sebus1989 utworzono 6 kwietnia 2010 utworzono 6 kwietnia 2010 (edytowane) witam, otoz mam problem z wyskakującym błędem svchost.exe . 2 mój problem jest taki iż nie mogę opróżnić kosza, mogę opróżnić go tylko w systemie awaryjnym w trybie poleceń rd s recycled. i 3 problem taki, iż gdyż ponieważ po zainstalowaniu jakiegoś programu i po zresetowaniu kompa nie mogę go już odpalić, tak jakby go już nie było. wstawiam loga z OTL [log] OTL Extras logfile created on: 2010-04-06 21:19:37 - Run 1 OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 511,00 Mb Total Physical Memory | 205,00 Mb Available Physical Memory | 40,00% Memory free 1,00 Gb Paging File | 1,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 39,06 Gb Total Space | 2,19 Gb Free Space | 5,60% Space Free | Partition Type: NTFS Drive D: | 109,98 Gb Total Space | 3,65 Gb Free Space | 3,32% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: JUREK Current User Name: sebek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Extra Registry (All) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation) .cpl [@ = cplfile] -- C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation) .hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .url [@ = InternetShortcut] -- C:\WINDOWS\System32\shdocvw.dll (Microsoft Corporation) .js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation) .txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox1\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation) cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation) hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation) inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) regfile [open] -- regedit.exe "%1" (Microsoft Corporation) regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation) vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation) wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation) wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Przeglądaj w XnView] -- "C:\DOCUME~1\sebek\USTAWI~1\Temp\Rar$EX00.921\XnView\xnview.exe" "%1" File not found Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "6444:TCP" = 6444:TCP:*:Enabled:ppqumju "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "D:\Gadu-Gadu1\gg.exe" = D:\Gadu-Gadu1\gg.exe:*:Enabled:Gadu-Gadu - program główny -- (Gadu-Gadu S.A.) "C:\Program Files\GameSpy Arcade\Aphex.exe" = C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade -- (IGN Entertainment, Inc.) "D:\mohaa1.0\MOHAA.exe" = D:\mohaa1.0\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault -- (Electronic Arts Inc.) "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files\F1 2009TG Season\F1 Challenge 99-02.exe" = C:\Program Files\F1 2009TG Season\F1 Challenge 99-02.exe:*:Enabled:F1 Challenge 99-09 -- File not found "C:\Program Files\Hard Truck 2\htruck2.exe" = C:\Program Files\Hard Truck 2\htruck2.exe:*:Enabled:htruck2 -- File not found "C:\Program Files\Xfire\Xfire.exe" = C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire -- (Xfire Inc.) "D:\mohaa 1.11\MOHAA.exe" = D:\mohaa 1.11\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault(tm) -- (Electronic Arts Inc.) "C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com) "C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com) "C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- () "C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- () "C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation) "D:\Counter-Strike Source\hl2.exe" = D:\Counter-Strike Source\hl2.exe:*:Disabled:hl2 -- () "C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie\utorrent(3).exe" = C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie\utorrent(3).exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies) "C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie\utorrent(4).exe" = C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie\utorrent(4).exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie\utorrent(5).exe" = C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie\utorrent(5).exe:*:Enabled:µTorrent -- () "C:\Program Files\Codemasters\Project IGI2\pc\igi2.exe" = C:\Program Files\Codemasters\Project IGI2\pc\igi2.exe:*:Enabled:IGI2:Covert Strike -- (Innerloop Studios A/S) "C:\Program Files\Illusion Softworks\Hidden & Dangerous 2\hd2.exe" = C:\Program Files\Illusion Softworks\Hidden & Dangerous 2\hd2.exe:*:Enabled:hd2 -- () "D:\mohaa 1.11\MOHAA_server.exe" = D:\mohaa 1.11\MOHAA_server.exe:*:Enabled:Medal of Honor Allied Assault(tm) -- (Electronic Arts Inc.) "C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.) "C:\Program Files\GameSpy Arcade1\Aphex.exe" = C:\Program Files\GameSpy Arcade1\Aphex.exe:*:Enabled:GameSpy Arcade -- File not found "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) "C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie\utorrent(8).exe" = C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie\utorrent(8).exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files\HLSW\hlsw.exe" = C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application -- (Stripf Software) "D:\fm\Football Manager 2009\fm.exe" = D:\fm\Football Manager 2009\fm.exe:*:Enabled:Football Manager 2009 -- (Sports Interactive) "C:\Program Files\TmNationsForever\TmForever.exe" = C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- () "C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare -- (MusicLab, LLC) "C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH) "C:\Program Files\WinPcap\rpcapd.exe" = C:\Program Files\WinPcap\rpcapd.exe:*:Enabled:Remote Packet Capture Daemon -- (CACE Technologies) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{036FD544-AED6-3F33-856D-A2292D0CF471}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK "{067EC517-9731-43FD-B4D5-296EE0027BBB}" = LogMeIn Hamachi "{0DEA94ED-915A-4834-A87E-388D012C8E02}" = Medal of Honor Allied Assault "{1246FF64-3035-4A92-8FE6-A968275495EB}" = Sony Vegas Pro 8.0 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.3 "{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14 "{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2 "{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1 "{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5 "{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 5.009.00 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features "{5846E720-C188-478F-B501-45EA1ACC44D1}_is1" = MailShare 2.0.2 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo "{7C77393F-8237-3825-A88A-AFAF3C69C072}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{83437081-8186-4F63-BD39-4BE8A691E055}" = Hidden & Dangerous 2 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{93A1B09E-BAFA-4628-A5B6-921CB026955A}" = Corel Paint Shop Pro Photo XI "{99BEB67F-B288-44F5-8B2A-23F5F522A1AE}_is1" = Universal Anticheat 2 v2.12 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6 "{9FDCD01E-9926-4399-8BB9-74EEBE604C11}" = Quake Live Mozilla Plugin "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1038-7B44-CEA000000001}" = Adobe Reader 6.0.2 CE "{AF9DF4B7-5BDE-42F5-94EF-53311B55566B}" = Project IGI2 - Covert Strike "{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1 "{C878CD69-85DB-426B-81A3-E71175AAEB91}" = Dealio Toolbar v4.0.2 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1 "{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry "{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1 "{E2B64929-B616-4235-B10E-D26D686296F9}" = GiPo@FileUtilities 3.2 "{EB1B8449-CD8F-485B-ADB6-02FBCFE180D3}" = Razer DeathAdder(TM) Mouse "{F31E509D-3597-324E-83CF-0C160B2320F0}" = Microsoft .NET Framework 3.5 Language Pack - plk "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "7BDD6421B73797179E9A97E5C7DE019FBC77147F" = Windows Driver Package - Razer (HidUsb) HIDClass (04/04/2009 1.0.5.0) "85C2153E6B3ED760F8F06C23A83E8CC3C4680D6C" = Windows Driver Package - Cypress (CYUSB) USB (06/05/2009 3.4.1.20) "Active Ports" = Active Ports "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Advanced IP Scanner v1.5" = Advanced IP Scanner v1.5 "Advanced LAN Scanner v1.0 BETA 1" = Advanced LAN Scanner v1.0 BETA 1 "AdvancedRemoteInfo_is1" = AdvancedRemoteInfo "ALLPlayer_is1" = ALLPlayer V4.X "Anasil 2" = Anasil 2 "Audacity_is1" = Audacity 1.2.6 "BearShare" = BearShare "bearsharetb" = MediaBar "CC Get MAC Address_is1" = CC Get MAC Address 2.3 "CDex" = CDex extraction audio "ChomikBox" = ChomikBox "Counter-Strike: Source" = Counter-Strike: Source "CPUID CPU-Z_is1" = CPUID CPU-Z 1.52.2 "DA73216D935E3CBA996AFD6E6513ECC587E0C3C1" = Windows Driver Package - Razer (HidUsb) HIDClass (02/02/2007 1.0.5.0) "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "DMW Pro Client" = DMW Pro Client "DVDVideoSoft Toolbar" = DVDVideoSoft Toolbar "ettercap_ng" = Ettercap NG 0.7.3 "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.60 "F1 2009TG Season - Full" = F1 2009TG Season - Full "FarCry_is1" = Far Cry "FormatFactory" = FormatFactory 2.20 "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2 "Free Download Manager_is1" = Free Download Manager 3.0 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2 "Gadu-Gadu 10" = Gadu-Gadu 10 "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "GameSpy Arcade" = GameSpy Arcade "Hard Truck 2" = Hard Truck 2 "Hidden & Dangerous 2 Patch" = Hidden & Dangerous 2 Patch "HLSW_is1" = HLSW v1.3.3.0 "InstallShield_{83437081-8186-4F63-BD39-4BE8A691E055}" = Hidden & Dangerous 2 "ipla" = ipla 2.1.1 "KLiteCodecPack_is1" = K-Lite Codec Pack 4.6.2 (Full) "LogMeIn Hamachi" = LogMeIn Hamachi "Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5 "Microsoft .NET Framework 3.5 Language Pack - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 — PLK "MoorHunt_is1" = MoorHunt 0.6.4.0 "Motherboard Monitor 5_is1" = Motherboard Monitor 5 "Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3) "Mozilla Firefox (3.5.8)" = Mozilla Firefox (3.5.8) "Mozilla Firefox (3.6b1)" = Mozilla Firefox (3.6b1) "My Global Search Uninstall" = My Global Search Bar "NAPIPROJEKT_is1" = NAPIPROJEKT 1.0.6.2 "Nero - Burning Rom!UninstallKey" = Nero OEM "Network Play System" = EA Network Play System "Nitto 1320 Legends_is1" = Nitto 1320 Legends Public Beta 0.9.12.2 "nLite_is1" = nLite 1.4.9.1 "NVIDIA Drivers" = NVIDIA Drivers "OS_is1" = Overspeed: High Performance Street Racing "Overlook Fing 1.3" = Overlook Fing "PunkBusterSvc" = PunkBuster Services "RealAlt_is1" = Real Alternative 2.0.1 "save2pc Light_is1" = save2pc Light 3.53 "SMAC 2.0" = SMAC 2.0 "Software Informer_is1" = Software Informer 1.0 BETA "SopCast" = SopCast 3.0.3 "SubEdit-Player_is1" = SubEdit-Player "SubtitleWorkshop" = Subtitle Workshop 2.51 "TC UP" = Total Commander Ultima Prime 5.0.0.0 "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TeamViewer 5" = TeamViewer 5 "THE GODFATHER *DVD-RIP*_is1" = THE GODFATHER *DVD-RIP* "TmNationsForever_is1" = TmNationsForever "Tony Hawk's Pro Skater 3®" = Tony Hawk's Pro Skater 3® "Uninstall_is1" = Uninstall 1.0.0.1 "uTorrent" = µTorrent "VLC media player" = VLC media player 1.0.0 "WAV MP3 Converter" = WAV MP3 Converter 3.8 build 968 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows XP Service Pack" = Windows XP Service Pack 3 "winpcap-overlook" = winpcap-overlook 4.02 "WinRAR archiver" = Archiwizator WinRAR "WMFDist11" = Windows Media Format 11 runtime "Wolfenstein - Enemy Territory" = Wolfenstein - Enemy Territory "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "Xfire" = Xfire (remove only) "XLViewer97" = Microsoft Excel Viewer 97 "xp-AntiSpy" = xp-AntiSpy 3.97-5 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "uTorrent" = µTorrent [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-04-06 