lillac utworzono 17 marca 2010 utworzono 17 marca 2010 Witam, Avira wykryla w pliku C:\WINDOWS\system32\drivers\spqef.sys trojana TR/Rootkit.Gen. Ponizej zalaczam logi OTL oraz z aviry i gmera. Bardzo prosze o pomoc i ,,łopatologiczne" objaśnienie jak pozbyć sie wirusa.Probowalam uzyc combofixa ale po jakims czasie wyrzuca mnie z niego a podczas ładowania pojawia sie informacja, ze nie wszystkie pliki zostały załdowane. Z gory dziekuje za pomoc [log]OTL logfile created on: 2010-03-17 08:08:06 - Run 1 OTL by OldTimer - Version 3.1.37.2 Folder = C:\Documents and Settings\Gosia\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 511,00 Mb Total Physical Memory | 139,00 Mb Available Physical Memory | 27,00% Memory free 1,00 Gb Paging File | 1,00 Gb Available in Paging File | 60,00% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37,26 Gb Total Space | 21,80 Gb Free Space | 58,51% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: GOSIA Current User Name: Gosia Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 14 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-03-17 08:07:27 | 000,556,032 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gosia\Pulpit\OTL.exe PRC - [2009-12-18 14:05:43 | 000,634,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe PRC - [2009-08-06 18:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe PRC - [2009-07-21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2009-06-17 08:49:03 | 000,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2009-06-17 08:49:02 | 000,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2009-05-13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2009-03-02 12:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2009-02-09 10:55:23 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2009-02-06 17:50:38 | 003,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe PRC - [2009-02-06 10:41:05 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2008-11-07 14:28:16 | 000,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2008-10-25 11:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe PRC - [2008-10-25 08:18:50 | 000,098,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE PRC - [2008-03-17 17:32:39 | 000,032,768 | ---- | M] (Logitech) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe PRC - [2008-02-06 18:37:52 | 021,898,024 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe PRC - [2008-02-06 18:37:52 | 002,051,016 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe PRC - [2008-01-11 21:16:00 | 000,039,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe PRC - [2007-08-31 21:02:36 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe PRC - [2007-06-13 14:23:49 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-05-08 15:24:20 | 000,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe PRC - [2006-09-11 04:40:32 | 000,218,032 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe PRC - [2006-06-29 12:13:32 | 001,032,192 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe PRC - [2006-06-29 12:12:34 | 000,376,832 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe PRC - [2006-02-19 05:24:52 | 000,239,320 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe PRC - [2006-02-19 04:21:22 | 000,288,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe PRC - [2005-12-19 09:08:42 | 001,347,584 | ---- | M] (Dell Inc.) -- C:\WINDOWS\system32\WLTRAY.EXE PRC - [2005-12-19 09:08:42 | 000,018,944 | ---- | M] () -- C:\WINDOWS\system32\WLTRYSVC.EXE PRC - [2005-12-19 09:08:40 | 001,200,128 | ---- | M] (Dell Inc.) -- C:\WINDOWS\system32\BCMWLTRY.EXE PRC - [2005-11-10 22:43:12 | 000,389,120 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2005-11-10 21:05:00 | 000,344,064 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe PRC - [2005-10-07 14:13:38 | 000,176,128 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe PRC - [2005-09-07 06:33:20 | 000,434,176 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Video\CameraAssistant.exe PRC - [2005-09-01 13:11:52 | 000,081,920 | ---- | M] (Logitech Inc.) -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe PRC - [2005-09-01 13:04:44 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE PRC - [2005-07-27 16:41:08 | 000,045,056 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe PRC - [2005-06-11 00:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2005-01-28 13:44:28 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe PRC - [2004-11-01 18:22:22 | 000,262,144 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\ElkCtrl.exe PRC - [2004-08-04 13:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2004-08-04 13:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe PRC - [2004-08-04 13:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scardsvr.exe PRC - [2004-08-04 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2004-08-04 13:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2004-08-04 13:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2004-08-04 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2004-08-04 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2004-08-04 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2004-08-04 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-04 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2004-08-04 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2004-08-04 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2004-08-04 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2004-08-04 13:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2004-06-28 23:56:12 | 000,045,056 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\hidfind.exe PRC - [2002-02-14 11:48:06 | 000,299,008 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\LEXBCES.EXE PRC - [2002-01-28 13:48:50 | 000,885,760 | ---- | M] (Lexmark International Inc.) -- C:\WINDOWS\system32\LXSUPMON.EXE PRC - [2002-01-24 10:09:56 | 000,174,592 | ---- | M] () -- C:\WINDOWS\system32\LEXPPS.EXE [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-03-17 08:07:27 | 000,556,032 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gosia\Pulpit\OTL.exe MOD - [2009-12-08 10:01:26 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2009-06-25 09:23:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2009-04-15 16:18:19 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2009-03-21 15:21:24 | 001,014,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2009-02-27 06:08:39 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime MOD - [2009-02-09 11:03:55 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2009-02-09 11:03:55 | 000,687,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-10-23 14:01:37 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-07-03 14:03:38 | 008,489,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-03-17 17:32:39 | 000,024,613 | ---- | M] (BackWeb) -- C:\Documents and Settings\Gosia\Ustawienia lokalne\temp\IadHide5.dll MOD - [2008-02-26 13:01:52 | 000,294,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll MOD - [2007-12-04 19:42:02 | 000,550,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2007-03-08 16:38:47 | 000,579,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2006-08-25 16:51:13 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2005-09-01 13:11:52 | 000,081,920 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll MOD - [2005-07-26 05:42:36 | 001,284,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2004-08-04 13:00:00 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2004-08-04 13:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2004-08-04 13:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2004-08-04 13:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2004-08-04 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2004-08-04 13:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2004-08-04 13:00:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll MOD - [2004-08-04 13:00:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2004-08-04 13:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2004-08-04 13:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2004-08-04 13:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2004-08-04 00:44:02 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ksuser.dll [color=#E56717]========== Win32 Services (All) ==========[/color] SRV - [2009-07-21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009-06-17 08:49:02 | 000,152,984 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2009-06-10 07:31:55 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation) SRV - [2009-05-13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009-02-09 11:03:55 | 000,687,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi) SRV - [2009-02-09 11:03:55 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs) Zdalne wywoływanie procedur (RPC) SRV - [2009-02-09 11:03:55 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch) SRV - [2009-02-09 10:55:23 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay) SRV - [2009-02-09 10:55:23 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog) SRV - [2009-01-06 13:06:24 | 000,536,872 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service) SRV - [2008-11-07 14:28:16 | 000,132,424 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2008-11-04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2008-10-25 11:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) SRV - [2008-07-29 20:10:04 | 000,046,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0) SRV - [2008-07-29 18:24:50 | 000,881,664 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc) SRV - [2008-07-29 18:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2008-07-25 10:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008-07-25 10:16:40 | 000,034,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state) SRV - [2008-07-14 07:26:39 | 000,138,168 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc) SRV - [2008-07-07 21:33:22 | 000,253,952 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\es.dll -- (EventSystem) SRV - [2008-06-20 18:42:21 | 000,246,784 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla) Rozpoznawanie lokalizacji w sieci (NLA) SRV - [2008-02-20 06:38:07 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache) SRV - [2007-09-06 16:10:26 | 001,010,160 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9) SRV - [2007-08-09 08:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) SRV - [2007-07-11 09:33:28 | 000,069,632 | R--- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr) SRV - [2007-02-05 21:19:48 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost) SRV - [2006-12-19 22:51:04 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes) SRV - [2006-12-19 22:51:04 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection) SRV - [2006-12-19 22:51:04 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility) SRV - [2006-12-19 19:18:25 | 000,334,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Windows Image Acquisition (WIA) SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2006-10-13 13:41:11 | 000,065,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\nwwks.dll -- (NWCWorkstation) SRV - [2006-06-29 12:12:34 | 000,376,832 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC) SRV - [2006-06-22 11:54:46 | 000,181,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan) SRV - [2006-05-19 14:26:53 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp) SRV - [2006-01-04 04:36:30 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient) SRV - [2005-12-19 09:08:42 | 000,018,944 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\WLTRYSVC.EXE -- (wltrysvc) SRV - [2005-11-10 22:43:12 | 000,389,120 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller) SRV - [2005-09-01 13:11:52 | 000,081,920 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2005-08-22 19:36:16 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman) SRV - [2005-07-08 17:29:17 | 000,249,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv) SRV - [2005-06-11 00:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler) SRV - [2005-05-04 14:45:36 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer) SRV - [2005-01-28 13:44:28 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf) SRV - [2005-01-28 13:44:28 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\MsPMSNSv.dll -- (WmdmPmSN) SRV - [2004-12-07 20:34:12 | 000,096,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver) SRV - [2004-10-22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2004-09-30 18:51:27 | 000,027,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\irmon.dll -- (Irmon) SRV - [2004-08-04 13:00:00 | 000,435,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc) SRV - [2004-08-04 13:00:00 | 000,382,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qmgr.dll -- (BITS) SRV - [2004-08-04 13:00:00 | 000,359,936 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC) SRV - [2004-08-04 13:00:00 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess) SRV - [2004-08-04 13:00:00 | 000,296,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService) SRV - [2004-08-04 13:00:00 | 000,291,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS) SRV - [2004-08-04 13:00:00 | 000,225,280 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin) SRV - [2004-08-04 13:00:00 | 