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - H:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - ("H:\windows\patch.exe") - H:\windows\patch.exe ()
O20 - HKLM Winlogon: UserInit - ("H:\windows\patch.exe") - H:\windows\patch.exe ()
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - H:\windows\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\TS_LogonListener: DllName - TS_LogonListener.dll - H:\windows\System32\TS_LogonListener.dll (ArcaBit sp. z o.o.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-04-30 03:57:32 | 00,054,544 | R--- | M] (Electronic Arts) - D:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008-10-22 00:48:37 | 00,000,045 | R--- | M] () - D:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2008-04-04 23:02:44 | 00,000,000 | ---D | M] - H:\Automap -- [ NTFS ]
O33 - MountPoints2\{82a39c31-bb03-11de-827e-001e7418ab07}\Shell\AutoRun\command - "" = C:\3n8awsyg.exe -- File not found
O33 - MountPoints2\{82a39c31-bb03-11de-827e-001e7418ab07}\Shell\open\Command - "" = C:\3n8awsyg.exe -- File not found
O33 - MountPoints2\{a8738290-f628-11dd-80cd-4d6564696130}\Shell - "" = AutoRun
O33 - MountPoints2\{f716887c-7df6-11db-b6d8-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{f716887c-7df6-11db-b6d8-806d6172696f}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2009-04-30 03:57:32 | 00,054,544 | R--- | M] (Electronic Arts)
O33 - MountPoints2\{fc57172e-9c44-11de-822c-001e7418ab07}\Shell\AutoRun\command - "" = 86l2qw.bat
O33 - MountPoints2\{fc57172e-9c44-11de-822c-001e7418ab07}\Shell\open\Command - "" = 86l2qw.bat
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - H:\windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009-11-09 11:55:42 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Mirek\Pulpit\Interlude sys org
[2009-11-09 11:19:56 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Mirek\Pulpit\Nowy folder (3)
[2009-11-08 20:37:13 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Mirek\Pulpit\l2 darkzone
[2009-11-04 18:51:11 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Mirek\Pulpit\l2inf
[2009-11-03 19:24:18 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Mirek\Pulpit\L2tiberius
[2009-11-01 13:57:29 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Mirek\Pulpit\l2 wloch
[2009-11-01 10:42:06 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Mirek\Pulpit\L2c
[2009-10-30 17:58:57 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Mirek\Pulpit\L2 gracia final sys itp
[2009-10-30 17:43:27 | 00,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- H:\windows\System32\npptNT2.sys
[2009-10-30 17:28:00 | 00,000,000 | ---D | C] -- H:\Program Files\Lineage II
[2009-10-29 16:34:50 | 00,000,000 | RH-D | C] -- H:\Documents and Settings\Mirek\Recent
[2009-10-26 20:15:36 | 00,000,000 | ---D | C] -- H:\Program Files\THQ
[2009-10-24 23:32:43 | 00,000,000 | ---D | C] -- H:\Program Files\LD-Anime
[2009-10-24 23:27:46 | 00,000,000 | ---D | C] -- H:\Program Files\Combined Community Codec Pack