07:05:32 | Computer Name = JUREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd svchost.exe, wersja 5.1.0.0, moduł powodujący błąd svchost.exe, wersja 5.1.0.0, adres błędu 0x00001432. Error - 2010-04-06 10:26:59 | Computer Name = JUREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd svchost.exe, wersja 5.1.0.0, moduł powodujący błąd svchost.exe, wersja 5.1.0.0, adres błędu 0x00001432. Error - 2010-04-06 11:03:25 | Computer Name = JUREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd svchost.exe, wersja 5.1.0.0, moduł powodujący błąd svchost.exe, wersja 5.1.0.0, adres błędu 0x000013db. Error - 2010-04-06 11:22:28 | Computer Name = JUREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd svchost.exe, wersja 5.1.0.0, moduł powodujący błąd svchost.exe, wersja 5.1.0.0, adres błędu 0x000013db. Error - 2010-04-06 12:16:29 | Computer Name = JUREK | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca Aphex.exe, wersja 2.0.5.5228, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2010-04-06 12:16:31 | Computer Name = JUREK | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca Aphex.exe, wersja 2.0.5.5228, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2010-04-06 13:00:39 | Computer Name = JUREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd svchost.exe, wersja 5.1.0.0, moduł powodujący błąd svchost.exe, wersja 5.1.0.0, adres błędu 0x00001432. Error - 2010-04-06 14:18:09 | Computer Name = JUREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd svchost.exe, wersja 5.1.0.0, moduł powodujący błąd svchost.exe, wersja 5.1.0.0, adres błędu 0x00001432. Error - 2010-04-06 14:33:12 | Computer Name = JUREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd svchost.exe, wersja 5.1.0.0, moduł powodujący błąd svchost.exe, wersja 5.1.0.0, adres błędu 0x000013db. Error - 2010-04-06 15:51:48 | Computer Name = JUREK | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd svchost.exe, wersja 5.1.0.0, moduł powodujący błąd svchost.exe, wersja 5.1.0.0, adres błędu 0x00001432. [ System Events ] Error - 2010-03-12 23:26:28 | Computer Name = JUREK | Source = Service Control Manager | ID = 7034 Description = Usługa Power Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-03-13 00:45:08 | Computer Name = JUREK | Source = Service Control Manager | ID = 7034 Description = Usługa Power Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-03-13 02:33:16 | Computer Name = JUREK | Source = Service Control Manager | ID = 7034 Description = Usługa Power Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-03-13 05:41:42 | Computer Name = JUREK | Source = Service Control Manager | ID = 7034 Description = Usługa Power Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-03-13 12:23:04 | Computer Name = JUREK | Source = DCOM | ID = 10000 Description = Nie można uruchomić serwera DCOM: {FB7199AB-79BF-11D2-8D94-0000F875C541}. Błąd: „%299” wystąpił podczas uruchamiania tego polecenia: C:\Program Files\Messenger\msmsgs.exe -Embedding Error - 2010-03-13 16:13:01 | Computer Name = JUREK | Source = DCOM | ID = 10005 Description = Model DCOM odebrał błąd „%1058” podczas próby uruchomienia usługi BITS z argumentami „” w celu uruchomienia serwera: {4991D34B-80A1-4291-83B6-3328366B9097} Error - 2010-03-13 17:21:36 | Computer Name = JUREK | Source = Service Control Manager | ID = 7034 Description = Usługa Power Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-03-13 22:25:50 | Computer Name = JUREK | Source = Service Control Manager | ID = 7034 Description = Usługa Power Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-03-14 03:38:28 | Computer Name = JUREK | Source = Service Control Manager | ID = 7034 Description = Usługa Power Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-03-14 04:59:03 | Computer Name = JUREK | Source = Service Control Manager | ID = 7034 Description = Usługa Power Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. < End of report > [/log] i 2 log [log] OTL logfile created on: 2010-04-06 21:32:01 - Run 1 OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 511,00 Mb Total Physical Memory | 166,00 Mb Available Physical Memory | 33,00% Memory free 1,00 Gb Paging File | 1,00 Gb Available in Paging File | 73,00% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 39,06 Gb Total Space | 2,18 Gb Free Space | 5,58% Space Free | Partition Type: NTFS Drive D: | 109,98 Gb Total Space | 3,65 Gb Free Space | 3,32% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: JUREK Current User Name: sebek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (All) ==========[/color] PRC - [2010-04-06 21:19:16 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie\OTL.exe PRC - [2010-04-01 23:59:50 | 002,494,464 | ---- | M] (Mailshare.pl) -- C:\Program Files\MailShare\MailShare.exe PRC - [2010-02-25 09:08:32 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox1\firefox.exe PRC - [2010-01-08 00:51:02 | 000,401,408 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe PRC - [2009-12-15 19:35:56 | 000,264,704 | ---- | M] () -- C:\Program Files\Razer\DeathAdder\razerhid.exe PRC - [2009-07-31 19:37:51 | 000,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe PRC - [2008-04-14 21:51:52 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2008-04-14 21:51:52 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2008-04-14 21:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe PRC - [2008-04-14 21:51:46 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\taskmgr.exe PRC - [2008-04-14 21:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe PRC - [2008-04-14 21:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC] PRC - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] PRC - [2008-04-14 21:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe PRC - [2008-04-14 21:51:32 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe PRC - [2008-04-14 21:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-14 21:51:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe PRC - [2008-04-14 21:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe PRC - [2008-04-14 21:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe PRC - [2007-12-19 11:58:24 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files\Razer\DeathAdder\razerofa.exe PRC - [2007-05-28 17:57:54 | 000,296,448 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2006-12-15 11:15:40 | 000,189,692 | RHS- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcasvc.exe PRC - [2006-11-24 15:24:16 | 000,143,360 | ---- | M] () -- C:\Program Files\Razer\DeathAdder\razertra.exe PRC - [2006-11-02 19:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe PRC - [2006-10-25 10:32:36 | 000,036,864 | RHS- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\EXPLORER.EXE PRC - [2006-10-19 12:52:24 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2004-10-30 01:50:00 | 000,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2004-09-16 13:39:44 | 000,069,632 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE [color=#E56717]========== Modules (All) ==========[/color] MOD - [2010-04-06 21:19:16 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie\OTL.exe MOD - [2008-04-14 21:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv MOD - [2008-04-14 21:51:00 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll MOD - [2008-04-14 21:51:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll MOD - [2008-04-14 21:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll MOD - [2008-04-14 21:50:58 | 000,668,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll MOD - [2008-04-14 21:50:58 | 000,621,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll MOD - [2008-04-14 21:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll MOD - [2008-04-14 21:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll MOD - [2008-04-14 21:50:58 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll MOD - [2008-04-14 21:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll MOD - [2008-04-14 21:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll MOD - [2008-04-14 21:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll MOD - [2008-04-14 21:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll MOD - [2008-04-14 21:50:48 | 001,499,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll MOD - [2008-04-14 21:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll MOD - [2008-04-14 21:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll MOD - [2008-04-14 21:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll MOD - [2008-04-14 21:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll MOD - [2008-04-14 21:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll MOD - [2008-04-14 21:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll MOD - [2008-04-14 21:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll MOD - [2008-04-14 21:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll MOD - [2008-04-14 21:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll MOD - [2008-04-14 21:50:42 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll MOD - [2008-04-14 21:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll MOD - [2008-04-14 21:50:42 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll MOD - [2008-04-14 21:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll MOD - [2008-04-14 21:50:40 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstask.dll MOD - [2008-04-14 21:50:38 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll MOD - [2008-04-14 21:50:38 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll MOD - [2008-04-14 21:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll MOD - [2008-04-14 21:50:36 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll MOD - [2008-04-14 21:50:34 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll MOD - [2008-04-14 21:50:32 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll MOD - [2008-04-14 21:50:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2008-04-14 21:50:28 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll MOD - [2008-04-14 21:50:18 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll MOD - [2008-04-14 21:50:18 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll MOD - [2008-04-14 21:50:16 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll MOD - [2008-04-14 21:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll MOD - [2008-04-14 21:50:12 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll MOD - [2008-04-14 21:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll MOD - [2008-04-14 21:50:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll MOD - [2008-04-14 21:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll MOD - [2008-04-14 21:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll [color=#E56717]========== Win32 Services (All) ==========[/color] SRV - [2010-02-26 16:03:50 | 000,135,664 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Usługa Google Update (gupdate) SRV - [2010-01-08 00:51:02 | 000,401,408 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater) SRV - [2009-11-14 09:09:24 | 000,182,768 | ---- | M] (Google) [Disabled | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc) SRV - [2009-10-29 12:27:54 | 001,074,568 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2009-07-31 19:37:51 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA) SRV - [2009-07-13 23:18:12 | 000,071,096 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU) SRV - [2008-04-14 21:51:50 | 000,126,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv) SRV - [2008-04-14 21:51:48 | 000,291,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS) SRV - [2008-04-14 21:51:46 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr) SRV - [2008-04-14 21:51:46 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ups.exe -- (UPS) Zasilacz awaryjny (UPS) SRV - [2008-04-14 21:51:44 | 000,091,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog) SRV - [2008-04-14 21:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler) SRV - [2008-04-14 21:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\svchost.exe -- (HidServ) SRV - [2008-04-14 21:51:40 | 000,142,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr) SRV - [2008-04-14 21:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay) SRV - [2008-04-14 21:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog) SRV - [2008-04-14 21:51:40 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr) SRV - [2008-04-14 21:51:32 | 000,114,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm) SRV - [2008-04-14 21:51:32 | 000,114,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE) SRV - [2008-04-14 21:51:30 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer) SRV - [2008-04-14 21:51:30 | 000,006,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC) SRV - [2008-04-14 21:51:26 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc) SRV - [2008-04-14 21:51:24 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator) Lokalizator usługi zdalnego wywołania procedury (RPC) SRV - [2008-04-14 21:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs) SRV - [2008-04-14 21:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage) SRV - [2008-04-14 21:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent) SRV - [2008-04-14 21:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp) SRV - [2008-04-14 21:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon) SRV - [2008-04-14 21:51:20 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService) SRV - [2008-04-14 21:51:14 | 000,225,280 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin) SRV - [2008-04-14 21:51:14 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv) SRV - [2008-04-14 21:51:14 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp) SRV - [2008-04-14 21:51:08 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv) SRV - [2008-04-14 21:51:08 | 000,005,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc) SRV - [2008-04-14 21:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG) SRV - [2008-04-14 21:51:02 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC) SRV - [2008-04-14 21:51:02 | 000,129,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov) SRV - [2008-04-14 21:51:02 | 000,006,656 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv) SRV - [2008-04-14 21:51:00 | 000,145,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt) SRV - [2008-04-14 21:51:00 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc) SRV - [2008-04-14 21:50:58 | 000,334,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Windows Image Acquisition (WIA) SRV - [2008-04-14 21:50:58 | 000,296,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService) SRV - [2008-04-14 21:50:58 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv) SRV - [2008-04-14 21:50:58 | 000,186,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost) SRV - [2008-04-14 21:50:58 | 000,176,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\w32time.dll -- (W32Time) SRV - [2008-04-14 21:50:58 | 000,171,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice) SRV - [2008-04-14 21:50:58 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation) SRV - [2008-04-14 21:50:58 | 000,096,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver) SRV - [2008-04-14 21:50:58 | 000,090,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks) SRV - [2008-04-14 21:50:58 | 000,071,680 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV) SRV - [2008-04-14 21:50:58 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient) SRV - [2008-04-14 21:50:58 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter) SRV - [2008-04-14 21:50:48 | 000,135,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes) SRV - [2008-04-14 21:50:48 | 000,135,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection) SRV - [2008-04-14 21:50:48 | 000,135,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility) SRV - [2008-04-14 21:50:46 | 000,409,088 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\qmgr.dll -- (BITS) SRV - [2008-04-14 21:50:46 | 000,399,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs) Zdalne wywoływanie procedur (RPC) SRV - [2008-04-14 21:50:46 | 000,399,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch) SRV - [2008-04-14 21:50:46 | 000,293,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qagentrt.dll -- (napagent) SRV - [2008-04-14 21:50:46 | 000,193,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule) SRV - [2008-04-14 21:50:46 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan) SRV - [2008-04-14 21:50:46 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto) SRV - [2008-04-14 21:50:46 | 000,059,904 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry) SRV - [2008-04-14 21:50:46 | 000,039,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\sens.dll -- (SENS) SRV - [2008-04-14 21:50:46 | 000,038,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc) SRV - [2008-04-14 21:50:46 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon) SRV - [2008-04-14 21:50:44 | 000,065,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\nwwks.dll -- (NWCWorkstation) SRV - [2008-04-14 21:50:42 | 000,435,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc) SRV - [2008-04-14 21:50:42 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman) SRV - [2008-04-14 21:50:40 | 000,246,784 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla) Rozpoznawanie lokalizacji w sieci (NLA) SRV - [2008-04-14 21:50:40 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger) SRV - [2008-04-14 21:50:36 | 000,164,072 | RHS- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\mfyoms.dll -- (ghixu) SRV - [2008-04-14 21:50:36 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\kmsvc.dll -- (hkmsvc) SRV - [2008-04-14 21:50:36 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess) SRV - [2008-04-14 21:50:36 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts) SRV - [2008-04-14 21:50:34 | 000,330,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess) SRV - [2008-04-14 21:50:32 | 000,246,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\es.dll -- (EventSystem) SRV - [2008-04-14 21:50:32 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost) Usługa protokołu uwierzytelniania rozszerzonego (EAP) SRV - [2008-04-14 21:50:32 | 000,023,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc) SRV - [2008-04-14 21:50:28 | 000,133,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc) SRV - [2008-04-14 21:50:28 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache) SRV - [2008-04-14 21:50:28 | 000,024,064 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver) SRV - [2008-04-14 21:50:24 | 000,126,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp) SRV - [2008-04-14 21:50:18 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc) SRV - [2008-04-14 21:50:06 | 000,077,824 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\browser.dll -- (Browser) SRV - [2008-04-14 21:50:04 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv) SRV - [2008-04-14 21:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi) SRV - [2008-04-14 21:50:00 | 000,172,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\appmgmts.dll -- (AppMgmt) SRV - [2008-04-14 21:50:00 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter) SRV - [2007-10-24 00:47:40 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007-10-24 00:47:22 | 000,033,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state) SRV - [2007-10-11 08:55:14 | 000,147,456 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2007-10-11 08:55:10 | 000,884,736 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc) SRV - [2007-10-09 11:58:12 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0) SRV - [2007-05-28 17:57:54 | 000,296,448 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2006-12-15 11:15:40 | 000,189,692 | RHS- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\odbcasvc.exe -- (odbcasvc) SRV - [2006-11-02 19:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing) SRV - [2006-10-19 12:52:24 | 000,061,440 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService) SRV - [2006-10-18 20:47:16 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mspmsnsv.dll -- (WmdmPmSN) SRV - [2006-09-28 17:56:14 | 000,055,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\WudfSvc.dll -- (WudfSvc) SRV - [2004-10-30 01:50:00 | 000,127,043 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc) SRV - [2001-10-26 20:30:02 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP) [color=#E56717]========== Driver Services (All) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ViaIde) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ultra) DRV - File not found [Kernel | Disabled | Stopped] -- -- (TosIde) DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc8xx) DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc810) DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_u3) DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_hi) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Sparrow) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Simbad) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1280) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1240) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql12160) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Ql10wnt) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1080) DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2hib) DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | Disabled | Stopped] -- -- (mraid35x) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | Disabled | Stopped] -- -- (ini910u) DRV - File not found [Kernel | Disabled | Stopped] -- -- (i2omp) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | Disabled | Stopped] -- -- (hpn) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (GMSIPCI) DRV - File not found [Kernel | Disabled | Stopped] -- -- (dpti2o) DRV - File not found [Kernel | Disabled | Stopped] -- -- (dac960nt) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Cpqarray) DRV - File not found [Kernel | Disabled | Stopped] -- -- (CmdIde) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | Disabled | Stopped] -- -- (cd20xrnt) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Atdisk) DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3550) DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3350p) DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc) DRV - File not found [Kernel | Disabled | Stopped] -- -- (amsint) DRV - File not found [Kernel | Disabled | Stopped] -- -- (AliIde) DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78xx) DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78u2) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Aha154x) DRV - File not found [Kernel | Disabled | Stopped] -- -- (adpu160m) DRV - File not found [Kernel | Disabled | Stopped] -- -- (abp480n5) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Abiosdsk) DRV - [2010-01-05 21:09:13 | 000,004,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\01.tmp -- (kcmxr) DRV - [2009-11-19 07:52:41 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-10-02 16:47:42 | 000,223,128 | ---- | M] (DT Soft Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi) DRV - [2009-09-23 09:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2009-03-27 01:16:28 | 