000,192,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule) SRV - [2004-08-04 13:00:00 | 000,175,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\w32time.dll -- (W32Time) SRV - [2004-08-04 13:00:00 | 000,172,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\appmgmts.dll -- (AppMgmt) SRV - [2004-08-04 13:00:00 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice) SRV - [2004-08-04 13:00:00 | 000,150,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService) SRV - [2004-08-04 13:00:00 | 000,145,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt) SRV - [2004-08-04 13:00:00 | 000,141,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr) SRV - [2004-08-04 13:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP) SRV - [2004-08-04 13:00:00 | 000,129,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov) SRV - [2004-08-04 13:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv) SRV - [2004-08-04 13:00:00 | 000,114,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm) SRV - [2004-08-04 13:00:00 | 000,114,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE) SRV - [2004-08-04 13:00:00 | 000,098,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr) SRV - [2004-08-04 13:00:00 | 000,091,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog) SRV - [2004-08-04 13:00:00 | 000,090,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks) SRV - [2004-08-04 13:00:00 | 000,089,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto) SRV - [2004-08-04 13:00:00 | 000,081,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc) SRV - [2004-08-04 13:00:00 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\browser.dll -- (Browser) SRV - [2004-08-04 13:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr) SRV - [2004-08-04 13:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator) Lokalizator usługi zdalnego wywołania procedury (RPC) SRV - [2004-08-04 13:00:00 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV) SRV - [2004-08-04 13:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc) SRV - [2004-08-04 13:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry) SRV - [2004-08-04 13:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess) SRV - [2004-08-04 13:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG) SRV - [2004-08-04 13:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv) SRV - [2004-08-04 13:00:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\sens.dll -- (SENS) SRV - [2004-08-04 13:00:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc) SRV - [2004-08-04 13:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger) SRV - [2004-08-04 13:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv) SRV - [2004-08-04 13:00:00 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc) SRV - [2004-08-04 13:00:00 | 000,024,064 | ---- | M] (Microsoft Corp.) [On_Demand | Stopped] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver) SRV - [2004-08-04 13:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc) SRV - [2004-08-04 13:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon) SRV - [2004-08-04 13:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ups.exe -- (UPS) Zasilacz awaryjny (UPS) SRV - [2004-08-04 13:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter) SRV - [2004-08-04 13:00:00 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter) SRV - [2004-08-04 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\svchost.exe -- (HidServ) SRV - [2004-08-04 13:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts) SRV - [2004-08-04 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs) SRV - [2004-08-04 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage) SRV - [2004-08-04 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent) SRV - [2004-08-04 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp) SRV - [2004-08-04 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon) SRV - [2004-08-04 13:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv) SRV - [2004-08-04 13:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC) SRV - [2004-08-04 13:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc) SRV - [2004-08-04 13:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv) SRV - [2004-08-04 13:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp) SRV - [2002-02-14 11:48:06 | 000,299,008 | ---- | M] (Lexmark International, Inc.) [Auto | Running] -- C:\WINDOWS\system32\LEXBCES.EXE -- (LexBceS) [color=#E56717]========== Driver Services (All) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ViaIde) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ultra) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (UIUSys) DRV - File not found [Kernel | Disabled | Stopped] -- -- (TosIde) DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc8xx) DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc810) DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_u3) DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_hi) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Sparrow) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Simbad) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1280) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1240) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql12160) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Ql10wnt) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1080) DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2hib) DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | Disabled | Stopped] -- -- (mraid35x) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ini910u) DRV - File not found [Kernel | Disabled | Stopped] -- -- (i2omp) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | Disabled | Stopped] -- -- (hpn) DRV - File not found [Kernel | Disabled | Stopped] -- -- (dpti2o) DRV - File not found [Kernel | Disabled | Stopped] -- -- (dac960nt) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Cpqarray) DRV - File not found [Kernel | Disabled | Stopped] -- -- (CmdIde) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | Disabled | Stopped] -- -- (cd20xrnt) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Atdisk) DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3550) DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3350p) DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc) DRV - File not found [Kernel | Disabled | Stopped] -- -- (amsint) DRV - File not found [Kernel | Disabled | Stopped] -- -- (AliIde) DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78xx) DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78u2) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Aha154x) DRV - File not found [Kernel | Disabled | Stopped] -- -- (adpu160m) DRV - File not found [Kernel | Disabled | Stopped] -- -- (abp480n5) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Abiosdsk) DRV - [2009-12-31 17:14:12 | 000,352,640 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv) DRV - [2009-12-20 12:22:02 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009-12-04 15:41:55 | 000,453,760 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb) DRV - [2009-10-20 15:58:48 | 000,263,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP) DRV - [2009-06-22 12:35:44 | 000,092,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ksecdd.sys -- (KSecDD) DRV - [2009-05-11 09:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009-03-30 09:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2009-02-13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008-08-14 10:51:43 | 000,138,368 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD) DRV - [2008-06-20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip) DRV - [2008-05-02 09:58:28 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2008-05-02 09:58:14 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2008-05-02 09:58:12 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2008-04-17 13:12:54 | 000,015,464 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2008-03-09 09:29:08 | 000,101,120 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2007-12-18 10:51:35 | 000,179,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV) DRV - [2007-11-13 11:25:55 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2007-08-31 21:07:24 | 000,039,408 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD DX\000.fcl -- ({1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}) DRV - [2007-07-26 03:00:00 | 000,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20) DRV - [2007-07-23 15:05:20 | 000,009,104 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLADResM.SYS -- (DLADResM) DRV - [2007-07-23 15:04:58 | 000,037,360 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS -- (DLABMFSM) DRV - [2007-07-23 15:04:56 | 000,098,448 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS -- (DLAUDF_M) DRV - [2007-07-23 15:04:56 | 000,093,552 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS -- (DLAUDFAM) DRV - [2007-07-23 15:04:54 | 000,027,216 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS -- (DLAOPIOM) DRV - [2007-07-23 15:04:52 | 000,032,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS -- (DLABOIOM) DRV - [2007-07-23 15:04:52 | 000,016,304 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS -- (DLAPoolM) DRV - [2007-07-23 15:04:50 | 000,108,752 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS -- (DLAIFS_M) DRV - [2007-07-23 14:55:44 | 000,099,808 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB) DRV - [2007-07-23 14:49:44 | 000,030,064 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M) DRV - [2007-07-23 14:49:44 | 000,014,576 | ---- | M] (Roxio) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS -- (DLACDBHM) DRV - [2007-07-23 14:43:42 | 000,052,000 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM) DRV - [2007-04-23 11:32:54 | 000,364,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\update.sys -- (Update) DRV - [2007-02-09 12:10:35 | 000,574,464 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\ntfs.sys -- (Ntfs) DRV - [2006-11-02 06:22:54 | 000,492,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdf01000.sys -- (Wdf01000) DRV - [2006-10-13 11:23:15 | 000,163,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nwrdr.sys -- (NWRDR) DRV - [2006-08-21 10:14:58 | 000,128,896 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\fltMgr.sys -- (FltMgr) DRV - [2006-06-14 10:00:45 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud) DRV - [2006-06-14 09:47:46 | 000,006,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter) DRV - [2006-06-14 09:47:45 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer) DRV - [2006-05-10 15:00:16 | 000,156,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k) DRV - [2006-05-05 10:47:57 | 000,174,592 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss) DRV - [2006-04-12 11:04:39 | 000,049,664 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412) DRV - [2006-04-12 11:04:39 | 000,021,568 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12) DRV - [2006-04-12 11:04:39 | 000,016,496 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12) DRV - [2006-02-21 04:39:38 | 000,058,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub) DRV - [2006-02-15 01:22:26 | 000,142,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec) DRV - [2005-12-06 16:11:18 | 000,035,328 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync03.sys -- (sfsync03) StarForce Protection Synchronization Driver (version 3.x) DRV - [2005-11-10 22:49:24 | 001,406,464 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2005-11-02 13:24:34 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX) DRV - [2005-10-26 00:39:41 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci) DRV - [2005-09-28 20:57:18 | 000,113,847 | R--- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2005-09-01 20:27:45 | 000,014,080 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService) DRV - [2005-09-01 20:24:44 | 001,081,856 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam Pro 5000(UVC) DRV - [2005-09-01 20:20:51 | 000,022,528 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2005-09-01 13:11:52 | 001,912,064 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (lvmvdrv) DRV - [2005-09-01 13:11:52 | 000,016,768 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPrcMon.sys -- (LVPrcMon) DRV - [2005-09-01 13:09:28 | 002,169,984 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (Lvckap) DRV - [2005-08-12 17:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV) DRV - [2005-08-10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2005-06-10 05:11:36 | 000,139,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rdpwd.sys -- (RDPWD) DRV - [2005-05-16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) DRV - [2005-05-03 15:09:28 | 001,033,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.SYS -- (HSF_DPV) DRV - [2005-05-03 15:08:50 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH) DRV - [2005-05-03 15:08:44 | 000,705,408 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2005-04-21 21:58:38 | 000,092,550 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ozscr.sys -- (OZSCR) DRV - [2005-04-05 19:43:07 | 000,039,904 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\cercsr6.sys -- (cercsr6) DRV - [2004-11-15 15:37:52 | 000,264,440 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97.sys -- (STAC97) Audio Driver (WDM) DRV - [2004-09-29 23:28:37 | 000,134,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat) DRV - [2004-08-04 13:00:00 | 000,800,000 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot) DRV - [2004-08-04 13:00:00 | 000,188,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ACPI.sys -- (ACPI) DRV - [2004-08-04 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ndis.sys -- (NDIS) DRV - [2004-08-04 13:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT) DRV - [2004-08-04 13:00:00 | 000,153,856 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio) DRV - [2004-08-04 13:00:00 | 000,143,360 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\fastfat.sys -- (Fastfat) DRV - [2004-08-04 13:00:00 | 000,125,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ftdisk.sys -- (Ftdisk) DRV - [2004-08-04 13:00:00 | 000,107,904 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\mup.sys -- (Mup) DRV - [2004-08-04 13:00:00 | 000,091,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan) DRV - [2004-08-04 13:00:00 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2004-08-04 13:00:00 | 000,080,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport) DRV - [2004-08-04 13:00:00 | 000,074,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec) DRV - [2004-08-04 13:00:00 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sr.sys -- (sr) DRV - [2004-08-04 13:00:00 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched) DRV - [2004-08-04 13:00:00 | 000,066,176 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\udfs.sys -- (Udfs) DRV - [2004-08-04 13:00:00 | 000,065,664 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\serial.sys -- (Serial) DRV - [2004-08-04 13:00:00 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\cdfs.sys -- (Cdfs) DRV - [2004-08-04 13:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2004-08-04 13:00:00 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc) DRV - [2004-08-04 13:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2004-08-04 13:00:00 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\volsnap.sys -- (VolSnap) DRV - [2004-08-04 13:00:00 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP) DRV - [2004-08-04 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom) DRV - [2004-08-04 13:00:00 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP) DRV - [2004-08-04 13:00:00 | 000,042,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mountmgr.sys -- (MountMgr) DRV - [2004-08-04 13:00:00 | 000,041,856 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi) DRV - [2004-08-04 13:00:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe) DRV - [2004-08-04 13:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm) DRV - [2004-08-04 13:00:00 | 000,038,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndproxy.sys -- (NDProxy) DRV - [2004-08-04 13:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\disk.sys -- (Disk) DRV - [2004-08-04 13:00:00 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc) DRV - [2004-08-04 13:00:00 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fips.sys -- (Fips) DRV - [2004-08-04 13:00:00 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp) DRV - [2004-08-04 13:00:00 | 000,034,560 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS) DRV - [2004-08-04 13:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver) DRV - [2004-08-04 13:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd) DRV - [2004-08-04 13:00:00 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\npfs.sys -- (Npfs) DRV - [2004-08-04 13:00:00 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\modem.sys -- (Modem) DRV - [2004-08-04 13:00:00 | 000,029,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw) DRV - [2004-08-04 13:00:00 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\fdc.sys -- (Fdc) DRV - [2004-08-04 13:00:00 | 000,024,960 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass) DRV - [2004-08-04 13:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tdtcp.sys -- (TDTCP) DRV - [2004-08-04 13:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave) DRV - [2004-08-04 13:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp) DRV - [2004-08-04 13:00:00 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\flpydisk.sys -- (Flpydisk) DRV - [2004-08-04 13:00:00 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\msfs.sys -- (Msfs) DRV - [2004-08-04 13:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\partmgr.sys -- (PartMgr) DRV - [2004-08-04 13:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\cdaudio.sys -- (Cdaudio) DRV - [2004-08-04 13:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) DRV - [2004-08-04 13:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti) DRV - [2004-08-04 13:00:00 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\serenum.sys -- (serenum) DRV - [2004-08-04 13:00:00 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios) DRV - [2004-08-04 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac) DRV - [2004-08-04 13:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\cbidf2k.sys -- (cbidf2k) DRV - [2004-08-04 13:00:00 | 000,012,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio) DRV - [2004-08-04 13:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt) DRV - [2004-08-04 13:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tdpipe.sys -- (TDPIPE) DRV - [2004-08-04 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\acpiec.sys -- (ACPIEC) DRV - [2004-08-04 13:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\sfloppy.sys -- (Sfloppy) DRV - [2004-08-04 13:00:00 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM) DRV - [2004-08-04 13:00:00 | 000,009,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi) DRV - [2004-08-04 13:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd) DRV - [2004-08-04 13:00:00 | 000,006,912 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\parvdm.sys -- (ParVdm) DRV - [2004-08-04 13:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload) DRV - [2004-08-04 13:00:00 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum) DRV - [2004-08-04 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD) DRV - [2004-08-04 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mnmdd.sys -- (mnmdd) DRV - [2004-08-04 13:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\beep.sys -- (Beep) DRV - [2004-08-04 13:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\null.sys -- (Null) DRV - [2004-08-04 01:37:14 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\intelide.sys -- (IntelIde) DRV - [2004-08-04 01:35:34 | 000,058,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook) DRV - [2004-08-04 00:44:40 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD) DRV - [2004-08-04 00:36:16 | 000,053,504 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt) DRV - [2004-08-04 00:34:22 | 000,023,296 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass) DRV - [2004-08-04 00:34:16 | 000,120,064 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\pcmcia.sys -- (Pcmcia) DRV - [2004-08-04 00:34:12 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\pci.sys -- (PCI) DRV - [2004-08-04 00:07:40 | 000,014,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CmBatt.sys -- (CmBatt) DRV - [2004-08-04 00:00:54 | 000,087,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\irda.sys -- (irda) DRV - [2004-08-03 23:15:56 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio) DRV - [2004-08-03 23:10:30 | 000,085,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NABTSFEC.sys -- (NABTSFEC) DRV - [2004-08-03 23:10:22 | 000,019,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WSTCODEC.SYS -- (WSTCODEC) DRV - [2004-08-03 23:10:18 | 000,017,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CCDECODE.sys -- (CCDECODE) DRV - [2004-08-03 23:10:18 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SLIP.sys -- (SLIP) DRV - [2004-08-03 23:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StreamIP.sys -- (streamip) DRV - [2004-08-03 23:10:14 | 000,010,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NdisIP.sys -- (NdisIP) DRV - [2004-08-03 23:08:48 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp) DRV - [2004-08-03 23:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBSTOR.SYS -- (USBSTOR) DRV - [2004-08-03 23:08:38 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci) DRV - [2004-08-03 23:07:58 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud) DRV - [2004-08-03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2004-08-03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\agp440.sys -- (agp440) DRV - [2004-08-03 23:07:40 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DMusic.sys -- (DMusic) DRV - [2004-08-03 23:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint) DRV - [2004-08-03 23:01:16 | 000,196,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr) DRV - [2004-08-03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi) DRV - [2004-08-03 22:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan) DRV - [2004-08-03 22:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (S6U12BScanner) DRV - [2004-08-03 22:58:42 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSKSSRV.sys -- (MSKSSRV) DRV - [2004-08-03 22:58:42 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSPQM.sys -- (MSPQM) DRV - [2004-08-03 22:58:40 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSTEE.sys -- (MSTEE) DRV - [2004-08-03 22:58:40 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSPCLOCK.sys -- (MSPCLOCK) DRV - [2004-08-03 22:08:44 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser.sys -- (usbser) DRV - [2004-03-17 12:04:14 | 000,013,059 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk) DRV - [2003-01-10 22:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW) DRV - [2001-10-26 18:07:38 | 000,036,425 | ---- | M] (SMC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA) DRV - [2001-10-26 16:57:56 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid) DRV - [2001-10-26 16:56:44 | 000,003,456 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\pciide.sys -- (PCIIde) DRV - [2001-10-26 16:47:28 | 000,036,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\isapnp.sys -- (isapnp) DRV - [2001-08-17 22:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub) DRV - [2001-08-17 22:58:00 | 000,009,344 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\compbatt.sys -- (Compbatt) DRV - [2001-08-17 22:51:32 | 000,019,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rasirda.sys -- (Rasirda) WAN Miniport (IrDA) DRV - [2001-08-17 22:02:20 | 000,009,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (HidUsb) DRV - [2001-08-17 22:00:52 | 000,054,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi) [color=#E56717]========== Standard Registry (All) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-06-17 08:49:06 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-09-04 06:59:49 | 000,000,000 | ---D | M] O1 HOSTS File: ([2010-03-16 12:15:36 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.) O3 - HKCU\..\Toolbar\ShellBrowser: (&Adres) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.EXE (Dell Inc.) O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc) O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard) O4 - HKLM..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe (Logitech Inc.) O4 - HKLM..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe (Logitech Inc.) O4 - HKLM..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe (Logitech Inc.) O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.) O4 - HKLM..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE (Lexmark International Inc.) O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) O4 - HKCU..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech) O4 - HKCU..\Run: [LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe (Logitech Inc.) O4 - HKCU..