[2009-10-21 18:28:58 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Mirek\Pulpit\Theme_105
[2009-10-21 18:28:13 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Mirek\Pulpit\Inaise.theme
[2009-10-21 17:48:48 | 00,000,000 | ---D | C] -- H:\Documents and Settings\Mirek\Ustawienia lokalne\Dane aplikacji\Cranium_Consulting_and_Cu
[2009-10-21 17:47:57 | 00,000,000 | ---D | C] -- H:\Program Files\iPhoneBrowser
[7 H:\windows\System32\*.tmp files -> H:\windows\System32\*.tmp -> ]
[4 H:\windows\*.tmp files -> H:\windows\*.tmp -> ]
[1 H:\Documents and Settings\Mirek\Pulpit\*.tmp files -> H:\Documents and Settings\Mirek\Pulpit\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2009-11-20 16:00:02 | 00,000,540 | ---- | M] () -- H:\windows\tasks\Konserwacja jednym kliknięciem.job
[2009-11-20 15:11:45 | 00,000,260 | ---- | M] () -- H:\windows\tasks\WGASetup.job
[2009-11-20 15:11:23 | 00,000,006 | -H-- | M] () -- H:\windows\tasks\SA.DAT
[2009-11-20 15:11:15 | 00,002,048 | --S- | M] () -- H:\windows\bootstat.dat
[2009-11-20 14:58:37 | 00,002,267 | ---- | M] () -- H:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2009-11-19 23:32:17 | 16,252,928 | -H-- | M] () -- H:\Documents and Settings\Mirek\NTUSER.DAT
[2009-11-19 23:31:56 | 00,000,292 | -HS- | M] () -- H:\Documents and Settings\Mirek\ntuser.ini
[2009-11-19 16:00:19 | 00,002,206 | ---- | M] () -- H:\windows\System32\wpa.dbl
[2009-11-18 20:39:53 | 00,001,723 | ---- | M] () -- H:\Documents and Settings\Mirek\Pulpit\The Sims™ 3.lnk
[2009-11-16 21:48:40 | 00,215,104 | ---- | M] () -- H:\windows\System32\PnkBstrB.xtr
[2009-11-16 21:48:40 | 00,215,104 | ---- | M] () -- H:\windows\System32\PnkBstrB.exe
[2009-11-16 21:48:34 | 00,138,576 | ---- | M] () -- H:\windows\System32\drivers\PnkBstrK.sys
[2009-11-16 14:44:44 | 00,002,603 | ---- | M] () -- H:\windows\l2control.ini
[2009-11-16 14:34:46 | 00,053,312 | ---- | M] (microOLAP Technologies LTD) -- H:\windows\System32\drivers\pssdklbf.sys
[2009-11-16 14:34:46 | 00,036,928 | ---- | M] (microOLAP Technologies LTD) -- H:\windows\System32\drivers\pssdk40.sys
[2009-11-14 16:53:54 | 00,000,284 | ---- | M] () -- H:\windows\tasks\AppleSoftwareUpdate.job
[2009-11-13 17:15:51 | 00,000,376 | ---- | M] () -- H:\windows\tasks\1-Click Maintenance.job
[2009-11-12 23:59:45 | 00,000,116 | ---- | M] () -- H:\windows\NeroDigital.ini
[2009-11-12 18:19:40 | 00,014,042 | ---- | M] () -- H:\Documents and Settings\Mirek\Pulpit\Pod hasłem.docx
[2009-11-12 12:45:37 | 01,568,152 | ---- | M] () -- H:\windows\System32\FNTCACHE.DAT
[2009-11-11 22:27:01 | 02,647,236 | -H-- | M] () -- H:\Documents and Settings\Mirek\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-11-10 21:45:34 | 00,000,844 | ---- | M] () -- H:\Documents and Settings\All Users\Pulpit\ACP.lnk
[2009-11-10 14:23:51 | 00,000,683 | ---- | M] () -- H:\Documents and Settings\Mirek\Pulpit\Play InfiniteL2.lnk
[2009-11-09 17:33:09 | 00,074,008 | ---- | M] () -- H:\Documents and Settings\Mirek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2009-11-09 14:37:42 | 00,001,553 | ---- | M] () -- H:\Documents and Settings\All Users\Pulpit\Settlers IV - Z³ota Edycja.lnk