000,012,672 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz132_x32.sys -- (cpuz132) DRV - [2009-02-08 12:12:50 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf) DRV - [2008-10-21 09:22:48 | 000,114,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mdm.sys -- (s0017mdm) DRV - [2008-10-21 09:22:48 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017unic.sys -- (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM) DRV - [2008-10-21 09:22:48 | 000,108,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mgmt.sys -- (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM) DRV - [2008-10-21 09:22:48 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017obex.sys -- (s0017obex) DRV - [2008-10-21 09:22:48 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017bus.sys -- (s0017bus) Sony Ericsson Device 0017 driver (WDM) DRV - [2008-10-21 09:22:48 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017nd5.sys -- (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS) DRV - [2008-10-21 09:22:48 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mdfl.sys -- (s0017mdfl) DRV - [2008-05-16 11:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) DRV - [2008-05-16 11:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) DRV - [2008-05-16 11:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl) DRV - [2008-05-16 11:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm) DRV - [2008-05-16 11:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) DRV - [2008-05-16 11:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex) DRV - [2008-05-16 11:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM) DRV - [2008-04-14 21:52:26 | 000,139,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rdpwd.sys -- (RDPWD) DRV - [2008-04-14 21:52:24 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD) DRV - [2008-04-14 21:52:24 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tdtcp.sys -- (TDTCP) DRV - [2008-04-14 21:52:24 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tdpipe.sys -- (TDPIPE) DRV - [2008-04-14 21:04:08 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sr.sys -- (sr) DRV - [2008-04-14 21:03:30 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\pcmcia.sys -- (Pcmcia) DRV - [2008-04-14 21:03:24 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\pci.sys -- (PCI) DRV - [2008-04-14 21:03:04 | 000,080,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport) DRV - [2008-04-14 20:52:56 | 000,153,856 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\dmio.sys -- (dmio) DRV - [2008-04-14 20:52:42 | 000,800,000 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot) DRV - [2008-04-14 20:50:08 | 000,024,960 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass) DRV - [2008-04-14 20:48:42 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\isapnp.sys -- (isapnp) DRV - [2008-04-14 20:46:26 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm) DRV - [2008-04-14 20:46:24 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\intelide.sys -- (IntelIde) DRV - [2008-04-14 20:41:38 | 000,053,248 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt) DRV - [2008-04-14 20:41:06 | 000,065,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\serial.sys -- (Serial) DRV - [2008-04-14 20:35:04 | 000,058,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook) DRV - [2008-04-14 20:33:38 | 000,044,672 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fips.sys -- (Fips) DRV - [2008-04-14 20:31:42 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\volsnap.sys -- (VolSnap) DRV - [2008-04-14 20:25:10 | 000,023,296 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass) DRV - [2008-04-14 20:24:52 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\modem.sys -- (Modem) DRV - [2008-04-14 20:24:40 | 000,188,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ACPI.sys -- (ACPI) DRV - [2008-04-14 00:15:28 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (HidUsb) DRV - [2008-04-13 23:58:40 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss) DRV - [2008-04-13 23:51:02 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT) DRV - [2008-04-13 23:50:44 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan) DRV - [2008-04-13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ndis.sys -- (NDIS) DRV - [2008-04-13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip) DRV - [2008-04-13 23:49:50 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP) DRV - [2008-04-13 23:49:44 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec) DRV - [2008-04-13 23:49:44 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP) DRV - [2008-04-13 23:49:24 | 000,138,112 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD) DRV - [2008-04-13 23:47:20 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud) DRV - [2008-04-13 23:47:06 | 000,105,344 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\mup.sys -- (Mup) DRV - [2008-04-13 23:47:02 | 000,456,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb) DRV - [2008-04-13 23:45:56 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio) DRV - [2008-04-13 23:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\ntfs.sys -- (Ntfs) DRV - [2008-04-13 23:45:12 | 000,334,848 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv) DRV - [2008-04-13 23:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\fastfat.sys -- (Fastfat) DRV - [2008-04-13 23:44:22 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\cdfs.sys -- (Cdfs) DRV - [2008-04-13 23:27:34 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe) DRV - [2008-04-13 23:27:30 | 000,040,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndproxy.sys -- (NDProxy) DRV - [2008-04-13 23:27:28 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac) DRV - [2008-04-13 23:27:28 | 000,010,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi) DRV - [2008-04-13 23:27:22 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp) DRV - [2008-04-13 23:27:16 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat) DRV - [2008-04-13 23:27:08 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp) DRV - [2008-04-13 23:26:40 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched) DRV - [2008-04-13 23:26:34 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc) DRV - [2008-04-13 23:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2008-04-13 23:26:04 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS) DRV - [2008-04-13 23:26:00 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio) DRV - [2008-04-13 23:24:30 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM) DRV - [2008-04-13 23:23:54 | 000,264,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP) DRV - [2008-04-13 23:23:36 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw) DRV - [2008-04-13 23:21:26 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc) DRV - [2008-04-13 23:15:40 | 000,032,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp) DRV - [2008-04-13 23:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBSTOR.SYS -- (USBSTOR) DRV - [2008-04-13 23:15:38 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub) DRV - [2008-04-13 23:15:36 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci) DRV - [2008-04-13 23:15:36 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci) DRV - [2008-04-13 23:15:36 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan) DRV - [2008-04-13 23:15:14 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud) DRV - [2008-04-13 23:15:10 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer) DRV - [2008-04-13 23:15:10 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi) DRV - [2008-04-13 23:15:08 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter) DRV - [2008-04-13 23:15:02 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dmusic.sys -- (DMusic) DRV - [2008-04-13 23:14:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave) DRV - [2008-04-13 23:11:00 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi) DRV - [2008-04-13 23:10:50 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\partmgr.sys -- (PartMgr) DRV - [2008-04-13 23:10:50 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\sfloppy.sys -- (Sfloppy) DRV - [2008-04-13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom) DRV - [2008-04-13 23:10:48 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\disk.sys -- (Disk) DRV - [2008-04-13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi) DRV - [2008-04-13 23:10:26 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fdc.sys -- (Fdc) DRV - [2008-04-13 23:10:26 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\flpydisk.sys -- (Flpydisk) DRV - [2008-04-13 23:10:14 | 000,015,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\serenum.sys -- (serenum) DRV - [2008-04-13 23:09:54 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mskssrv.sys -- (MSKSSRV) DRV - [2008-04-13 23:09:54 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum) DRV - [2008-04-13 23:09:52 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspclock.sys -- (MSPCLOCK) DRV - [2008-04-13 23:09:52 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspqm.sys -- (MSPQM) DRV - [2008-04-13 23:09:48 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\update.sys -- (Update) DRV - [2008-04-13 23:09:48 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mountmgr.sys -- (MountMgr) DRV - [2008-04-13 23:06:48 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios) DRV - [2008-04-13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\agp440.sys -- (agp440) DRV - [2008-04-13 23:04:14 | 000,163,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nwrdr.sys -- (NWRDR) DRV - [2008-04-13 23:03:00 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\fltmgr.sys -- (FltMgr) DRV - [2008-04-13 23:02:52 | 000,196,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr) DRV - [2008-04-13 23:02:46 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV) DRV - [2008-04-13 23:02:40 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\npfs.sys -- (Npfs) DRV - [2008-04-13 23:02:40 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\msfs.sys -- (Msfs) DRV - [2008-04-13 23:02:38 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\udfs.sys -- (Udfs) DRV - [2008-04-13 23:01:44 | 000,092,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ksecdd.sys -- (KSecDD) DRV - [2008-04-13 21:09:24 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec) DRV - [2008-04-13 21:09:18 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2007-08-02 17:32:26 | 000,022,784 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dadder.sys -- (DAdderFltr) DRV - [2006-11-08 20:19:18 | 000,004,544 | ---- | M] (SweetLow) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidusbf.sys -- (hidusbf) DRV - [2006-10-18 19:00:00 | 000,038,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wpdusb.sys -- (WpdUsb) DRV - [2006-09-28 17:55:50 | 000,077,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\WudfPf.sys -- (WudfPf) DRV - [2006-01-13 14:00:52 | 000,015,872 | ---- | M] (Flint Incorporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\vd_filedisk.sys -- (VD_FileDisk) DRV - [2004-10-30 01:50:00 | 002,826,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2004-09-21 12:53:18 | 002,278,784 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2004-04-13 13:14:12 | 000,070,144 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp) DRV - [2004-04-10 09:42:36 | 000,002,944 | ---- | M] (cansoft@livewiredev.com) [Kernel | System | Running] -- C:\WINDOWS\system32\mbmiodrvr.sys -- (mbmiodrvr) DRV - [2001-10-26 21:03:24 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\cdaudio.sys -- (Cdaudio) DRV - [2001-10-26 19:59:38 | 000,125,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ftdisk.sys -- (Ftdisk) DRV - [2001-10-26 19:56:42 | 000,003,456 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pciide.sys -- (PCIIde) DRV - [2001-10-26 19:55:30 | 000,006,912 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\parvdm.sys -- (ParVdm) DRV - [2001-10-26 19:46:18 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\acpiec.sys -- (ACPIEC) DRV - [2001-10-26 15:57:56 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid) DRV - [2001-08-18 00:58:18 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\dmload.sys -- (dmload) DRV - [2001-08-18 00:57:30 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mnmdd.sys -- (mnmdd) DRV - [2001-08-18 00:55:40 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd) DRV - [2001-08-18 00:55:32 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti) DRV - [2001-08-18 00:55:06 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver) DRV - [2001-08-18 00:54:18 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2001-08-18 00:54:18 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2001-08-18 00:54:10 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd) DRV - [2001-08-18 00:54:06 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt) DRV - [2001-08-18 00:52:06 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\cbidf2k.sys -- (cbidf2k) DRV - [2001-08-18 00:49:56 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) DRV - [2001-08-18 00:47:40 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\null.sys -- (Null) DRV - [2001-08-18 00:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\beep.sys -- (Beep) DRV - [2001-08-18 00:46:56 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD) DRV - [2001-08-17 22:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub) [color=#E56717]========== Standard Registry (All) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/ IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Dealio Toolbar\SearchSettings.dll (Spigot, Inc.) IE - HKCU\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVD1.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=966134" FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.5.1.110 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.1 FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.0 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.8 FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=966134&p=" FF - prefs.js..network.proxy.http: "68.107.94.28" FF - prefs.js..network.proxy.http_port: 38275 FF - prefs.js..network.proxy.no_proxies_on: "" FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-10-12 17:18:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-03-22 19:57:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox1\components [2010-02-28 08:37:33 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox1\plugins [2010-03-22 19:57:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6b1\extensions\\Components: C:\Program Files\Mozilla Firefox 3.6 Beta 1\components [2009-11-09 16:58:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6b1\extensions\\Plugins: C:\Program Files\Mozilla Firefox 3.6 Beta 1\plugins [2010-03-22 19:57:54 | 000,000,000 | ---D | M] [2009-10-12 16:19:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sebek\Dane aplikacji\Mozilla\Extensions [2009-10-12 16:19:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sebek\Dane aplikacji\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2010-04-06 18:12:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sebek\Dane aplikacji\Mozilla\Firefox\Profiles\w114i314.default\extensions [2010-03-14 11:56:27 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\sebek\Dane aplikacji\Mozilla\Firefox\Profiles\w114i314.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010-01-21 23:57:42 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\sebek\Dane aplikacji\Mozilla\Firefox\Profiles\w114i314.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2009-12-17 05:01:52 | 000,000,000 | ---D | M] (MediaBar) -- C:\Documents and Settings\sebek\Dane aplikacji\Mozilla\Firefox\Profiles\w114i314.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593} [2010-02-15 01:01:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sebek\Dane aplikacji\Mozilla\Firefox\Profiles\w114i314.default\extensions\toolbar@ask.com [2009-07-18 00:02:48 | 000,002,476 | ---- | M] () -- C:\Documents and Settings\sebek\Dane aplikacji\Mozilla\Firefox\Profiles\w114i314.default\searchplugins\BearShareWebSearch.xml [2010-01-19 18:53:17 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009-10-12 16:19:24 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-10-09 20:44:53 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2009-08-01 02:44:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} [2009-08-24 21:23:38 | 000,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll [2009-08-24 21:23:38 | 000,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll [2009-08-01 02:43:54 | 000,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll [2009-09-18 15:43:32 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll [2009-08-24 21:23:38 | 000,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll [2003-05-15 10:01:48 | 000,133,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll [2009-10-09 19:00:00 | 000,140,864 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll [2009-10-09 19:00:00 | 000,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll [2009-08-24 20:19:13 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2009-08-24 20:19:13 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2009-08-24 20:19:13 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml [2009-08-24 20:19:13 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2009-08-24 20:19:13 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2009-08-24 20:19:13 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2009-08-24 20:19:13 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml [2009-10-24 18:05:18 | 000,000,808 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml O1 HOSTS File: ([2001-10-26 18:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll (Spigot, Inc.) O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll () O2 - BHO: (My Global Search Bar BHO) - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search) O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare\BearShareIEHelper.dll () O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.) O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll () O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Dealio Toolbar\SearchSettings.dll (Spigot, Inc.) O2 - BHO: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVD1.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll () O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKLM\..\Toolbar: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVD1.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\ShellBrowser: (&Adres) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\ShellBrowser: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search) O3 - HKCU\..\Toolbar\ShellBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKCU\..\Toolbar\ShellBrowser: (DVDVideoSoft Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Program Files\DVDVideoSoft\tbDVD1.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (&Adres) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Łącza) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search) O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoft Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Program Files\DVDVideoSoft\tbDVD1.dll (Conduit Ltd.) O4 - HKLM..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe () O4 - HKLM..\Run: [DmwClient] File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation) O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Dealio Toolbar\SearchSettings.exe (Spigot, Inc.) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team) O4 - HKCU..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKCU..\Run: [EXPLORER.EXE] C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation) O4 - HKCU..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe (FreeDownloadManager.ORG) O4 - HKCU..\Run: [Gadu-Gadu] D:\Gadu-Gadu1\gg.exe (Gadu-Gadu S.A.) O4 - HKCU..\Run: [mount.exe] C:\Program Files\GiPo@Utilities\FileUtilities.3\mount.exe (Gibin Software House (http://www.gibinsoft.net)) O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe () O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKCU..\Run: [wsctf.exe] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 157 O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.) O8 - Extra context menu item: Pobierz plik wideo we Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm () O8 - Extra context menu item: Pobierz w Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm () O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm () O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm () O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe () O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe () O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.7.1 O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (EXPLORER.EXE) - C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation) O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation) O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation) O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation) O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation) O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation) O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Moduł wstępnego ładowania interfejsu Browseui - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Demon buforu kategorii składników - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\sebek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\sebek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{00c00bee-6ca2-11de-be89-001109c07f03}\Shell - "" = AutoRun O33 - MountPoints2\{00c00bee-6ca2-11de-be89-001109c07f03}\Shell\1\Command - "" = H:\.