\Run: [Mobile Partner] C:\Program Files\PLAY\PLAY.exe () O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech) O4 - Startup: C:\Documents and Settings\Gosia\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {A1C54E16-0C95-4C77-8C4D-EB7C7C7E3960} http://89.171.100.201/activex/VideoControl.cab (VideoControl Class) O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} https://asp.photoprintit.de/microsite/1661/defaults/activex/ips/IPSUploader4.cab (IPSUploader4 Control) O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_12-windows-i586.cab (Java Plug-in 1.5.0_12) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\bw+0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw+0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw-0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw00 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw00s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw-0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw10 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw10s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw20 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw20s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw30 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw30s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw40 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw40s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw50 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw50s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw60 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw60s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw70 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw70s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw80 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw80s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw90 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bw90s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwa0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwa0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwb0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwb0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwc0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwc0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwd0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwd0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwe0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwe0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwf0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwf0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwg0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwg0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwh0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwh0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwi0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwi0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwj0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwj0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwk0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwk0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwl0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwl0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwm0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwm0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwn0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwn0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwo0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwo0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwp0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwp0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwq0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwq0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwr0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwr0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bws0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bws0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwt0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwt0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwu0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwu0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwv0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwv0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bww0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bww0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwx0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwx0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwy0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwy0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwz0 {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\bwz0s {943b1958-99dd-446a-8034-8fb5b2f1b377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation) O18 - Protocol\Handler\offline-8876480 {943B1958-99DD-446A-8034-8FB5B2F1B377} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation) O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation) O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation) O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Moduł wstępnego ładowania interfejsu Browseui - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Demon buforu kategorii składników - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Gosia\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Gosia\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-03-10 14:32:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 14 Days ==========[/color] [2010-03-17 08:07:15 | 000,556,032 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Gosia\Pulpit\OTL.exe [2010-03-16 20:53:30 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2010-03-16 20:53:18 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Gosia\Pulpit\HJTInstall.exe [2010-03-16 18:51:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC [2010-03-16 12:41:51 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010-03-13 23:04:29 | 000,000,000 | RHSD | C] -- C:\cmdcons [2010-03-13 23:00:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010-03-13 17:12:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gosia\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files [2010-03-13 15:37:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gosia\Pulpit\Nowy folder [2010-03-08 16:08:44 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe [2009-12-25 16:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Adobe [2009-02-18 08:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Apple [2009-02-03 19:54:20 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2008-03-17 17:38:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2008-03-17 17:16:37 | 022,685,480 | ---- | C] (Skype Technologies S.A.) -- C:\Program Files\SkypeSetup.exe [2008-03-16 18:22:42 | 024,740,752 | ---- | C] ( ) -- C:\Program Files\AdbeRdr810_pl_PL.exe [2008-03-10 14:36:32 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2008-03-10 14:36:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2003-03-13 23:10:58 | 000,099,840 | ---- | C] ( ) -- C:\WINDOWS\System32\ZipDll.dll [1999-09-22 14:49:22 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\Unzdll.dll [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\Documents and Settings\Gosia\Pulpit\*.tmp files -> C:\Documents and Settings\Gosia\Pulpit\*.tmp -> ] [color=#E56717]========== Files - Modified Within 14 Days ==========[/color] [2010-03-17 08:13:32 | 000,802,304 | ---- | M] () -- C:\WINDOWS\System32\drivers\spqef.sys [2010-03-17 08:07:27 | 000,556,032 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gosia\Pulpit\OTL.exe [2010-03-17 08:03:00 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job [2010-03-17 08:02:25 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-03-17 08:02:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-03-17 03:40:07 | 006,815,744 | ---- | M] () -- C:\Documents and Settings\Gosia\NTUSER.DAT [2010-03-17 03:39:43 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Gosia\ntuser.ini [2010-03-17 03:39:12 | 003,766,178 | -H-- | M] () -- C:\Documents and Settings\Gosia\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-03-16 22:27:01 | 000,084,680 | ---- | M] () -- C:\Documents and Settings\Gosia\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-03-16 22:23:45 | 000,318,744 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-03-16 20:53:31 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Gosia\Pulpit\HijackThis.lnk [2010-03-16 20:53:25 | 000,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Gosia\Pulpit\HJTInstall.exe [2010-03-16 12:17:28 | 000,000,246 | ---- | M] () -- C:\WINDOWS\system.ini [2010-03-16 12:15:36 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010-03-14 18:00:00 | 000,000,408 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Gosia.job [2010-03-14 16:02:08 | 000,010,167 | ---- | M] () -- C:\Documents and Settings\Gosia\Pulpit\Tynki Manncheim.xlsx [2010-03-13 23:04:48 | 000,000,281 | RHS- | M] () -- C:\boot.ini [2010-03-13 15:54:19 | 000,913,594 | ---- | M] () -- C:\Documents and Settings\Gosia\Pulpit\P3120004.JPG [2010-03-13 15:41:47 | 000,058,703 | ---- | M] () -- C:\Documents and Settings\Gosia\Pulpit\P3120014.JPG [2010-03-13 15:41:25 | 000,099,568 | ---- | M] () -- C:\Documents and Settings\Gosia\Pulpit\P3120005.JPG [2010-03-12 11:34:26 | 000,012,466 | ---- | M] () -- C:\Documents and Settings\Gosia\Pulpit\Klaudiusz Gajda.docx [2010-03-10 08:44:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010-03-08 06:57:05 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-03-05 11:15:46 | 000,179,712 | ---- | M] () -- C:\Documents and Settings\Gosia\Moje dokumenty\Koszty- Kacza-krzywdy1.xls [2010-03-04 09:52:23 | 000,197,988 | ---- | M] () -- C:\Documents and Settings\Gosia\Pulpit\barak.JPG [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\Documents and Settings\Gosia\Pulpit\*.tmp files -> C:\Documents and Settings\Gosia\Pulpit\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-03-16 20:53:30 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Gosia\Pulpit\HijackThis.lnk [2010-03-14 16:02:08 | 000,010,167 | ---- | C] () -- C:\Documents and Settings\Gosia\Pulpit\Tynki Manncheim.xlsx [2010-03-13 23:04:48 | 000,000,211 | ---- | C] () -- C:\Boot.bak [2010-03-13 23:04:42 | 000,262,400 | ---- | C] () -- C:\cmldr [2010-03-13 23:00:55 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe [2010-03-13 23:00:55 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2010-03-13 15:54:16 | 000,913,594 | ---- | C] () -- C:\Documents and Settings\Gosia\Pulpit\P3120004.JPG [2010-03-13 15:41:04 | 000,058,703 | ---- | C] () -- C:\Documents and Settings\Gosia\Pulpit\P3120014.JPG [2010-03-13 15:40:44 | 000,099,568 | ---- | C] () -- C:\Documents and Settings\Gosia\Pulpit\P3120005.JPG [2010-03-12 11:21:35 | 000,012,466 | ---- | C] () -- C:\Documents and Settings\Gosia\Pulpit\Klaudiusz Gajda.docx [2010-03-04 09:50:38 | 000,197,988 | ---- | C] () -- C:\Documents and Settings\Gosia\Pulpit\barak.JPG [2010-02-17 16:12:11 | 000,802,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\spqef.sys [2010-01-07 22:03:02 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini [2009-04-29 14:18:26 | 000,010,238 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2009-04-29 14:12:45 | 000,000,260 | ---- | C] () -- C:\WINDOWS\_delis32.ini [2009-02-12 13:40:26 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\lxaxlcnp.dll [2009-01-02 15:12:36 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\12kUBusd.dll [2008-09-29 14:01:08 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\wintab32.dll [2008-04-19 22:00:25 | 022,311,160 | ---- | C] () -- C:\Program Files\antivir_workstation_winu_en_h.exe [2008-04-13 21:45:45 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\Gosia\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008-03-17 18:41:19 | 000,000,733 | ---- | C] () -- C:\Program Files\HP Photosmart Essential.lnk [2008-03-17 18:40:04 | 000,000,984 | ---- | C] () -- C:\Program Files\HP Solution Center.lnk [2008-03-17 18:36:15 | 000,000,841 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log [2008-03-17 17:35:27 | 000,001,644 | ---- | C] () -- C:\Program Files\Logitech QuickCam.lnk [2008-03-17 17:34:20 | 000,000,719 | R--- | C] () -- C:\WINDOWS\System32\InstExec.ini [2008-03-17 17:20:34 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat [2008-03-16 18:25:30 | 000,001,729 | ---- | C] () -- C:\Program Files\Adobe Reader 8.lnk [2008-03-11 08:44:35 | 000,000,234 | ---- | C] () -- C:\WINDOWS\wininit.ini [2008-03-10 16:22:14 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\QSLLPSVCShare [2008-03-10 16:20:01 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll [2008-03-10 16:20:01 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll [2006-01-03 18:12:04 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll [2005-09-01 13:11:52 | 001,912,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVMVdrv.sys [2005-09-01 13:11:52 | 000,016,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPrcMon.sys [2005-09-01 13:09:28 | 002,169,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys [2003-03-13 23:10:58 | 000,230,912 | ---- | C] () -- C:\WINDOWS\System32\ZipIt.dll [2001-07-07 03:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini [1999-01-27 13:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll [1997-06-13 07:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll < End of report >[/log] [log] Avira AntiVir Personal Report file date: 16 marca 2010 22:28 Scanning for 1859675 virus strains and unwanted programs. Licensee : Avira AntiVir Personal - FREE Antivirus Serial number : 0000149996-ADJIE-0000001 Platform : Windows XP Windows version : (Dodatek Service Pack 2) [5.1.2600] Boot mode : Normally booted Username : SYSTEM Computer name : GOSIA Version information: BUILD.DAT : 9.0.0.419 21701 Bytes 2010-01-22 18:29:00 AVSCAN.EXE : 9.0.3.10 466689 Bytes 2009-10-13 10:26:33 AVSCAN.DLL : 9.0.3.0 40705 Bytes 2009-02-27 09:58:24 LUKE.DLL : 9.0.3.2 209665 Bytes 2009-02-20 10:35:49 LUKERES.DLL : 9.0.2.0 12033 Bytes 2009-02-27 09:58:52 VBASE000.VDF : 7.10.0.0 19875328 Bytes 2009-11-06 06:35:52 VBASE001.VDF : 7.10.1.0 1372672 Bytes 2009-11-19 07:26:07 VBASE002.VDF : 7.10.3.1 3143680 Bytes 2010-01-20 13:14:50 VBASE003.VDF : 7.10.3.75 996864 Bytes 2010-01-26 12:44:52 VBASE004.VDF : 7.10.4.203 1579008 Bytes 2010-03-05 05:59:41 VBASE005.VDF : 7.10.4.204 2048 Bytes 2010-03-05 05:59:41 VBASE006.VDF : 7.10.4.205 2048 Bytes 2010-03-05 05:59:41 VBASE007.VDF : 7.10.4.206 2048 Bytes 2010-03-05 05:59:42 VBASE008.VDF : 7.10.4.207 2048 Bytes 2010-03-05 05:59:42 VBASE009.VDF : 7.10.4.208 2048 Bytes 2010-03-05 05:59:42 VBASE010.VDF : 7.10.4.209 2048 