[2009-11-06 03:14:42 | 00,041,872 | ---- | M] () -- H:\windows\System32\xfcodec.dll
[2009-11-05 18:36:21 | 26,768,832 | ---- | M] (Microsoft Corporation) -- H:\windows\System32\MRT.exe
[2009-11-04 22:21:52 | 00,001,374 | ---- | M] () -- H:\windows\imsins.BAK
[2009-10-28 21:32:45 | 00,001,061 | ---- | M] () -- H:\Documents and Settings\Mirek\Pulpit\Skrót do ArtificialAiming-Radar-v2.6.exe.lnk
[2009-10-27 18:23:47 | 00,000,063 | ---- | M] () -- H:\windows\vbaddin.ini
[2009-10-27 18:16:23 | 00,001,377 | ---- | M] () -- H:\windows\win.ini
[2009-10-25 19:38:28 | 00,469,914 | ---- | M] () -- H:\windows\System32\perfh015.dat
[2009-10-25 19:38:28 | 00,444,996 | ---- | M] () -- H:\windows\System32\perfh009.dat
[2009-10-25 19:38:28 | 00,072,962 | ---- | M] () -- H:\windows\System32\perfc015.dat
[2009-10-25 19:38:28 | 00,072,428 | ---- | M] () -- H:\windows\System32\perfc009.dat
[2009-10-25 11:24:07 | 00,525,946 | ---- | M] () -- H:\windows\System32\PerfStringBackup.INI
[2009-10-22 19:06:15 | 00,000,933 | ---- | M] () -- H:\Documents and Settings\Mirek\Pulpit\Skrót do Run_S.T.A.L.K.E.R Clear Sky.cmd.lnk
[2009-10-21 18:29:37 | 00,000,600 | ---- | M] () -- H:\Documents and Settings\Mirek\Dane aplikacji\winscp.rnd
[2009-10-21 17:42:25 | 00,000,606 | ---- | M] () -- H:\Documents and Settings\Mirek\Pulpit\WinSCP.lnk
[7 H:\windows\System32\*.tmp files -> H:\windows\System32\*.tmp -> ]
[4 H:\windows\*.tmp files -> H:\windows\*.tmp -> ]
[1 H:\Documents and Settings\Mirek\Pulpit\*.tmp files -> H:\Documents and Settings\Mirek\Pulpit\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2009-11-18 20:39:53 | 00,001,723 | ---- | C] () -- H:\Documents and Settings\Mirek\Pulpit\The Sims™ 3.lnk
[2009-11-12 17:51:14 | 00,014,042 | ---- | C] () -- H:\Documents and Settings\Mirek\Pulpit\Pod hasłem.docx
[2009-11-10 21:45:34 | 00,000,844 | ---- | C] () -- H:\Documents and Settings\All Users\Pulpit\ACP.lnk
[2009-11-09 14:37:42 | 00,001,553 | ---- | C] () -- H:\Documents and Settings\All Users\Pulpit\Settlers IV - Z³ota Edycja.lnk
[2009-11-06 03:14:42 | 00,041,872 | ---- | C] () -- H:\windows\System32\xfcodec.dll
[2009-11-04 22:21:49 | 00,001,374 | ---- | C] () -- H:\windows\imsins.BAK
[2009-10-30 17:43:27 | 00,005,174 | ---- | C] () -- H:\windows\System32\nppt9x.vxd
[2009-10-30 17:41:06 | 05,586,046 | ---- | C] () -- H:\Documents and Settings\Mirek\Pulpit\Giran_Village_T.utx
[2009-10-28 21:32:45 | 00,001,061 | ---- | C] () -- H:\Documents and Settings\Mirek\Pulpit\Skrót do ArtificialAiming-Radar-v2.6.exe.lnk
[2009-10-23 23:52:32 | 00,427,668 | ---- | C] () -- H:\Documents and Settings\Mirek\Pulpit\l2.exe
[2009-10-22 19:06:15 | 00,000,933 | ---- | C] () -- H:\Documents and Settings\Mirek\Pulpit\Skrót do Run_S.T.A.L.K.E.R Clear Sky.cmd.lnk
[2009-10-21 17:42:25 | 00,000,606 | ---- | C] () -- H:\Documents and Settings\Mirek\Pulpit\WinSCP.lnk
[2009-09-11 18:14:09 | 00,000,250 | ---- | C] () -- H:\windows\XIIIHooligans.ini