\recycled\info.exe -- File not found O33 - MountPoints2\{00c00bee-6ca2-11de-be89-001109c07f03}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\shell32.dll -- [2008-04-14 21:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) O33 - MountPoints2\{13cf756e-2614-11df-bfd1-001109c07f03}\Shell - "" = AutoRun O33 - MountPoints2\{13cf756e-2614-11df-bfd1-001109c07f03}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\shell32.dll -- [2008-04-14 21:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) O33 - MountPoints2\{663e320f-c6ad-11de-bf1b-001109c07f03}\Shell - "" = AutoRun O33 - MountPoints2\{663e320f-c6ad-11de-bf1b-001109c07f03}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\shell32.dll -- [2008-04-14 21:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) O33 - MountPoints2\{79d9c0a6-cdcb-11de-bf20-001109c07f03}\Shell - "" = AutoRun O33 - MountPoints2\{79d9c0a6-cdcb-11de-bf20-001109c07f03}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\shell32.dll -- [2008-04-14 21:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) O33 - MountPoints2\{79d9c0a7-cdcb-11de-bf20-001109c07f03}\Shell - "" = AutoRun O33 - MountPoints2\{79d9c0a7-cdcb-11de-bf20-001109c07f03}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\shell32.dll -- [2008-04-14 21:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) O33 - MountPoints2\{a156e958-e43f-11de-bf33-001109c07f03}\Shell - "" = AutoRun O33 - MountPoints2\{a156e958-e43f-11de-bf33-001109c07f03}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\shell32.dll -- [2008-04-14 21:50:48 | 008,489,984 | ---- | M] (Microsoft Corporation) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-04-06 19:29:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2010-03-28 21:30:18 | 000,002,944 | ---- | C] (cansoft@livewiredev.com) -- C:\WINDOWS\System32\mbmiodrvr.sys [2010-03-28 21:30:15 | 000,000,000 | ---D | C] -- C:\Program Files\Motherboard Monitor 5 [2010-03-22 19:57:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Adobe [2010-03-22 19:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2010-03-22 19:57:33 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2010-03-22 19:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cache [2010-03-21 01:47:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sebek\Dane aplikacji\TeamViewer [2010-03-21 01:46:00 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer [2010-03-21 00:36:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sebek\Pulpit\rainbowcrack-1.4-win [2010-03-20 23:36:25 | 000,000,000 | ---D | C] -- C:\Program Files\XLView [2010-03-20 23:23:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sebek\Pulpit\kurnik [2010-03-20 16:51:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sebek\Pulpit\brut [2010-03-18 21:57:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\City Interactive [2010-03-15 12:06:59 | 000,000,000 | ---D | C] -- C:\Program Files\ConvertHelper [2010-03-14 12:00:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sebek\dwhelper [2010-03-08 10:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sebek\Moje dokumenty\Sports Interactive [2010-03-08 10:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sebek\Dane aplikacji\Sports Interactive [2010-03-08 10:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Sports Interactive [2010-03-08 10:41:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sports Interactive [2010-03-08 00:39:51 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010-03-07 23:49:22 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll [2010-03-07 23:49:21 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll [2010-03-07 23:49:21 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll [2010-03-07 23:49:20 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll [2010-03-07 23:49:18 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll [2010-03-07 23:49:18 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll [2010-03-07 23:49:17 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll [2010-03-07 23:49:16 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll [2010-03-07 23:49:15 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll [2010-03-07 23:49:15 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll [2010-03-07 23:49:14 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll [2010-03-07 23:45:10 | 000,000,000 | ---D | C] -- C:\dx [2010-03-07 23:01:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sebek\Moje dokumenty\FIFA 2005 [2010-02-26 16:08:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Google [2010-02-26 16:03:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google [2010-01-05 17:33:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi [2009-12-16 11:21:34 | 000,871,936 | ---- | C] (Bil Software) -- C:\Documents and Settings\sebek\Ygoow.exe [2009-08-02 22:10:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2009-08-01 03:30:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\SACore [2009-07-28 16:06:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Xfire [2009-07-09 11:57:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2009-07-09 11:53:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2009-07-09 11:53:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-04-06 21:18:01 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-04-06 21:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2010-04-06 19:29:06 | 000,017,878 | -H-- | M] () -- C:\WINDOWS\System32\vcmgcd32.dl_ [2010-04-06 19:29:00 | 000,017,145 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010-04-06 19:28:58 | 000,036,864 | ---- | M] () -- C:\WINDOWS\System32\vcmgcd32.dll [2010-04-06 19:28:56 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-04-06 19:28:53 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-04-06 19:28:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-04-06 19:28:50 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys [2010-04-06 17:09:13 | 006,029,312 | -H-- | M] () -- C:\Documents and Settings\sebek\NTUSER.DAT [2010-04-06 16:20:04 | 000,060,416 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.VER [2010-04-06 15:16:54 | 000,000,744 | ---- | M] () -- C:\Documents and Settings\sebek\Pulpit\DMW Pro Client.lnk [2010-04-05 21:25:55 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\sebek\ntuser.ini [2010-04-05 21:10:47 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-04-05 21:06:41 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\sebek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-04-05 20:36:15 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-03-23 09:03:53 | 000,002,672 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2010-03-23 09:03:47 | 000,000,088 | RHS- | M] () -- C:\WINDOWS\System32\5F4C08A6CE.sys [2010-03-22 19:57:54 | 000,001,759 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 6.0 CE.lnk [2010-03-22 15:39:06 | 004,994,688 | ---- | M] () -- C:\Documents and Settings\sebek\Pulpit\DZ - Break It Down.flv [2010-03-21 12:06:44 | 000,027,773 | ---- | M] () -- C:\Documents and Settings\sebek\Pulpit\34475.htm [2010-03-21 01:46:11 | 000,000,883 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 5.lnk [2010-03-20 00:04:51 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\sebek\Pulpit\manni.rar.sha [2010-03-19 20:16:40 | 000,022,337 | ---- | M] () -- C:\Documents and Settings\sebek\Moje dokumenty\Pff.JPG [2010-03-19 02:33:10 | 000,000,408 | ---- | M] () -- C:\Documents and Settings\sebek\Pulpit\counterstrikesource.bat [2010-03-19 01:36:01 | 000,000,507 | ---- | M] () -- C:\WINDOWS\win.ini [2010-03-19 00:55:40 | 000,000,171 | ---- | M] () -- C:\Documents and Settings\sebek\Pulpit\Hotel_mierci_See_No_Evil_2006_lektor_pl_4Cinema_pl_-_Darmowe-2.flv [2010-03-19 00:55:23 | 000,000,171 | ---- | M] () -- C:\Documents and Settings\sebek\Pulpit\Hotel_mierci_See_No_Evil_2006_lektor_pl_4Cinema_pl_-_Darmowe-1.flv [2010-03-18 23:44:43 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\sebek\Pulpit\kallisto 4.rar.sha [2010-03-18 22:52:35 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\sebek\Pulpit\autoplay.rar.sha [2010-03-15 12:01:32 | 011,478,296 | ---- | M] () -- C:\Documents and Settings\sebek\Pulpit\Disturbed - Down With The Sickness lyrics.flv [2010-03-14 17:23:01 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-03-14 04:05:44 | 000,000,480 | ---- | M] () -- C:\Documents and Settings\sebek\Pulpit\Far Cry.lnk [2010-03-08 00:28:36 | 003,174,364 | -H-- | M] () -- C:\Documents and Settings\sebek\Ustawienia lokalne\Dane aplikacji\IconCache.db [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-03-22 19:57:54 | 000,001,759 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 6.0 CE.lnk [2010-03-22 15:36:46 | 004,994,688 | ---- | C] () -- C:\Documents and Settings\sebek\Pulpit\DZ - Break It Down.flv [2010-03-21 12:05:58 | 000,027,773 | ---- | C] () -- C:\Documents and Settings\sebek\Pulpit\34475.htm [2010-03-21 01:46:11 | 000,000,883 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 5.lnk [2010-03-20 00:04:51 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\sebek\Pulpit\manni.rar.sha [2010-03-19 20:16:24 | 000,022,337 | ---- | C] () -- C:\Documents and Settings\sebek\Moje dokumenty\Pff.JPG [2010-03-19 02:26:15 | 000,000,408 | ---- | C] () -- C:\Documents and Settings\sebek\Pulpit\counterstrikesource.bat [2010-03-19 00:55:31 | 000,000,171 | ---- | C] () -- C:\Documents and Settings\sebek\Pulpit\Hotel_mierci_See_No_Evil_2006_lektor_pl_4Cinema_pl_-_Darmowe-2.flv [2010-03-19 00:55:17 | 000,000,171 | ---- | C] () -- C:\Documents and Settings\sebek\Pulpit\Hotel_mierci_See_No_Evil_2006_lektor_pl_4Cinema_pl_-_Darmowe-1.flv [2010-03-18 23:44:43 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\sebek\Pulpit\kallisto 4.rar.sha [2010-03-18 22:52:35 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\sebek\Pulpit\autoplay.rar.sha [2010-03-15 11:57:57 | 011,478,296 | ---- | C] () -- C:\Documents and Settings\sebek\Pulpit\Disturbed - Down With The Sickness lyrics.flv [2010-03-14 17:22:57 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-03-12 13:35:43 | 000,000,480 | ---- | C] () -- C:\Documents and Settings\sebek\Pulpit\Far Cry.lnk [2010-03-08 00:31:41 | 536,399,872 | -HS- | C] () -- C:\hiberfil.sys [2010-03-07 22:40:10 | 000,617,548 | ---- | C] () -- C:\Documents and Settings\sebek\Pulpit\B. Kariera - pwnd [2010-03-05 01:11:22 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll [2010-02-05 09:51:48 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2010-01-08 18:37:00 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\mbr_sqlite.dll [2009-12-16 13:47:41 | 000,005,044 | ---- | C] () -- C:\Documents and Settings\sebek\settings.xml [2009-12-16 12:03:23 | 000,000,877 | ---- | C] () -- C:\Documents and Settings\sebek\tasks.dat [2009-12-16 11:21:45 | 000,189,440 | ---- | C] () -- C:\Documents and Settings\sebek\XPTable.dll [2009-12-16 11:21:40 | 000,749,568 | ---- | C] () -- C:\Documents and Settings\sebek\YgoowCore.dll [2009-11-30 17:24:15 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-11-30 17:24:13 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009-11-30 17:24:13 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-11-30 17:24:13 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009-11-30 17:24:12 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-11-30 17:24:12 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009-11-19 07:36:19 | 014,286,411 | ---- | C] () -- C:\Program Files\godfather.exe [2009-11-19 07:29:15 | 000,030,434 | ---- | C] () -- C:\Program Files\MI-GTG.mds [2009-11-19 07:26:42 | 2843,162,624 | ---- | C] () -- C:\Program Files\MI-GTG.mdf [2009-10-01 22:54:35 | 000,000,009 | ---- | C] () -- C:\WINDOWS\Sierra.ini [2009-09-14 08:10:59 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2009-08-04 05:57:28 | 000,000,059 | ---- | C] () -- C:\Documents and Settings\sebek\historia.bzd [2009-08-04 05:50:02 | 000,000,041 | ---- | C] () -- C:\Documents and Settings\sebek\link.url [2009-08-04 05:50:01 | 000,000,025 | ---- | C] () -- C:\Documents and Settings\sebek\banner.php [2009-08-04 05:50:00 | 000,007,173 | ---- | C] () -- C:\Documents and Settings\sebek\1.jpg [2009-08-04 05:50:00 | 000,000,045 | ---- | C] () -- C:\Documents and Settings\sebek\pionopis.url [2009-08-02 00:49:29 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\vcmgcd32.dll [2009-08-01 22:30:14 | 000,002,672 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2009-08-01 22:30:14 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\5F4C08A6CE.sys [2009-08-01 02:47:57 | 000,167,456 | ---- | C] () -- C:\WINDOWS\System32\BOCOF.DLL [2009-08-01 02:12:33 | 000,000,701 | ---- | C] () -- C:\WINDOWS\Thps3.INI [2009-07-31 20:07:03 | 000,139,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009-07-28 02:44:32 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [2009-07-28 01:14:25 | 000,000,250 | ---- | C] () -- C:\WINDOWS\XIIIHooligans.ini [2009-07-27 20:36:20 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-07-14 00:29:30 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-07-09 15:04:02 | 000,064,200 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2009-07-09 14:26:52 | 000,117,760 | ---- | C] () -- C:\Documents and Settings\sebek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-07-09 12:04:42 | 000,156,672 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll [2009-07-09 12:00:47 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\sebek\ntuser.dat.LOG [2009-07-09 12:00:47 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\sebek\ntuser.ini [2009-07-09 12:00:46 | 006,029,312 | -H-- | C] () -- C:\Documents and Settings\sebek\NTUSER.DAT [2009-02-08 12:12:50 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll [2004-08-04 01:44:02 | 000,164,072 | RHS- | C] () -- C:\WINDOWS\System32\mfyoms.dll [1997-06-18 00:00:00 | 001,672,976 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL [1997-06-18 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL [1997-06-18 00:00:00 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\MSORFS.DLL [1997-06-18 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL < End of report > [/log] trochę tego jest.