Bytes 2010-03-05 05:59:42 VBASE011.VDF : 7.10.4.210 2048 Bytes 2010-03-05 05:59:42 VBASE012.VDF : 7.10.4.211 2048 Bytes 2010-03-05 05:59:43 VBASE013.VDF : 7.10.4.242 153088 Bytes 2010-03-08 07:07:25 VBASE014.VDF : 7.10.5.17 99328 Bytes 2010-03-10 07:16:52 VBASE015.VDF : 7.10.5.44 107008 Bytes 2010-03-11 07:16:40 VBASE016.VDF : 7.10.5.69 92672 Bytes 2010-03-12 08:06:04 VBASE017.VDF : 7.10.5.70 2048 Bytes 2010-03-12 08:06:05 VBASE018.VDF : 7.10.5.71 2048 Bytes 2010-03-12 08:06:06 VBASE019.VDF : 7.10.5.72 2048 Bytes 2010-03-12 08:06:06 VBASE020.VDF : 7.10.5.73 2048 Bytes 2010-03-12 08:06:06 VBASE021.VDF : 7.10.5.74 2048 Bytes 2010-03-12 08:06:06 VBASE022.VDF : 7.10.5.75 2048 Bytes 2010-03-12 08:06:06 VBASE023.VDF : 7.10.5.76 2048 Bytes 2010-03-12 08:06:07 VBASE024.VDF : 7.10.5.77 2048 Bytes 2010-03-12 08:06:07 VBASE025.VDF : 7.10.5.78 2048 Bytes 2010-03-12 08:06:07 VBASE026.VDF : 7.10.5.79 2048 Bytes 2010-03-12 08:06:07 VBASE027.VDF : 7.10.5.80 2048 Bytes 2010-03-12 08:06:07 VBASE028.VDF : 7.10.5.81 2048 Bytes 2010-03-12 08:06:08 VBASE029.VDF : 7.10.5.82 2048 Bytes 2010-03-12 08:06:08 VBASE030.VDF : 7.10.5.83 2048 Bytes 2010-03-12 08:06:08 VBASE031.VDF : 7.10.5.89 133632 Bytes 2010-03-15 08:06:08 Engineversion : 8.2.1.180 AEVDF.DLL : 8.1.1.3 106868 Bytes 2010-01-25 12:41:44 AESCRIPT.DLL : 8.1.3.17 1032570 Bytes 2010-03-03 09:58:31 AESCN.DLL : 8.1.5.0 127347 Bytes 2010-03-03 09:58:25 AESBX.DLL : 8.1.2.0 254323 Bytes 2010-03-03 09:58:32 AERDL.DLL : 8.1.4.2 479602 Bytes 2010-02-15 11:20:19 AEPACK.DLL : 8.2.1.0 426356 Bytes 2010-03-03 09:58:22 AEOFFICE.DLL : 8.1.0.39 196987 Bytes 2010-02-20 11:20:50 AEHEUR.DLL : 8.1.1.7 2326902 Bytes 2010-02-20 11:20:48 AEHELP.DLL : 8.1.10.1 237942 Bytes 2010-03-03 09:58:17 AEGEN.DLL : 8.1.2.0 373107 Bytes 2010-03-03 09:58:15 AEEMU.DLL : 8.1.1.0 393587 Bytes 2009-11-08 06:38:26 AECORE.DLL : 8.1.12.2 188790 Bytes 2010-03-03 09:58:12 AEBB.DLL : 8.1.0.3 53618 Bytes 2009-11-08 06:38:20 AVWINLL.DLL : 9.0.0.3 18177 Bytes 2008-12-12 07:47:59 AVPREF.DLL : 9.0.3.0 44289 Bytes 2009-08-26 14:14:02 AVREP.DLL : 8.0.0.7 159784 Bytes 2010-02-18 11:21:36 AVREG.DLL : 9.0.0.0 36609 Bytes 2008-12-05 09:32:09 AVARKT.DLL : 9.0.0.3 292609 Bytes 2009-03-24 14:05:41 AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 2009-01-30 09:37:08 SQLITE3.DLL : 3.6.1.0 326401 Bytes 2009-01-28 14:03:49 SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2009-02-02 07:21:33 NETNT.DLL : 9.0.0.0 11521 Bytes 2008-12-05 09:32:10 RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 2009-05-15 14:39:58 RCTEXT.DLL : 9.0.73.0 86785 Bytes 2009-10-13 11:25:47 Configuration settings for the scan: Jobname.............................: Complete system scan Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp Logging.............................: low Primary action......................: interactive Secondary action....................: ignore Scan master boot sector.............: on Scan boot sector....................: on Boot sectors........................: C:, Process scan........................: on Scan registry.......................: on Search for rootkits.................: on Integrity checking of system files..: off Scan all files......................: All files Scan archives.......................: on Recursion depth.....................: 20 Smart extensions....................: on Macro heuristic.....................: on File heuristic......................: medium Start of the scan: 16 marca 2010 22:28 Starting search for hidden objects. HKEY_LOCAL_MACHINE\System\ControlSet001\Services\spqef\type [INFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\System\ControlSet001\Services\spqef\start [INFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\System\ControlSet001\Services\spqef\errorcontrol [INFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\System\ControlSet001\Services\spqef\group [INFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\System\ControlSet001\Services\spqef\pb3ypo6y7 [INFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\System\ControlSet001\Services\spqef\mpsr3i0ug [INFO] The registry entry is invisible. HKEY_LOCAL_MACHINE\System\ControlSet001\Services\spqef\v7mp2wns [INFO] The registry entry is invisible. '44186' objects were checked, '7' hidden objects were found. The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'skypePM.exe' - '1' Module(s) have been scanned Scan process 'hpqste08.exe' - '1' Module(s) have been scanned Scan process 'wuauclt.exe' - '1' Module(s) have been scanned Scan process 'ONENOTEM.EXE' - '1' Module(s) have been scanned Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned Scan process 'LogitechDesktopMessenger.exe' - '1' Module(s) have been scanned Scan process 'Skype.exe' - '1' Module(s) have been scanned Scan process 'ISUSPM.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'LXSUPMON.EXE' - '1' Module(s) have been scanned Scan process 'LVCOMSX.EXE' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned Scan process 'ElkCtrl.exe' - '1' Module(s) have been scanned Scan process 'CameraAssistant.exe' - '1' Module(s) have been scanned Scan process 'ApntEx.exe' - '1' Module(s) have been scanned Scan process 'hidfind.exe' - '1' Module(s) have been scanned Scan process 'GrooveMonitor.exe' - '1' Module(s) have been scanned Scan process 'PDVDDXSrv.exe' - '1' Module(s) have been scanned Scan process 'quickset.exe' - '1' Module(s) have been scanned Scan process 'WLTRAY.EXE' - '1' Module(s) have been scanned Scan process 'Apoint.exe' - '1' Module(s) have been scanned Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned Scan process 'wuauclt.exe' - '1' Module(s) have been scanned Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'NicConfigSvc.exe' - '1' Module(s) have been scanned Scan process 'jqs.exe' - '1' Module(s) have been scanned Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'scardsvr.exe' - '1' Module(s) have been scanned Scan process 'LVPrcSrv.exe' - '1' Module(s) have been scanned Scan process 'LEXPPS.EXE' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'LEXBCES.EXE' - '1' Module(s) have been scanned Scan process 'BCMWLTRY.EXE' - '1' Module(s) have been scanned Scan process 'WLTRYSVC.EXE' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 59 processes with 59 modules were scanned Starting master boot sector scan: Master boot sector HD0 [INFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [INFO] No virus was found! Starting to scan executable files (registry). The registry was scanned ( '62' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! [NOTE] This file is a Windows system file. [NOTE] This file cannot be opened for scanning. C:\WINDOWS\system32\drivers\spqef.sys [DETECTION] Is the TR/Rootkit.Gen Trojan [WARNING] The file could not be opened! Beginning disinfection: C:\WINDOWS\system32\drivers\spqef.sys [DETECTION] Is the TR/Rootkit.Gen Trojan [WARNING] An error has occurred and the file was not deleted. ErrorID: 26004 [WARNING] The source file could not be found. [NOTE] Attempting to perform action using the ARK library. [NOTE] The file was moved to '4c114119.qua'! End of the scan: 17 marca 2010 03:38 Used time: 56:46 Minute(s) The scan has been done completely. 6615 Scanned directories 254594 Files were scanned 1 Viruses and/or unwanted programs were found 0 Files were classified as suspicious 0 files were deleted 0 Viruses and unwanted programs were repaired 1 Files were moved to quarantine 0 Files were renamed 2 Files cannot be scanned 254591 Files not concerned 1749 Archives were scanned 2 Warnings 2 Notes 44186 Objects were scanned with rootkit scan 7 Hidden objects were found[/log] [log] GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2010-03-17 11:56:01 Windows 5.1.2600 Dodatek Service Pack 2 Running: gmer.exe; Driver: C:\DOCUME~1\Gosia\USTAWI~1\Temp\uxtdqpod.sys ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\spqef@Start 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\spqef@ErrorControl 0 Reg HKLM\SYSTEM\ControlSet002\Services\spqef@Start 0 Reg HKLM\SYSTEM\ControlSet002\Services\spqef@ErrorControl 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\spqef@Type 1 Reg HKLM\SYSTEM\ControlSet002\Services\spqef@Type 1 ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\internet explorer\iexplore.exe[2124] ole32.dll!OleLoadFromStream 7751A257 5 Bytes JMP 40712243 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[2480] ole32.dll!OleLoadFromStream 7751A257 5 Bytes JMP 40712243 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[3884] ole32.dll!OleLoadFromStream 7751A257 5 Bytes JMP 40712243 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[876] kernel32.dll!SetUnhandledExceptionFilter 7C8447ED 5 Bytes JMP 32605622 C:\Program Files\Common Files\Microsoft Shared\office12\mso.dll (2007 Microsoft Office component/Microsoft Corporation) .text C:\Program Files\Microsoft Office\Office12\EXCEL.EXE[1668] kernel32.dll!SetUnhandledExceptionFilter 7C8447ED 5 Bytes JMP 32605622 C:\Program Files\Common Files\Microsoft Shared\office12\mso.dll (2007 Microsoft Office component/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[2124] USER32.dll!DialogBoxParamW 7E37555F 5 Bytes JMP 4059F4B9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[2480] USER32.dll!DialogBoxParamW 7E37555F 5 Bytes JMP 4059F4B9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[3884] USER32.dll!DialogBoxParamW 7E37555F 5 Bytes JMP 4059F4B9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[2124] USER32.dll!DialogBoxIndirectParamW 7E382032 5 Bytes JMP 40712046 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[2480] USER32.dll!DialogBoxIndirectParamW 7E382032 5 Bytes JMP 40712046 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[3884] USER32.dll!DialogBoxIndirectParamW 7E382032 5 Bytes JMP 40712046 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[2124] USER32.dll!MessageBoxIndirectA 7E38A04A 5 Bytes JMP 40711FC7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[2480] USER32.dll!MessageBoxIndirectA 7E38A04A 5 Bytes JMP 40711FC7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[3884] USER32.dll!MessageBoxIndirectA 7E38A04A 5 Bytes JMP 40711FC7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[2124] USER32.dll!DialogBoxParamA 7E38B10C 5 Bytes JMP 4071200B C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[2480] USER32.dll!DialogBoxParamA 7E38B10C 5 Bytes JMP 4071200B C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[3884] USER32.dll!DialogBoxParamA 7E38B10C 5 Bytes JMP 4071200B C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[2124] USER32.dll!MessageBoxExW 7E3A05D8 5 Bytes JMP 40711F53 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[2480] USER32.dll!MessageBoxExW 7E3A05D8 5 Bytes JMP 40711F53 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[3884] USER32.dll!MessageBoxExW 7E3A05D8 5 Bytes JMP 40711F53 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[2124] USER32.dll!MessageBoxExA 7E3A05FC 5 Bytes JMP 40711F8D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[2480] USER32.dll!MessageBoxExA 7E3A05FC 5 Bytes JMP 40711F8D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[3884] USER32.dll!MessageBoxExA 7E3A05FC 5 Bytes JMP 40711F8D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[2124] USER32.dll!DialogBoxIndirectParamA 7E3A6B50 5 Bytes JMP 40712081 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[2480] USER32.dll!DialogBoxIndirectParamA 7E3A6B50 5 Bytes JMP 40712081 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[3884] USER32.dll!DialogBoxIndirectParamA 7E3A6B50 5 Bytes JMP 40712081 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[2124] USER32.dll!MessageBoxIndirectW 7E3B62AB 5 Bytes JMP 405C17EA C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[2480] USER32.dll!MessageBoxIndirectW 7E3B62AB 5 Bytes JMP 405C17EA C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\internet explorer\iexplore.exe[3884] USER32.dll!MessageBoxIndirectW 7E3B62AB 5 Bytes JMP 405C17EA C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 8230D2B8 ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[1184] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A92C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[1184] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A92C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[1184] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A92C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[1184] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A92DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Logitech\Video\CameraAssistant.exe[2352] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00B02C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Logitech\Video\CameraAssistant.exe[2352] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00B02C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Logitech\Video\CameraAssistant.exe[2352] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00B02C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Logitech\Video\CameraAssistant.exe[2352] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00B02DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Apoint\Apntex.exe[2532] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00B92C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Apoint\Apntex.exe[2532] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00B92C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Apoint\Apntex.exe[2532] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00B92C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Apoint\Apntex.exe[2532] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00B92DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2828] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00BC2C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2828] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00BC2C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2828] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00BC2C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2828] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00BC2DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Avira\AntiVir