[2009-09-07 21:25:07 | 02,647,236 | -H-- | C] () -- H:\Documents and Settings\Mirek\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-08-08 17:48:17 | 00,002,603 | ---- | C] () -- H:\windows\l2control.ini
[2009-06-06 21:49:05 | 00,000,046 | ---- | C] () -- H:\windows\adiras.ini
[2009-06-06 21:29:38 | 00,028,672 | R--- | C] () -- H:\windows\System32\adinst32.dll
[2009-04-21 23:19:06 | 00,172,173 | ---- | C] () -- H:\windows\System32\xlive.dll.cat
[2009-02-13 15:18:26 | 00,020,480 | ---- | C] () -- H:\windows\System32\H@tKeysH@@k.DLL
[2008-11-29 20:50:54 | 00,000,082 | ---- | C] () -- H:\windows\mafosav.INI
[2008-11-29 19:50:52 | 00,000,000 | ---- | C] () -- H:\windows\System32\msexcr.ini
[2008-11-26 23:33:50 | 00,001,268 | ---- | C] () -- H:\windows\bestplayer.ini
[2008-11-09 23:53:37 | 00,000,094 | ---- | C] () -- H:\windows\bpw.ini
[2008-10-30 16:09:45 | 00,000,600 | ---- | C] () -- H:\Documents and Settings\Mirek\Dane aplikacji\winscp.rnd
[2008-10-07 08:13:30 | 00,197,912 | ---- | C] () -- H:\windows\System32\physxcudart_20.dll
[2008-10-07 08:13:22 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelSwedish.dll
[2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelSpanish.dll
[2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelPortugese.dll
[2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelKorean.dll
[2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelJapanese.dll
[2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelGerman.dll
[2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- H:\windows\System32\AgCPanelFrench.dll
[2008-10-02 14:03:36 | 00,002,243 | ---- | C] () -- H:\windows\wincmd.ini
[2008-09-22 14:57:56 | 00,000,110 | ---- | C] () -- H:\windows\GMouse.ini
[2008-07-16 17:27:27 | 00,001,045 | ---- | C] () -- H:\windows\ARPR.INI
[2008-06-30 17:49:13 | 00,181,248 | ---- | C] () -- H:\windows\System32\PPUNINST.dll
[2008-06-30 17:49:13 | 00,036,864 | ---- | C] () -- H:\windows\System32\PDUNINST.DLL
[2008-06-06 14:25:59 | 00,860,211 | --S- | C] () -- H:\windows\System32\XSIFtk-3.6.2.1.dll
[2008-04-24 17:31:29 | 00,000,000 | ---- | C] () -- H:\windows\PROTOCOL.INI
[2008-04-24 17:01:25 | 00,000,952 | -HS- | C] () -- H:\windows\System32\KGyGaAvL.sys
[2008-04-24 17:01:25 | 00,000,088 | RHS- | C] () -- H:\windows\System32\86981EB56D.sys
[2008-03-04 13:01:35 | 00,014,848 | ---- | C] () -- H:\windows\System32\combddin.dll
[2008-01-19 23:30:09 | 00,000,097 | ---- | C] () -- H:\windows\System32\PICSDK.ini
[2008-01-19 23:09:16 | 00,000,026 | ---- | C] () -- H:\windows\CDE DX4400DEFGIPS.ini
[2008-01-03 15:39:44 | 00,404,992 | ---- | C] () -- H:\windows\System32\libmplayer.dll
[2008-01-03 15:39:25 | 00,122,880 | ---- | C] () -- H:\windows\System32\libmpeg2_ff.dll
[2008-01-03 15:39:21 | 03,097,088 | ---- | C] () -- H:\windows\System32\libavcodec.dll
[2008-01-03 15:38:43 | 00,026,624 | ---- | C] () -- H:\windows\System32\ff_wmv9.dll
[2008-01-03 15:38:39 | 00,056,320 | ---- | C] () -- H:\windows\System32\ff_unrar.dll
[2008-01-03 15:38:36 | 00,102,912 | ---- | C] () -- H:\windows\System32\ff_tremor.dll