Mateusz J. komentarz 7 kwietnia 2010 komentarz 7 kwietnia 2010 Pokaz log z ComboFix. Po wykonaniu loga: Wykonaj: http://www.forumpc.pl/index.php?showtopic=107753 Raport na forum, usuwasz wszystko co program znajdzie. 1
sebus1989 komentarz 8 kwietnia 2010 Autor komentarz 8 kwietnia 2010 (edytowane) witam, log z combofix'a [log] ComboFix 10-04-07.04 - sebek 2010-04-08 16:06:08.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.511.252 [GMT 1:00] Uruchomiony z: c:\documents and settings\sebek\Moje dokumenty\Pobieranie\ComboFix.exe . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\sebek\Moje dokumenty\cc_20100407_133605.reg c:\program files\Dealio Toolbar c:\program files\Dealio Toolbar\FF\chrome.manifest c:\program files\Dealio Toolbar\FF\chrome\content\chevron.js c:\program files\Dealio Toolbar\FF\chrome\content\chevron.xul c:\program files\Dealio Toolbar\FF\chrome\content\login.js c:\program files\Dealio Toolbar\FF\chrome\content\login.xul c:\program files\Dealio Toolbar\FF\chrome\content\parser.js c:\program files\Dealio Toolbar\FF\chrome\content\RssTickerWidget.js c:\program files\Dealio Toolbar\FF\chrome\content\searchbox.js c:\program files\Dealio Toolbar\FF\chrome\content\searchbox.xul c:\program files\Dealio Toolbar\FF\chrome\content\widgichevron.js c:\program files\Dealio Toolbar\FF\chrome\content\widgicomm.js c:\program files\Dealio Toolbar\FF\chrome\content\widgihandling.js c:\program files\Dealio Toolbar\FF\chrome\content\widgilisteners.js c:\program files\Dealio Toolbar\FF\chrome\content\widgitoolbarplugin.js c:\program files\Dealio Toolbar\FF\chrome\content\widgitoolbarplugin.xul c:\program files\Dealio Toolbar\FF\chrome\content\widgiui.js c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\searchbox.dtd c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.dtd c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.properties c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\yahoo-search.gif c:\program files\Dealio Toolbar\FF\chrome\skin\amazon.gif c:\program files\Dealio Toolbar\FF\chrome\skin\apple.gif c:\program files\Dealio Toolbar\FF\chrome\skin\barnes.gif c:\program files\Dealio Toolbar\FF\chrome\skin\bestbuy.gif c:\program files\Dealio Toolbar\FF\chrome\skin\chevron.gif c:\program files\Dealio Toolbar\FF\chrome\skin\dealio_logo.gif c:\program files\Dealio Toolbar\FF\chrome\skin\dealio_logo_hover.gif c:\program files\Dealio Toolbar\FF\chrome\skin\ebay.gif c:\program files\Dealio Toolbar\FF\chrome\skin\icon_settings.gif c:\program files\Dealio Toolbar\FF\chrome\skin\macys.gif c:\program files\Dealio Toolbar\FF\chrome\skin\newegg.gif c:\program files\Dealio Toolbar\FF\chrome\skin\overstock.gif c:\program files\Dealio Toolbar\FF\chrome\skin\search-button-hover.gif c:\program files\Dealio Toolbar\FF\chrome\skin\search-button.gif c:\program files\Dealio Toolbar\FF\chrome\skin\search-chevron-hover.gif c:\program files\Dealio Toolbar\FF\chrome\skin\search-chevron.gif c:\program files\Dealio Toolbar\FF\chrome\skin\search_amazon.gif c:\program files\Dealio Toolbar\FF\chrome\skin\search_dealio.gif c:\program files\Dealio Toolbar\FF\chrome\skin\search_ebay.gif c:\program files\Dealio Toolbar\FF\chrome\skin\search_yahoo.gif c:\program files\Dealio Toolbar\FF\chrome\skin\searchbox.css c:\program files\Dealio Toolbar\FF\chrome\skin\separator.gif c:\program files\Dealio Toolbar\FF\chrome\skin\target.gif c:\program files\Dealio Toolbar\FF\chrome\skin\walmart.gif c:\program files\Dealio Toolbar\FF\chrome\skin\widgitoolbarplugin.css c:\program files\Dealio Toolbar\FF\components\config.ini c:\program files\Dealio Toolbar\FF\components\dealioToolbarFF.dll c:\program files\Dealio Toolbar\FF\components\IFBHOHelperWidgiToolbar.xpt c:\program files\Dealio Toolbar\FF\components\IFBHOWidgiToolbar.xpt c:\program files\Dealio Toolbar\FF\install.rdf c:\program files\Dealio Toolbar\IE\4.0.2\config.ini c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll c:\program files\Dealio Toolbar\Res\amazon.gif c:\program files\Dealio Toolbar\Res\apple.gif c:\program files\Dealio Toolbar\Res\barnes.gif c:\program files\Dealio Toolbar\Res\bestbuy.gif c:\program files\Dealio Toolbar\Res\dealio_logo.gif c:\program files\Dealio Toolbar\Res\dealio_logo_hover.gif c:\program files\Dealio Toolbar\Res\ebay.gif c:\program files\Dealio Toolbar\Res\icon_settings.gif c:\program files\Dealio Toolbar\Res\macys.gif c:\program files\Dealio Toolbar\Res\newegg.gif c:\program files\Dealio Toolbar\Res\overstock.gif c:\program files\Dealio Toolbar\Res\search-button-hover.gif c:\program files\Dealio Toolbar\Res\search-button.gif c:\program files\Dealio Toolbar\Res\search-chevron-hover.gif c:\program files\Dealio Toolbar\Res\search-chevron.gif c:\program files\Dealio Toolbar\Res\search_amazon.gif c:\program files\Dealio Toolbar\Res\search_dealio.gif c:\program files\Dealio Toolbar\Res\search_ebay.gif c:\program files\Dealio Toolbar\Res\search_yahoo.gif c:\program files\Dealio Toolbar\Res\target.gif c:\program files\Dealio Toolbar\Res\walmart.gif c:\program files\Dealio Toolbar\Res\widgets.xml c:\program files\Dealio Toolbar\SearchSettings.dll c:\program files\Dealio Toolbar\SearchSettings.exe c:\program files\Dealio Toolbar\SearchSettingsRes409.dll c:\program files\Dealio Toolbar\sscfg.ini c:\program files\Dealio Toolbar\SSFF\chrome.manifest c:\program files\Dealio Toolbar\SSFF\chrome\content\plugin.js c:\program files\Dealio Toolbar\SSFF\chrome\content\plugin.xul c:\program files\Dealio Toolbar\SSFF\chrome\content\protection.js c:\program files\Dealio Toolbar\SSFF\chrome\content\utils.js c:\program files\Dealio Toolbar\SSFF\chrome\locale\en-US\searchsettingsplugin.dtd c:\program files\Dealio Toolbar\SSFF\chrome\locale\en-US\searchsettingsplugin.properties c:\program files\Dealio Toolbar\SSFF\chrome\skin\yahoo.xml c:\program files\Dealio Toolbar\SSFF\components\IFBHOSearch.xpt c:\program files\Dealio Toolbar\SSFF\components\IFBHOSearchHelperEngine.xpt c:\program files\Dealio Toolbar\SSFF\components\IFHelperPreferences.xpt c:\program files\Dealio Toolbar\SSFF\components\SearchSettingsFF.dll c:\program files\Dealio Toolbar\SSFF\components\sscfg.ini c:\program files\Dealio Toolbar\SSFF\install.rdf c:\program files\Dealio Toolbar\WidgiHelper.exe c:\program files\myglobalsearch c:\program files\myglobalsearch\bar\History\search c:\program files\Uninstall My Global Search Bar.dll c:\windows\svchost.exe c:\windows\system32\explorer.exe c:\windows\system32\ieuinit.inf c:\windows\system32\Ijl11.dll c:\windows\system32\mfyoms.dll c:\windows\system32\odbcasvc.exe c:\windows\system32\vcmgcd32.dl_ c:\windows\system32\vcmgcd32.dll . ((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_GHIXU -------\Legacy_ODBCASVC -------\Legacy_POWERMANAGER -------\Service_ghixu -------\Service_odbcasvc -------\Service_PowerManager ((((((((((((((((((((((((( Pliki utworzone od 2010-03-08 do 2010-04-08 ))))))))))))))))))))))))))))))) . 2010-04-08 15:14 . 2010-04-08 15:15 36864 ------w- c:\windows\system32\vcmgcd32.dll 2010-04-07 12:34 . 2010-04-07 13:28 -------- d-----w- c:\program files\CCleaner 2010-03-28 20:30 . 2004-04-10 08:42 2944 ----a-w- c:\windows\system32\mbmiodrvr.sys 2010-03-28 20:30 . 2010-03-28 20:30 -------- d-----w- c:\program files\Motherboard Monitor 5 2010-03-22 18:57 . 2010-03-22 18:57 -------- d-----w- c:\program files\Common Files\Adobe 2010-03-22 18:55 . 2010-03-22 18:55 -------- d-----w- c:\windows\Cache 2010-03-21 00:47 . 2010-03-21 01:05 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\TeamViewer 2010-03-21 00:46 . 2010-03-21 00:46 -------- d-----w- c:\program files\TeamViewer 2010-03-20 22:36 . 2010-03-20 22:36 -------- d-----w- c:\program files\XLView 2010-03-15 11:06 . 2010-03-15 11:07 -------- d-----w- c:\program files\ConvertHelper 2010-03-14 16:22 . 2010-03-14 16:23 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-03-14 11:00 . 2010-03-14 11:00 -------- d-----w- c:\documents and settings\sebek\dwhelper . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-04-08 14:41 . 2009-09-30 11:06 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\Free Download Manager 2010-04-08 13:43 . 2010-01-19 17:58 -------- d-----w- c:\program files\Mozilla Firefox1 2010-04-08 12:55 . 2009-07-09 16:08 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\vlc 2010-04-07 19:21 . 2009-07-26 08:05 -------- d-----w- c:\program files\MoorHunt 2010-04-06 18:38 . 2009-07-09 13:20 -------- d-----w- c:\program files\MailShare 2010-04-06 18:02 . 2010-01-29 17:20 -------- d-----w- c:\program files\GameSpy Arcade 2010-04-06 14:17 . 2009-09-07 17:16 -------- d-----w- c:\program files\DMW Pro Client 2010-04-03 16:46 . 2009-07-10 09:33 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\dvdcss 2010-03-29 04:01 . 2010-01-08 17:14 -------- d-----w- c:\program files\Advanced LAN Scanner 2010-03-26 16:56 . 2009-11-09 15:58 -------- d-----w- c:\program files\Mozilla Firefox 3.6 Beta 1 2010-03-23 08:03 . 2009-08-01 21:30 2672 -csha-w- c:\windows\system32\KGyGaAvL.sys 2010-03-23 08:03 . 2009-08-01 21:30 88 -csh--r- c:\windows\system32\5F4C08A6CE.sys 2010-03-22 18:42 . 2009-09-30 11:07 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\Software Informer 2010-03-22 18:41 . 2009-08-01 01:08 -------- d-----w- c:\program files\EttercapNG 2010-03-22 18:39 . 2010-01-08 17:36 -------- d-----w- c:\program files\AdvancedRemoteInfo 2010-03-22 18:29 . 2009-09-08 11:10 -------- d-----w- c:\program files\IrfanView 2010-03-21 21:53 . 2009-11-16 00:24 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\TrackMania 2010-03-20 22:17 . 2010-02-07 19:01 -------- d-----w- c:\program files\TC UP 2010-03-19 19:16 . 2010-01-27 19:58 -------- d-----w- c:\program files\Gadu-Gadu 10 2010-03-16 21:03 . 2009-07-26 08:15 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\uTorrent 2010-03-15 15:28 . 2009-07-26 08:19 -------- d-----w- c:\program files\uTorrent 2010-03-12 19:21 . 2010-01-31 09:45 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\OpenFM 2010-03-12 09:24 . 2009-07-28 14:38 -------- d-----w- c:\program files\Xfire 2010-03-11 16:05 . 2010-03-05 17:54 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\HLSW 2010-03-11 01:56 . 2009-07-18 15:45 -------- d-----w- c:\program files\ygoow 2010-03-10 21:04 . 2009-07-28 14:38 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\Xfire 2010-03-08 09:41 . 2010-03-08 09:41 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\Sports Interactive 2010-03-08 09:41 . 2010-03-08 09:41 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Sports Interactive 2010-03-05 22:12 . 2010-03-05 22:12 4096 ----a-w- c:\windows\system32\02.tmp 2010-03-05 17:54 . 2010-03-05 17:54 -------- d-s---w- c:\program files\HLSW 2010-03-05 00:11 . 