Desktop\avcenter.exe[3736] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00C82C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Avira\AntiVir Desktop\avcenter.exe[3736] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00C82C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Avira\AntiVir Desktop\avcenter.exe[3736] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00C82C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Avira\AntiVir Desktop\avcenter.exe[3736] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00C82DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Dell\QuickSet\quickset.exe[2264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00DF2C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Dell\QuickSet\quickset.exe[2264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00DF2C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Dell\QuickSet\quickset.exe[2264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00DF2C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Dell\QuickSet\quickset.exe[2264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00DF2DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\notepad.exe[284] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Documents and Settings\Gosia\Pulpit\OTL.exe[640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\wuauclt.exe[712] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[784] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[876] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\Explorer.EXE[1604] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Microsoft Office\Office12\EXCEL.EXE[1668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\notepad.exe[1696] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\internet explorer\iexplore.exe[2124] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\WLTRAY.exe[2172] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2324] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\ElkCtrl.exe[2468] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\internet explorer\iexplore.exe[2480] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[2504] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Java\jre6\bin\jusched.exe[2556] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Apoint\HidFind.exe[2576] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\LXSUPMON.EXE[2688] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\LVCOMSX.EXE[2776] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE[2780] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2892] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Skype\Phone\Skype.exe[2988] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3080] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3204] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\ctfmon.exe[3416] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\notepad.exe[3444] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[3668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\internet explorer\iexplore.exe[3884] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\WinRAR\WinRAR.exe[5248] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\WinRAR\WinRAR.exe[5268] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\DOCUME~1\Gosia\USTAWI~1\Temp\Rar$EX00.012\gmer.exe[5528] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\notepad.exe[284] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Documents and Settings\Gosia\Pulpit\OTL.exe[640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\wuauclt.exe[712] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[784] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[876] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\Explorer.EXE[1604] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Microsoft Office\Office12\EXCEL.EXE[1668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\notepad.exe[1696] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\internet explorer\iexplore.exe[2124] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\WLTRAY.exe[2172] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2324] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\ElkCtrl.exe[2468] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\internet explorer\iexplore.exe[2480] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[2504] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Java\jre6\bin\jusched.exe[2556] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Apoint\HidFind.exe[2576] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\LXSUPMON.EXE[2688] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\LVCOMSX.EXE[2776] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE[2780] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2892] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Skype\Phone\Skype.exe[2988] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3080] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3204] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\ctfmon.exe[3416] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\notepad.exe[3444] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[3668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\internet explorer\iexplore.exe[3884] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\WinRAR\WinRAR.exe[5248] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\WinRAR\WinRAR.exe[5268] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\DOCUME~1\Gosia\USTAWI~1\Temp\Rar$EX00.012\gmer.exe[5528] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\notepad.exe[284] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Documents and Settings\Gosia\Pulpit\OTL.exe[640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\wuauclt.exe[712] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[784] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[876] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\Explorer.EXE[1604] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Microsoft Office\Office12\EXCEL.EXE[1668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\notepad.exe[1696] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\internet explorer\iexplore.exe[2124] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\WLTRAY.exe[2172] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2324] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\ElkCtrl.exe[2468] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\internet explorer\iexplore.exe[2480] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[2504] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Java\jre6\bin\jusched.exe[2556] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Apoint\HidFind.exe[2576] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\LXSUPMON.EXE[2688] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\LVCOMSX.EXE[2776] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE[2780] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2892] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Skype\Phone\Skype.exe[2988] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3080] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3204] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\ctfmon.exe[3416] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\notepad.exe[3444] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[3668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\internet explorer\iexplore.exe[3884] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\WinRAR\WinRAR.exe[5248] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\WinRAR\WinRAR.exe[5268] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\DOCUME~1\Gosia\USTAWI~1\Temp\Rar$EX00.012\gmer.exe[5528] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\notepad.exe[284] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Documents and Settings\Gosia\Pulpit\OTL.exe[640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\wuauclt.exe[712] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[784] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[876] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\Explorer.EXE[1604] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Microsoft Office\Office12\EXCEL.EXE[1668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\notepad.exe[1696] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\internet explorer\iexplore.exe[2124] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\WLTRAY.exe[2172] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2324] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\ElkCtrl.exe[2468] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\internet explorer\iexplore.exe[2480] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[2504] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Java\jre6\bin\jusched.exe[2556] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Apoint\HidFind.exe[2576] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\LXSUPMON.EXE[2688] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\LVCOMSX.EXE[2776] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE[2780] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2892] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Skype\Phone\Skype.exe[2988] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3080] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3204] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\ctfmon.exe[3416] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\notepad.exe[3444] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[3668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\internet explorer\iexplore.exe[3884] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\WinRAR\WinRAR.exe[5248] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\WinRAR\WinRAR.exe[5268] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\DOCUME~1\Gosia\USTAWI~1\Temp\Rar$EX00.012\gmer.exe[5528] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) ---- Services - GMER 1.0.15 ---- Service (*** hidden *** ) [BOOT] spqef <-- ROOTKIT !!! ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\spqef@Group Boot Bus Extender Reg HKLM\SYSTEM\ControlSet002\Services\spqef@Group Boot Bus Extender Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Roxio) ---- Kernel code sections - GMER 1.0.15 ---- C:\Program Files\CyberLink\PowerDVD DX\000.fcl entry point in "" section [0xF26AE000] .pak2 C:\WINDOWS\system32\drivers\spqef.sys entry point in ".pak2" section [0xF846F13D] PAGE Ntfs.sys F8272C55 4 Bytes CALL 823A4AD9 .clc C:\Program Files\CyberLink\PowerDVD DX\000.fcl unknown last section [0xF26AF000, 0x1000, 0x00000000] .sfreloc˙˙˙˙sfsync03unknown last section [0xF8561000, 0xA20, 0x40000040] C:\WINDOWS\system32\drivers\sfsync03.sys unknown last section [0xF8561000, 0xA20, 0x40000040] ? C:\WINDOWS\system32\drivers\spqef.sys Urządzenie podłączone do komputera nie działa. ---- System - GMER 1.0.15 ---- SSDT F8BF9866 ZwCreateKey SSDT F8BF985C ZwCreateThread SSDT F8BF986B ZwDeleteKey SSDT F8BF9875 ZwDeleteValueKey SSDT F8BF987A ZwLoadKey SSDT F8BF9848 ZwOpenProcess SSDT F8BF984D ZwOpenThread SSDT F8BF9884 ZwReplaceKey SSDT F8BF987F ZwRestoreKey SSDT F8BF9870 ZwSetValueKey SSDT F8BF9857 ZwTerminateProcess ---- EOF - GMER 1.0.15 ---- [/log]
Psycholandia komentarz 17 marca 2010 komentarz 17 marca 2010 Przeskanuj: [b]C:\WINDOWS\System32\drivers\spqef.sys[/b] na: http://www.virustotal.com/pl/ i daj wynik. Wykonaj: http://www.forumpc.pl/index.php?showtopic=99152
lillac komentarz 17 marca 2010 Autor komentarz 17 marca 2010 Z virustotal: 0 bytes size received / Se ha recibido un archivo vacio probowalam przeslac mailem do virustotal ale tez nie dalo rady: ,,Przesłanie załącznika nie powiodło się. Przyczyną może być serwer proxy lub zapora sieciowa" Z MBR: Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully kernel: MBR read successfully user & kernel MBR OK Daj prosze znac co to znaczy?nie ma tego rootkita?
Psycholandia komentarz 17 marca 2010 komentarz 17 marca 2010 Spróbuj przesłać ten plik za pomocą przeglądarki IE. Pobierz: http://www.freedrweb.pl/ i wykonaj [b]pełne skanowanie[/b]. Daj wyniki.
lillac komentarz 17 marca 2010 Autor komentarz 17 marca 2010 [quote name='Andziorka' date='17 marzec 2010 - 14:24' timestamp='1268832263' post='995811'] Spróbuj przesłać ten plik za pomocą przeglądarki IE. Pobierz: http://www.freedrweb.pl/ i wykonaj [b]pełne skanowanie[/b]. Daj wyniki. [/quote] log z drweba ma ponad 11Mb wiec zalaczam link do niego http://www.zshare.net/download/738336222917aa89/ z gory wielkie dzieki za pomoc
Psycholandia komentarz 17 marca 2010 komentarz 17 marca 2010 Usunięte wszystkie wirusy? Jak zachowuje się komputer?