[2008-01-03 15:38:28 | 00,188,416 | ---- | C] () -- H:\windows\System32\ff_theora.dll
[2008-01-03 15:38:20 | 00,118,784 | ---- | C] () -- H:\windows\System32\ff_realaac.dll
[2008-01-03 15:38:15 | 00,143,360 | ---- | C] () -- H:\windows\System32\ff_libmad.dll
[2008-01-03 15:38:10 | 00,397,312 | ---- | C] () -- H:\windows\System32\ff_libfaad2.dll
[2008-01-03 15:37:58 | 00,167,936 | ---- | C] () -- H:\windows\System32\ff_libdts.dll
[2008-01-03 15:37:53 | 00,054,784 | ---- | C] () -- H:\windows\System32\ff_liba52.dll
[2008-01-03 15:37:26 | 00,009,216 | ---- | C] () -- H:\windows\System32\cpuinf32.dll
[2008-01-03 15:36:11 | 01,559,040 | ---- | C] () -- H:\windows\System32\xvidcore.dll
[2008-01-03 15:35:36 | 00,123,392 | ---- | C] () -- H:\windows\System32\ogm.dll
[2008-01-03 15:35:31 | 00,110,592 | ---- | C] () -- H:\windows\System32\avi.dll
[2008-01-03 15:35:19 | 00,167,936 | ---- | C] () -- H:\windows\System32\ts.dll
[2008-01-03 15:35:10 | 00,142,848 | ---- | C] () -- H:\windows\System32\mp4.dll
[2008-01-03 15:35:05 | 00,079,360 | ---- | C] () -- H:\windows\System32\mkzlib.dll
[2008-01-03 15:35:00 | 00,151,040 | ---- | C] () -- H:\windows\System32\mkx.dll
[2008-01-03 15:34:49 | 00,023,552 | ---- | C] () -- H:\windows\System32\mkunicode.dll
[2007-12-19 10:41:43 | 00,237,568 | ---- | C] () -- H:\windows\System32\lame_enc.dll
[2007-12-17 20:24:59 | 00,000,118 | ---- | C] () -- H:\windows\cdplayer.ini
[2007-12-17 19:26:35 | 00,034,308 | ---- | C] () -- H:\windows\System32\BASSMOD.dll
[2007-12-17 19:18:17 | 00,006,852 | ---- | C] () -- H:\windows\System32\drivers\Vcs.sys
[2007-11-27 19:21:44 | 00,138,576 | ---- | C] () -- H:\windows\System32\drivers\PnkBstrK.sys
[2007-11-27 19:21:44 | 00,022,328 | ---- | C] () -- H:\Documents and Settings\Mirek\Dane aplikacji\PnkBstrK.sys
[2007-11-22 14:46:32 | 00,000,319 | ---- | C] () -- H:\windows\game.ini
[2007-10-04 12:28:37 | 00,000,360 | ---- | C] () -- H:\windows\Makao.ini
[2007-09-29 08:50:08 | 00,000,160 | ---- | C] () -- H:\windows\Ricochet Lost WorldsCD.INI
[2007-08-31 20:54:22 | 00,000,202 | ---- | C] () -- H:\windows\ROM2 Map Editor.INI
[2007-04-23 09:49:42 | 00,000,116 | ---- | C] () -- H:\windows\NeroDigital.ini
[2007-04-19 14:22:51 | 00,000,189 | ---- | C] () -- H:\windows\GSdx9-sse2.INI
[2007-04-19 14:17:42 | 00,000,189 | ---- | C] () -- H:\windows\GSdx9-sse-TT.INI
[2007-04-12 18:18:39 | 00,000,196 | ---- | C] () -- H:\windows\GSdx9-sse2-icc-TT.INI
[2007-03-01 12:27:05 | 00,000,564 | ---- | C] () -- H:\windows\ODBC.INI
[2007-01-12 14:45:09 | 00,000,183 | ---- | C] () -- H:\windows\disneysy.ini
[2007-01-07 22:52:12 | 00,000,151 | ---- | C] () -- H:\windows\PhotoSnapViewer.INI
[2007-01-06 21:31:03 | 00,017,920 | ---- | C] () -- H:\windows\System32\IMPLODE.DLL
[2007-01-01 19:01:11 | 00,069,632 | R--- | C] () -- H:\windows\System32\xmltok.dll
[2007-01-01 19:01:11 | 00,036,864 | R--- | C] () -- H:\windows\System32\xmlparse.dll
[2006-12-18 15:03:46 | 00,716,272 | ---- | C] () -- H:\windows\System32\drivers\sptd.sys
[2006-12-16 12:20:58 | 00,000,155 | ---- | C] () -- H:\windows\winamp.ini