lillac komentarz 18 marca 2010 Autor komentarz 18 marca 2010 [quote name='Andziorka' date='17 marzec 2010 - 21:43' timestamp='1268858580' post='996168'] Usunięte wszystkie wirusy? Jak zachowuje się komputer? [/quote]niestety jest niezniszczalny,zalaczam log z aviry [log] Avira AntiVir Personal Report file date: 18 marca 2010 18:51 Scanning for 1866010 virus strains and unwanted programs. Licensee : Avira AntiVir Personal - FREE Antivirus Serial number : 0000149996-ADJIE-0000001 Platform : Windows XP Windows version : (Dodatek Service Pack 2) [5.1.2600] Boot mode : Normally booted Username : Gosia Computer name : GOSIA Version information: BUILD.DAT : 9.0.0.419 21701 Bytes 2010-01-22 18:29:00 AVSCAN.EXE : 9.0.3.10 466689 Bytes 2009-10-13 10:26:33 AVSCAN.DLL : 9.0.3.0 40705 Bytes 2009-02-27 09:58:24 LUKE.DLL : 9.0.3.2 209665 Bytes 2009-02-20 10:35:49 LUKERES.DLL : 9.0.2.0 12033 Bytes 2009-02-27 09:58:52 VBASE000.VDF : 7.10.0.0 19875328 Bytes 2009-11-06 06:35:52 VBASE001.VDF : 7.10.1.0 1372672 Bytes 2009-11-19 07:26:07 VBASE002.VDF : 7.10.3.1 3143680 Bytes 2010-01-20 13:14:50 VBASE003.VDF : 7.10.3.75 996864 Bytes 2010-01-26 12:44:52 VBASE004.VDF : 7.10.4.203 1579008 Bytes 2010-03-05 05:59:41 VBASE005.VDF : 7.10.4.204 2048 Bytes 2010-03-05 05:59:41 VBASE006.VDF : 7.10.4.205 2048 Bytes 2010-03-05 05:59:41 VBASE007.VDF : 7.10.4.206 2048 Bytes 2010-03-05 05:59:42 VBASE008.VDF : 7.10.4.207 2048 Bytes 2010-03-05 05:59:42 VBASE009.VDF : 7.10.4.208 2048 Bytes 2010-03-05 05:59:42 VBASE010.VDF : 7.10.4.209 2048 Bytes 2010-03-05 05:59:42 VBASE011.VDF : 7.10.4.210 2048 Bytes 2010-03-05 05:59:42 VBASE012.VDF : 7.10.4.211 2048 Bytes 2010-03-05 05:59:43 VBASE013.VDF : 7.10.4.242 153088 Bytes 2010-03-08 07:07:25 VBASE014.VDF : 7.10.5.17 99328 Bytes 2010-03-10 07:16:52 VBASE015.VDF : 7.10.5.44 107008 Bytes 2010-03-11 07:16:40 VBASE016.VDF : 7.10.5.69 92672 Bytes 2010-03-12 08:06:04 VBASE017.VDF : 7.10.5.91 119808 Bytes 2010-03-15 08:05:28 VBASE018.VDF : 7.10.5.92 2048 Bytes 2010-03-15 08:05:28 VBASE019.VDF : 7.10.5.93 2048 Bytes 2010-03-15 08:05:28 VBASE020.VDF : 7.10.5.94 2048 Bytes 2010-03-15 08:05:29 VBASE021.VDF : 7.10.5.95 2048 Bytes 2010-03-15 08:05:29 VBASE022.VDF : 7.10.5.96 2048 Bytes 2010-03-15 08:05:29 VBASE023.VDF : 7.10.5.97 2048 Bytes 2010-03-15 08:05:29 VBASE024.VDF : 7.10.5.98 2048 Bytes 2010-03-15 08:05:29 VBASE025.VDF : 7.10.5.99 2048 Bytes 2010-03-15 08:05:29 VBASE026.VDF : 7.10.5.100 2048 Bytes 2010-03-15 08:05:29 VBASE027.VDF : 7.10.5.101 2048 Bytes 2010-03-15 08:05:29 VBASE028.VDF : 7.10.5.102 2048 Bytes 2010-03-15 08:05:29 VBASE029.VDF : 7.10.5.103 2048 Bytes 2010-03-15 08:05:29 VBASE030.VDF : 7.10.5.104 2048 Bytes 2010-03-15 08:05:29 VBASE031.VDF : 7.10.5.116 109056 Bytes 2010-03-17 09:00:09 Engineversion : 8.2.1.194 AEVDF.DLL : 8.1.1.3 106868 Bytes 2010-01-25 12:41:44 AESCRIPT.DLL : 8.1.3.18 1024378 Bytes 2010-03-18 09:03:02 AESCN.DLL : 8.1.5.0 127347 Bytes 2010-03-03 09:58:25 AESBX.DLL : 8.1.2.1 254323 Bytes 2010-03-18 09:03:03 AERDL.DLL : 8.1.4.3 541043 Bytes 2010-03-18 09:01:28 AEPACK.DLL : 8.2.1.0 426356 Bytes 2010-03-03 09:58:22 AEOFFICE.DLL : 8.1.0.41 201083 Bytes 2010-03-18 09:01:25 AEHEUR.DLL : 8.1.1.13 2470262 Bytes 2010-03-18 09:01:19 AEHELP.DLL : 8.1.10.2 237941 Bytes 2010-03-18 09:01:01 AEGEN.DLL : 8.1.2.2 373107 Bytes 2010-03-18 09:00:59 AEEMU.DLL : 8.1.1.0 393587 Bytes 2009-11-08 06:38:26 AECORE.DLL : 8.1.12.3 188789 Bytes 2010-03-18 09:00:55 AEBB.DLL : 8.1.0.3 53618 Bytes 2009-11-08 06:38:20 AVWINLL.DLL : 9.0.0.3 18177 Bytes 2008-12-12 07:47:59 AVPREF.DLL : 9.0.3.0 44289 Bytes 2009-08-26 14:14:02 AVREP.DLL : 8.0.0.7 159784 Bytes 2010-02-18 11:21:36 AVREG.DLL : 9.0.0.0 36609 Bytes 2008-12-05 09:32:09 AVARKT.DLL : 9.0.0.3 292609 Bytes 2009-03-24 14:05:41 AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 2009-01-30 09:37:08 SQLITE3.DLL : 3.6.1.0 326401 Bytes 2009-01-28 14:03:49 SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2009-02-02 07:21:33 NETNT.DLL : 9.0.0.0 11521 Bytes 2008-12-05 09:32:10 RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 2009-05-15 14:39:58 RCTEXT.DLL : 9.0.73.0 86785 Bytes 2009-10-13 11:25:47 Configuration settings for the scan: Jobname.............................: ShlExt Configuration file..................: C:\DOCUME~1\Gosia\USTAWI~1\Temp\e688470c.avp Logging.............................: low Primary action......................: interactive Secondary action....................: ignore Scan master boot sector.............: on Scan boot sector....................: on Boot sectors........................: C:, Process scan........................: off Scan registry.......................: off Search for rootkits.................: off Integrity checking of system files..: off Scan all files......................: Intelligent file selection Scan archives.......................: on Recursion depth.....................: 20 Smart extensions....................: on Macro heuristic.....................: on File heuristic......................: medium Start of the scan: 18 marca 2010 18:51 Starting the file scan: Begin scan in 'C:\WINDOWS\system32\drivers\spqef.sys' C:\WINDOWS\system32\drivers\spqef.sys [DETECTION] Is the TR/Rootkit.Gen Trojan [WARNING] The file could not be opened! Beginning disinfection: C:\WINDOWS\system32\drivers\spqef.sys [DETECTION] Is the TR/Rootkit.Gen Trojan [WARNING] An error has occurred and the file was not deleted. ErrorID: 26004 [WARNING] The source file could not be found. [NOTE] Attempting to perform action using the ARK library. [NOTE] The file was moved to '4c1368a6.qua'! End of the scan: 18 marca 2010 18:51 Used time: 00:04 Minute(s) The scan has been done completely. 0 Scanned directories 2 Files were scanned 1 Viruses and/or unwanted programs were found 0 Files were classified as suspicious 0 files were deleted 0 Viruses and unwanted programs were repaired 1 Files were moved to quarantine 0 Files were renamed 1 Files cannot be scanned 0 Files not concerned 0 Archives were scanned 1 Warnings 1 Notes [/log]
lillac komentarz 18 marca 2010 Autor komentarz 18 marca 2010 [quote name='Andziorka' date='18 marzec 2010 - 21:07' timestamp='1268942823' post='996678'] Czyli problem nadal występuje? [/quote] Niestety tak i prosze o pomoc jesli ktos wie jak sie go pozbyc.
MarekM25 komentarz 18 marca 2010 komentarz 18 marca 2010 Spróbuj zeskanować komputer combofixem w trybie awaryjnym.