[2006-12-12 20:59:02 | 00,000,095 | ---- | C] () -- H:\windows\alik.ini
[2006-12-11 18:27:26 | 00,012,538 | ---- | C] () -- H:\Program Files\INSTALL.LOG
[2006-12-11 18:27:25 | 00,129,024 | ---- | C] () -- H:\Program Files\UNWISE.EXE
[2006-12-09 12:44:18 | 00,056,320 | R--- | C] () -- H:\windows\System32\Iyvu9_32.dll
[2006-12-09 12:44:11 | 00,010,240 | ---- | C] () -- H:\windows\System32\vidx16.dll
[2006-12-07 17:35:43 | 00,061,952 | ---- | C] () -- H:\Documents and Settings\Mirek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006-12-02 08:49:41 | 00,271,360 | ---- | C] () -- H:\windows\System32\drivers\atksgt.sys
[2006-12-02 08:49:40 | 00,018,048 | ---- | C] () -- H:\windows\System32\drivers\lirsgt.sys
[2006-12-01 18:15:26 | 00,001,866 | ---- | C] () -- H:\windows\disney.ini
[2006-11-28 15:58:55 | 00,000,023 | ---- | C] () -- H:\windows\BlendSettings.ini
[2006-11-28 13:16:03 | 00,000,227 | ---- | C] () -- H:\windows\RtlRack.ini
[2006-11-28 13:15:40 | 00,147,456 | ---- | C] () -- H:\windows\System32\RtlCPAPI.dll
[2006-11-28 13:08:08 | 00,000,092 | ---- | C] () -- H:\windows\CMISETUP.INI
[2006-11-28 13:08:07 | 00,000,057 | ---- | C] () -- H:\windows\Wininit.ini
[2006-11-28 13:08:07 | 00,000,026 | ---- | C] () -- H:\windows\CMCDPLAY.INI
[2006-11-28 13:08:06 | 00,028,672 | ---- | C] () -- H:\windows\System32\cmirmdrv.dll
[2006-11-28 13:07:59 | 00,028,672 | ---- | C] () -- H:\windows\CMIRmDriver.dll
[2006-11-28 12:30:46 | 00,000,130 | ---- | C] () -- H:\Documents and Settings\Mirek\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2006-11-27 16:14:59 | 00,074,008 | ---- | C] () -- H:\Documents and Settings\Mirek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2006-11-27 10:15:52 | 00,000,062 | -HS- | C] () -- H:\Documents and Settings\All Users\Dane aplikacji\desktop.ini
[2006-11-27 10:08:49 | 00,000,062 | -HS- | C] () -- H:\Documents and Settings\Mirek\Dane aplikacji\desktop.ini
[2006-06-29 13:58:52 | 00,030,808 | ---- | C] () -- H:\windows\Fonts\GlobalUserInterface.CompositeFont
[2006-06-29 13:53:56 | 00,026,489 | ---- | C] () -- H:\windows\Fonts\GlobalSansSerif.CompositeFont
[2006-04-18 14:39:28 | 00,029,779 | ---- | C] () -- H:\windows\Fonts\GlobalSerif.CompositeFont
[2006-04-18 14:39:28 | 00,026,040 | ---- | C] () -- H:\windows\Fonts\GlobalMonospace.CompositeFont
[2005-12-07 12:31:00 | 00,202,752 | R--- | C] () -- H:\windows\System32\CddbCdda.dll
[2004-09-02 03:33:56 | 00,045,056 | ---- | C] () -- H:\windows\System32\xfire_lsp_9028.dll
[2003-09-16 16:41:44 | 00,045,056 | R--- | C] () -- H:\windows\System32\ogg.dll
[2002-10-06 19:42:58 | 00,237,568 | R--- | C] () -- H:\windows\System32\OggDS.dll
[2002-10-05 00:04:26 | 00,921,600 | R--- | C] () -- H:\windows\System32\vorbisenc.dll
[2002-10-05 00:04:26 | 00,188,416 | R--- | C] () -- H:\windows\System32\vorbis.dll
[2001-07-21 23:16:20 | 00,001,377 | ---- | C] () -- H:\windows\win.ini
[2001-07-21 23:15:52 | 00,000,231 | ---- | C] () -- H:\windows\system.ini
[1999-01-22 17:46:58 | 00,065,536 | ---- | C] () -- H:\windows\System32\MSRTEDIT.DLL