lillac komentarz 19 marca 2010 Autor komentarz 19 marca 2010 [quote name='MarekM25' date='18 marzec 2010 - 22:04' timestamp='1268946297' post='996747'] Spróbuj zeskanować komputer combofixem w trybie awaryjnym. [/quote] podaje log po skanowaniu [log] ComboFix 10-03-18.02 - Gosia 2010-03-19 12:21:08.5.1 - x86 MINIMAL Microsoft Windows XP Professional 5.1.2600.2.1250.48.1045.18.511.366 [GMT 1:00] Uruchomiony z: C:\Documents and Settings\Gosia\Pulpit\ComboFix.exe AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} . ((((((((((((((((((((((((( Pliki utworzone od 2010-02-19 do 2010-03-19 ))))))))))))))))))))))))))))))) . 2010-03-17 14:41:34 . 2010-03-17 20:14:29 -------- d-----w- C:\Documents and Settings\Gosia\DoctorWeb 2010-03-16 19:53:30 . 2010-03-16 19:53:30 -------- d-----w- C:\Program Files\Trend Micro 2010-03-13 16:12:45 . 2010-03-13 16:12:45 -------- d-----w- C:\Documents and Settings\Gosia\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files 2010-03-08 15:08:44 . 2010-02-12 10:03:03 293376 ------w- C:\WINDOWS\system32\browserchoice.exe 2010-02-17 15:12:11 . 2010-03-19 11:28:40 802304 ----a-w- C:\WINDOWS\system32\drivers\spqef.sys . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-19 10:32:48 . 2008-03-17 16:18:10 -------- d-----w- C:\Documents and Settings\Gosia\Dane aplikacji\Skype 2010-03-19 07:33:26 . 2008-03-17 16:20:34 -------- d-----w- C:\Documents and Settings\Gosia\Dane aplikacji\skypePM 2010-03-16 21:27:01 . 2008-03-11 07:54:18 84680 ----a-w- C:\Documents and Settings\Gosia\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2010-03-11 12:24:03 . 2009-11-24 09:35:15 79488 ----a-w- C:\Documents and Settings\Gosia\Dane aplikacji\Sun\Java\jre1.6.0_17\gtapi.dll 2010-03-11 07:30:39 . 2008-03-11 11:48:26 -------- d-----w- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help 2010-02-17 15:11:45 . 2010-02-17 15:11:05 20 ----a-w- C:\WINDOWS\system32\config\systemprofile\Dane aplikacji\cqfyto.dat 2010-02-16 15:14:33 . 2010-02-15 14:47:17 -------- d-----w- C:\Program Files\Kantaris 2010-02-15 14:48:00 . 2008-04-12 11:55:33 -------- d-----w- C:\Documents and Settings\Gosia\Dane aplikacji\kantaris 2010-01-27 02:06:23 . 2008-03-11 11:53:25 -------- d-----w- C:\Program Files\Microsoft Works 2010-01-19 14:55:28 . 2008-03-18 07:37:17 -------- d-----w- C:\Documents and Settings\Gosia\Dane aplikacji\Image Zone Express 2010-01-05 09:57:31 . 2004-08-04 12:00:00 832512 ------w- C:\WINDOWS\system32\wininet.dll 2010-01-05 09:57:28 . 2004-08-04 12:00:00 78336 ----a-w- C:\WINDOWS\system32\ieencode.dll 2010-01-05 09:57:27 . 2004-08-04 12:00:00 17408 ------w- C:\WINDOWS\system32\corpol.dll 2009-12-31 16:14:12 . 2004-08-04 12:00:00 352640 ----a-w- C:\WINDOWS\system32\drivers\srv.sys 2009-12-30 22:06:33 . 2009-12-30 22:06:33 335 ----a-w- C:\WINDOWS\nsreg.dat 2009-12-30 22:06:33 . 2009-12-30 22:06:29 685384 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\sysinfo\SinfInst.exe 2009-12-30 22:06:29 . 2009-12-30 22:06:28 49152 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\tpspd\DaclDll.dll 2009-12-30 22:06:28 . 2009-12-30 22:06:25 584168 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\tpspd\wbsetup.exe 2009-12-30 22:06:24 . 2009-12-30 22:06:21 343472 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\afix\afixinst.exe 2009-12-30 22:05:57 . 2009-12-30 22:05:55 223152 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\afix\wsfinst.exe 2009-12-30 22:05:54 . 2009-12-30 22:05:54 6144 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\tb\tbinst.dll 2009-12-30 22:05:53 . 2009-12-30 22:05:37 3858056 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\vwpt\Vwpt.exe 2009-12-30 22:05:36 . 2009-12-30 22:05:36 6144 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\afix\ocfcheck.dll 2009-12-30 22:05:34 . 2009-12-30 22:05:32 390704 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\afix\WinsockFix.exe 2009-12-30 22:04:32 . 2009-12-30 22:04:21 1357512 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\ocp\ocpinst.exe 2009-12-30 22:04:20 . 2009-12-30 22:04:13 848944 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\waol-uk-0.4327.48.1.exe 2009-12-30 22:04:11 . 2009-12-30 22:04:11 61440 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\vwpt\VPPrePop.exe 2009-12-30 22:04:10 . 2009-12-30 22:04:09 142040 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\aolload\alsetup.exe 2009-12-30 22:04:08 . 2009-12-30 22:04:07 96976 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\sm\sminstlp.exe 2009-12-30 22:04:06 . 2009-12-30 22:04:06 63024 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\ocp\instSup.dll 2009-12-30 22:04:05 . 2009-12-30 22:04:03 357768 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\tb\tbsetup.exe 2009-12-30 22:04:02 . 2009-12-30 22:04:02 10800 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\afix\wsfixchk.dll 2009-12-30 22:04:02 . 2009-12-30 22:03:53 1134216 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\flash\flash9ex.exe 2009-12-30 22:03:52 . 2009-12-30 22:03:51 45056 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\sysinfo\SiNdInst.dll 2009-12-30 22:03:50 . 2009-12-30 22:03:48 122336 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\afix\afixlang_uk.exe 2009-12-30 22:03:47 . 2009-12-30 22:03:46 54832 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\ocp\ocpgc.exe 2009-12-30 22:01:19 . 2009-12-30 22:01:18 120016 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\afix\afixlang.exe 2009-12-30 22:01:18 . 2009-12-30 22:01:17 174848 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\sm\stmninst.exe 2009-12-30 22:01:16 . 2009-12-30 22:01:13 574667 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\muinst\muinst.exe 2009-12-30 22:01:12 . 2009-12-30 22:01:12 49152 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\vwpt\AOLVPChk.dll 2009-12-30 22:01:11 . 2009-12-30 22:01:11 57344 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\tpspd\tsverchk.dll 2009-12-30 22:01:10 . 2009-12-30 22:01:10 15920 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\ocp\ocpchk.dll 2009-12-30 22:01:08 . 2009-12-30 21:59:31 15099672 ----a-w- C:\Documents and Settings\All Users\Dane aplikacji\AOL Downloads\waol_uk\0.0.1.2\comps\acs\acssetup.exe 2009-12-20 11:22:02 . 2009-12-17 07:17:51 56816 ----a-w- C:\WINDOWS\system32\drivers\avgntflt.sys 2008-04-19 21:02:48 . 2008-04-19 21:00:25 22311160 ----a-w- C:\Program Files\antivir_workstation_winu_en_h.exe 2008-03-17 17:41:19 . 2008-03-17 17:41:19 733 ----a-w- C:\Program Files\HP Photosmart Essential.lnk 2008-03-17 17:40:04 . 2008-03-17 17:40:04 984 ----a-w- C:\Program Files\HP Solution Center.lnk 2008-03-17 16:35:27 . 2008-03-17 16:35:27 1644 ----a-w- C:\Program Files\Logitech QuickCam.lnk 2008-03-17 16:16:37 . 2008-03-17 16:16:37 22685480 ----a-w- C:\Program Files\SkypeSetup.exe 2008-03-16 17:25:30 . 2008-03-16 17:25:30 1729 ----a-w- C:\Program Files\Adobe Reader 8.lnk 2008-03-16 17:24:26 . 2008-03-16 17:22:42 24740752 ----a-w- C:\Program Files\AdbeRdr810_pl_PL.exe . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 03:40:32 218032] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-02-06 17:37:52 21898024] "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-03-17 16:32:39 32768] "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-01-18 16:07:54 196608] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-16 10:04:53 68856] "Mobile Partner"="C:\Program Files\PLAY\PLAY.exe" [2008-08-28 13:04:27 110592] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 16:50:38 3885408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-11-10 20:05:00 344064] "Apoint"="C:\Program Files\Apoint\Apoint.exe" [2005-10-07 13:13:38 176128] "Broadcom Wireless Manager UI"="C:\WINDOWS\system32\WLTRAY.exe" [2005-12-19 08:08:42 1347584] "Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [2006-06-29 11:13:32 1032192] "PDVDDXSrv"="C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2007-08-31 20:02:36 128296] "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 10:44:34 31072] "LogitechCameraAssistant"="C:\Program Files\Logitech\Video\CameraAssistant.exe" [2005-09-07 05:33:20 434176] "LogitechVideo[inspector]"="C:\Program Files\Logitech\Video\InstallHelper.exe" [2005-09-07 05:39:44 73728] "LogitechCameraService(E)"="C:\WINDOWS\system32\ElkCtrl.exe" [2004-11-01 17:22:22 262144] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 14:24:20 54840] "SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2009-06-17 07:49:03 148888] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2009-01-05 15:18:48 413696] "LXSUPMON"="C:\WINDOWS\system32\LXSUPMON.EXE" [2002-01-28 12:48:50 885760] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 20:16:00 39792] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-09-01 12:04:44 221184] "avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 11:08:47 209153] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 12:00:00 15360] C:\Documents and Settings\Gosia\Menu Start\Programy\Autostart\ Tworzenie wycink˘w ekranu i uruchamianie programu OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472] Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-3-17 450560] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\CyberLink\\PowerDVD DX\\PowerDVD.exe"= "C:\\Program Files\\CyberLink\\PowerDVD DX\\PDVDDXSrv.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\EXCEL.EXE"= "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\\Program Files\\Gadu-Gadu\\gg.exe"= "C:\\WINDOWS\\system32\\LEXPPS.EXE"= "C:\\WINDOWS\\system32\\dpvsetup.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys [2005-12-06 16:11:18 35328] S2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};{1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};C:\Program Files\CyberLink\PowerDVD DX\000.fcl [2008-03-11 08:49:18 39408] S2 AntiVirSchedulerService;Avira AntiVir Scheduler;C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-12-17 08:17:46 108289] S3 OZSCR;O2Micro SmartCardBus Smartcard Reader;C:\WINDOWS\system32\drivers\ozscr.sys [2008-03-10 16:18:55 92550] S3 S6U12BScanner;MUSTEK 1200 UB Still Image Device Service;C:\WINDOWS\system32\drivers\usbscan.sys [2008-03-17 18:43:22 15104] --- Inne Usługi/Sterowniki w Pamięci --- *Deregistered* - spqef . Zawartość folderu 'Zaplanowane zadania' 2010-03-17 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34:12 . 2008-07-30 11:34:12] 2010-03-17 C:\WINDOWS\Tasks\Norton Security Scan for Gosia.job - C:\Program Files\Norton Security Scan\Nss.exe [2008-09-19 03:18:08 . 2008-09-19 03:18:08] 2010-03-19 C:\WINDOWS\Tasks\WGASetup.job - C:\WINDOWS\system32\KB905474\wgasetup.exe [2009-05-07 01:02:10 . 2009-03-10 20:18:14] . . ------- Skan uzupełniający ------- . uStart Page = hxxp://www.google.pl/ IE: E&ksportuj do programu Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll DPF: {A1C54E16-0C95-4C77-8C4D-EB7C7C7E3960} - hxxp://89.171.100.201/activex/VideoControl.cab . - - - - USUNIĘTO PUSTE WPISY - - - - AddRemove-BankBrowser - C:\Documents and Settings\Gosia\Ustawienia lokalne\Temporary Internet Files\Content.IE5\KECTBPGD\bankbrowser_3_5[1].exe [/log]
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.