[color=#E56717]========== LOP Check ==========[/color]

[2009-02-20 16:14:22 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\2DBoy
[2007-12-23 10:43:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\ArcaBit
[2009-09-10 18:37:57 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\ATI
[2007-12-09 21:47:06 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Awem
[2007-10-25 15:04:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Azureus
[2008-12-02 15:43:22 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Blizzard
[2007-04-18 20:04:47 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\BOONTY
[2008-04-24 16:59:10 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Corel
[2008-02-02 20:20:36 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Downloaded Installations
[2009-06-06 00:41:20 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2008-01-19 23:48:15 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\EPSON
[2008-11-04 15:49:11 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Fugazo
[2007-12-10 15:28:35 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\InterAction studios
[2007-10-18 18:19:29 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Last.fm
[2007-04-18 20:04:53 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\MumboJumbo
[2007-10-03 19:51:03 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\n7-89-o9-3r-4t-r9
[2007-10-18 18:17:48 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks
[2008-02-02 19:31:11 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2008-05-13 18:39:08 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\PlayPond
[2008-08-25 19:27:22 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Screaming Bee
[2008-05-16 19:15:38 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\TechSmith
[2009-11-11 00:02:32 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2007-04-23 13:46:49 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited
[2008-01-10 20:40:13 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software
[2009-09-08 18:20:37 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Ubisoft
[2008-01-19 23:32:19 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\UDL
[2007-07-08 12:25:51 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\Urban FreeStyle Soccer
[2009-08-12 20:28:09 | 00,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Dane aplikacji\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2007-12-23 01:25:54 | 00,000,000 | ---D | M] -- H:\Documents and Settings\LocalService\Dane aplikacji\ArcaBit
[2007-11-25 18:27:44 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\.BitTornado
[2008-04-03 17:40:15 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Ambient Design
[2009-09-10 18:37:57 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\ATI
[2007-10-25 15:19:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Azureus
[2007-10-22 13:58:46 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\BitSpirit
[2008-10-29 17:18:56 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\cmw
[2007-12-19 10:43:34 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\concept design
[2008-04-24 17:01:24 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Corel
[2008-03-04 09:51:12 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\DAEMON Tools
[2008-06-29 18:27:39 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Datalayer
[2007-01-13 11:34:23 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Desperate Housewives
[2008-03-28 16:47:53 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Dev-Cpp
[2009-11-20 16:01:33 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\DMCache
[2008-10-02 20:44:30 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\EPSON
[2008-06-20 20:17:51 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\FarmingSimulator2008
[2008-11-08 22:00:35 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\fretsonfire
[2007-10-30 15:38:53 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Gadu-Gadu
[2007-10-03 19:50:58 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\GameHouse
[2008-11-08 10:32:39 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Gamelab
[2008-09-11 19:42:59 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\gtk-2.0
[2009-10-09 19:31:46 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\IDM
[2008-07-08 15:31:49 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\ImgBurn
[2006-11-30 08:26:41 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\InterTrust
[2007-12-13 16:42:25 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\iWin
[2006-12-18 15:32:43 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Leadertech
[2008-05-14 18:05:16 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\LEGO Company
[2007-12-13 15:17:54 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Magic Academy
[2009-11-02 15:45:18 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\MegauploadToolbar
[2008-02-26 17:13:17 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Meridian93
[2008-08-13 11:36:29 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\MetaProducts
[2008-02-02 19:32:32 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Nokia
[2008-02-06 14:42:16 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Nokia Multimedia Player
[2009-10-11 22:09:17 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Nowe Gadu-Gadu
[2008-01-11 22:24:52 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Opera
[2008-02-02 19:31:14 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\PC Suite
[2009-06-03 21:49:05 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Red Kawa
[2008-08-25 19:27:23 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Screaming Bee
[2007-03-06 17:25:38 | 00,000,000 | RH-D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\SecuROM
[2007-12-21 21:12:14 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Soldat
[2008-08-20 11:56:41 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\SPORE Creature Creator
[2008-03-31 21:03:58 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Subversion
[2009-06-01 18:15:34 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\TeamViewer
[2009-05-25 22:11:36 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\TechSmith
[2009-06-22 22:47:00 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Teeworlds
[2007-12-20 23:09:25 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Thinstall
[2008-12-21 11:21:29 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Tibia
[2008-01-10 20:40:27 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\TuneUp Software
[2008-03-04 13:01:35 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Ubisoft
[2007-12-18 10:17:22 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\URSoft
[2007-11-19 17:43:55 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\Wildfire
[2008-04-28 16:04:49 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\WoDBO
[2009-09-20 13:42:40 | 00,000,000 | ---D | M] -- H:\Documents and Settings\Mirek\Dane aplikacji\XRay Engine
[2009-11-13 17:15:51 | 00,000,376 | ---- | M] () -- H:\windows\Tasks\1-Click Maintenance.job
[2001-07-21 23:17:50 | 00,000,065 | RH-- | M] () -- H:\windows\Tasks\desktop.ini
[2009-11-20 16:00:02 | 00,000,540 | ---- | M] () -- H:\windows\Tasks\Konserwacja jednym kliknięciem.job
[2009-11-20 15:11:23 | 00,000,006 | -H-- | M] () -- H:\windows\Tasks\SA.DAT
[2009-11-20 15:11:45 | 00,000,260 | ---- | M] () -- H:\windows\Tasks\WGASetup.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 225 bytes -> H:\Documents and Settings\All Users\Dane aplikacji\TEMP:4EE74317
@Alternate Data Stream - 168 bytes -> H:\Documents and Settings\All Users\Dane aplikacji\TEMP:B3D74A13
< End of report >[/log]

Dodam, że gdy próbuje zamknąć plik services.exe nie mogę go zamknąć i wyskakuje okioenko z napisem: "Menadzer nie może zamknąć tego procesu, gdyż jest to krytyczny proces systemu."
Przepraszam, za double posta, ale mam takiego lagga, że nie mogę edytować postów.

Dodam, że gdy próbuje zamknąć plik services.exe nie mogę go zamknąć i wyskakuje okioenko z napisem: "Menadzer nie może zamknąć tego procesu, gdyż jest to krytyczny proces systemu."
Przepraszam, za double posta, ale mam takiego lagga, że nie mogę edytować postów.
Acha i jeszcze jedno, ściągnąłem tą avirę, ale gdy chcę ją zainstalować (klikam dwuklikiem/prawy potem otworz) nic się nie dzieje.

Psycholandia
komentarz
komentarz

1. Usuń Bonjour: http://andziorka.wordpress.com/2009/11/09/usuwanie-bonjour/
2. W okienko OTL wklej poniższy skrypt i klik na Run Fix:

[code]:Processes
explorer.exe

:OTL
O2 - BHO: (no name) - {85F685C3-20D9-4943-95E4-EB4224056C3F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {85F685C3-20D9-4943-95E4-EB4224056C3F} - No CLSID value found.
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Reg Error: Key error.)
O32 - AutoRun File - [2008-10-22 00:48:37 | 00,000,045 | R--- | M] () - D:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2008-04-04 23:02:44 | 00,000,000 | ---D | M] - H:\Automap -- [ NTFS ]
O33 - MountPoints2\{82a39c31-bb03-11de-827e-001e7418ab07}\Shell\AutoRun\command - "" = C:\3n8awsyg.exe -- File not found
O33 - MountPoints2\{82a39c31-bb03-11de-827e-001e7418ab07}\Shell\open\Command - "" = C:\3n8awsyg.exe -- File not found
O33 - MountPoints2\{a8738290-f628-11dd-80cd-4d6564696130}\Shell - "" = AutoRun
O33 - MountPoints2\{f716887c-7df6-11db-b6d8-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{f716887c-7df6-11db-b6d8-806d6172696f}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2009-04-30 03:57:32 | 00,054,544 | R--- | M] (Electronic Arts)
O33 - MountPoints2\{fc57172e-9c44-11de-822c-001e7418ab07}\Shell\AutoRun\command - "" = 86l2qw.bat
O33 - MountPoints2\{fc57172e-9c44-11de-822c-001e7418ab07}\Shell\open\Command - "" = 86l2qw.bat

:Files
H:\WINDOWS\patch.exe
H:\windows\System32\86981EB56D.sys

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]

3. Otwórz notatnik tekstowy i wklej do niego poniższy tekst: [code]Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]
[/code]
Zapisz jako->Wybierz [b]Wszystkie pliki[/b]->wpisz [b]Fix.reg[/b]->Następnie kliknij na zapisany plik i uruchom komputer ponownie.

4. Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware)

BioToxic
komentarz
komentarz

Zrobiłem tak jak trzeba(oprócz pkt 4), ale nadal servicess pożera cały procesor. Na dodatek chyba nie działa Internet a podczas wylaczania komputera powstają błędy ( zakończ teraz) takich programów:realsched.exe , CRTMediaController , miernik energii

Psycholandia
komentarz
komentarz

[quote]6. CWShredder obciąża proces services.exe na 100%CPU

Dotyczy to systemów Windows 2000/XP/2003 i jest związane z faktem korzystania z pliku HOSTS do blokowania szpegowskich stron. Usługa Klient DNS stoi w konflikcie z CWShredderem powodując również pady procesu services.exe w momencie próby podglądnięcia lub wyczyszczenia cache DNS. Obejściem problemu jest całkowite skasowanie pliku HOSTS. Można też po prostu wyłączyć usługę Klient DNS.

Start >>> Run (Uruchom) >>> services.msc

i po kliknięciu podwójnie w usługę Klient DNS ustaw jej Typ Startowana na Wyłączona. Po akcji restart kompa.[/quote]
[i]Źródło: http://www.searchengines.pl/index.php?showtopic=14185[/i]

BioToxic
komentarz
komentarz

Zrobiłem tak jak kazales, najpierrw wylaczylem dnsy, nie podzialalo (robiłem restart) usunalem plik host nadal to samo services.exe cały czas zabiera 100% cpu.

@Edite: Zrobiłem dziś format'a, dzięki za próbę pomocy. Pozdrawiam.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.