2010-03-05 00:11 41872 ----a-w- c:\windows\system32\xfcodec.dll 2010-03-02 17:45 . 2010-03-02 17:45 -------- d-----w- c:\program files\FreeTime 2010-03-02 13:53 . 2010-01-27 19:58 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\Gadu-Gadu 10 2010-03-02 13:52 . 2010-03-02 13:52 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Gadu-Gadu 10 2010-02-26 15:03 . 2009-11-14 08:08 -------- d-----w- c:\program files\Google 2010-02-26 15:03 . 2009-12-09 05:44 -------- d-----w- c:\program files\DVDVideoSoft 2010-02-23 16:43 . 2010-02-23 16:43 -------- d-----w- c:\program files\GiPo@Utilities 2010-02-23 16:43 . 2010-02-23 16:43 -------- d-----w- c:\program files\Common Files\Gibinsoft Shared 2010-02-20 01:50 . 2009-07-11 01:05 -------- d-----w- c:\program files\NAPI-PROJEKT 2010-02-19 21:30 . 2010-02-19 21:30 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Lite 2010-02-15 00:01 . 2009-10-14 00:54 -------- d-----w- c:\program files\Ask.com 2010-02-13 07:49 . 2010-02-13 07:49 2131336 ----a-w- c:\documents and settings\sebek\Dane aplikacji\Mozilla\Firefox\Profiles\w114i314.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe 2010-02-12 11:29 . 2010-02-12 11:29 111104 ----a-w- c:\windows\system32\uha.exe 2010-02-08 13:06 . 2010-01-08 17:10 -------- d-----w- c:\program files\Advanced IP Scanner 2010-02-07 19:02 . 2010-02-07 19:02 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\HEXelon 2010-02-05 09:01 . 2010-02-05 08:51 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll 2010-02-04 09:01 . 2010-03-07 22:49 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll 2010-02-04 09:01 . 2010-03-07 22:49 528216 ----a-w- c:\windows\system32\XAudio2_6.dll 2010-02-04 09:01 . 2010-03-07 22:49 238936 ----a-w- c:\windows\system32\xactengine3_6.dll 2010-02-04 09:01 . 2010-03-07 22:49 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll 2010-01-29 05:31 . 2009-07-09 13:28 13664 ----a-w- c:\documents and settings\sebek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2010-01-27 20:01 . 2010-01-27 20:01 1060864 ----a-w- c:\windows\system32\mfc71.dll 2010-01-27 20:01 . 2010-01-27 20:01 1700352 ----a-w- c:\windows\system32\gdiplus.dll 2010-01-20 12:05 . 2010-01-20 12:05 42088 ----a-w- c:\documents and settings\sebek\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll 2010-01-20 12:03 . 2010-01-20 12:03 11776 ----a-w- c:\documents and settings\sebek\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.2.dll 2006-02-17 21:18 . 2009-11-19 06:36 14286411 ----a-w- c:\program files\godfather.exe . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "c:\program files\DVDVideoSoft\tbDVD1.dll" [2010-03-19 2349080] [HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}] 2009-08-10 14:06 91576 ----a-w- c:\program files\BearShareTb\BearShareDx.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}] 2009-05-04 10:56 398776 ----a-w- c:\program files\BearShare Applications\BearShare\BearShareIEHelper.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2010-02-04 15:50 1197448 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}] 2010-03-19 23:00 2349080 ----a-w- c:\program files\DVDVideoSoft\tbDVD1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "c:\program files\DVDVideoSoft\tbDVD1.dll" [2010-03-19 2349080] "{0974BA1E-64EC-11DE-B2A5-E43756D89593}"= "c:\program files\BearShareTb\BearShareDx.dll" [2009-08-10 91576] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448] [HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}] [HKEY_CLASSES_ROOT\clsid\{0974ba1e-64ec-11de-b2a5-e43756d89593}] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448] "{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}"= "c:\program files\DVDVideoSoft\tbDVD1.dll" [2010-03-19 2349080] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 65536] "Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2009-01-31 3440640] "Gadu-Gadu"="d:\gadu-gadu1\gg.exe" [2008-03-20 2147776] "mount.exe"="c:\program files\GiPo@Utilities\FileUtilities.3\mount.exe" [2008-04-11 394752] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-03-15 310064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-10-30 4620288] "nwiz"="nwiz.exe" [2004-10-30 942080] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-10-30 86016] "DeathAdder"="c:\program files\Razer\DeathAdder\razerhid.exe" [2009-12-15 264704] "SoundMan"="SOUNDMAN.EXE" [2004-09-16 69632] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKLM\~\startupfolder\C:^Documents and Settings^sebek^Menu Start^Programy^Autostart^hamachi.lnk] path=c:\documents and settings\sebek\Menu Start\Programy\Autostart\hamachi.lnk backup=c:\windows\pss\hamachi.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate] 2009-06-04 20:56 926720 ----a-w- c:\program files\ALLPlayer\ALLUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare] 2010-01-01 07:05 3334144 ----a-w- c:\program files\BearShare\BearShare.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2009-10-30 11:57 369200 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu] 2008-03-20 10:04 2147776 ----a-w- d:\gadu-gadu1\gg.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu 10] 2010-01-20 12:05 12103784 ----a-w- c:\program files\Gadu-Gadu 10\gg.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPLA!] 2009-12-23 16:14 14137240 ----a-w- c:\program files\ipla\ipla.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 08:50 212480 ----a-w- c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2009-10-09 11:11 25623336 ----a-r- c:\program files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Software Informer] 2009-09-23 23:16 2006528 ----a-w- c:\program files\Software Informer\softinfo.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite] 2009-04-01 08:21 462336 ------w- c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2009-11-14 08:09 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] 2009-12-04 00:05 325936 ----a-w- c:\documents and settings\sebek\Moje dokumenty\Pobieranie\utorrent(4).exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VVSN] 2005-10-25 07:56 164352 -c--a-w- c:\program files\VVSN\VVSN.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "gusvc"=3 (0x3) "Hamachi2Svc"=2 (0x2) "NMSAccessU"=2 (0x2) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "d:\\Gadu-Gadu1\\gg.exe"= "c:\\Program Files\\GameSpy Arcade\\Aphex.exe"= "d:\\mohaa1.0\\MOHAA.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Xfire\\Xfire.exe"= "d:\\mohaa 1.11\\MOHAA.exe"= "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\SopCast\\SopCast.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "d:\\Counter-Strike Source\\hl2.exe"= "c:\\Documents and Settings\\sebek\\Moje dokumenty\\Pobieranie\\utorrent(3).exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Documents and Settings\\sebek\\Moje dokumenty\\Pobieranie\\utorrent(4).exe"= "c:\\Documents and Settings\\sebek\\Moje dokumenty\\Pobieranie\\utorrent(5).exe"= "c:\\Program Files\\Codemasters\\Project IGI2\\pc\\igi2.exe"= "c:\\Program Files\\Illusion Softworks\\Hidden & Dangerous 2\\hd2.exe"= "d:\\mohaa 1.11\\MOHAA_server.exe"= "c:\\Program Files\\Gadu-Gadu 10\\gg.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Documents and Settings\\sebek\\Moje dokumenty\\Pobieranie\\utorrent(8).exe"= "c:\\Program Files\\HLSW\\hlsw.exe"= "d:\\fm\\Football Manager 2009\\fm.exe"= "c:\\Program Files\\TmNationsForever\\TmForever.exe"= "c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"= "c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"= "c:\\Program Files\\WinPcap\\rpcapd.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "6444:TCP"= 6444:TCP:ppqumju R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-07-27 691696] R1 VD_FileDisk;VD_FileDisk;c:\windows\system32\drivers\vd_filedisk.sys [2006-01-13 15872] R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2010-01-08 401408] R3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [2009-09-17 22784] S2 gupdate;Usługa Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-26 135664] S2 PowerManager;Power Manager;c:\windows\svchost.exe --> c:\windows\svchost.exe [?] S3 hidusbf;USB Mouse Rate Adjuster Lower Filter by SweetLow;c:\windows\system32\drivers\hidusbf.sys [2009-09-06 4544] S3 kcmxr;kcmxr;c:\windows\system32\01.tmp [2010-01-05 4096] S3 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-02-08 34064] S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [2009-08-02 89256] S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [2009-08-02 15016] S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [2009-08-02 120744] S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [2009-08-02 114216] S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [2009-08-02 25512] S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [2009-08-02 110632] S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [2009-08-02 115752] S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2009-08-02 86824] S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2009-08-02 15016] S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2009-08-02 114600] S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2009-08-02 108328] S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [2009-08-02 26024] S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [2009-08-02 104616] S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2009-08-02 109736] S4 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568] --- Inne Usługi/Sterowniki w Pamięci --- *NewlyCreated* - POWERMANAGER . Zawartość folderu 'Zaplanowane zadania' 2010-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-26 15:03] 2010-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-26 15:03] 2010-04-08 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job - c:\program files\Ask.com\UpdateTask.exe [2010-02-04 15:50] . . ------- Skan uzupełniający ------- . uStart Page = hxxp://search.bearshare.com/ uInternet Connection Wizard,ShellNext = iexplore IE: Funkcja Google Sidewiki - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html IE: Pobierz plik wideo we Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm IE: Pobierz w Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm IE: Pobierz wszystkie pliki w Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm IE: Pobierz zaznaczone w Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm FF - ProfilePath - c:\documents and settings\sebek\Dane aplikacji\Mozilla\Firefox\Profiles\w114i314.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=966134&p= FF - plugin: c:\documents and settings\sebek\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.2.dll FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll . - - - - USUNIĘTO PUSTE WPISY - - - - BHO-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll Toolbar-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll HKCU-Run-wsctf.exe - wsctf.exe HKLM-Run-SearchSettings - c:\program files\Dealio Toolbar\SearchSettings.exe HKLM-Run-DmwClient - dmwclient.exe SafeBoot-mcmscsvc SafeBoot-MCODS MSConfigStartUp-DAEMON Tools - c:\program files\DAEMON Tools1\daemon.exe MSConfigStartUp-DmwClient - dmwclient.exe MSConfigStartUp-DriverCure - c:\program files\ParetoLogic\DriverCure\DriverCure.exe MSConfigStartUp-SearchSettings - c:\program files\Dealio Toolbar\SearchSettings.exe MSConfigStartUp-Wru - c:\program files\Wru\Wru.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-04-08 16:15 Windows 5.1.2600 Dodatek Service Pack 3 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys splu.sys >>UNKNOWN [0x8238C938]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0xf8579f28 \Driver\ACPI -> ACPI.sys @ 0xf83e0cb8 \Driver\atapi -> atapi.sys @ 0xf8375b40 IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805e6686 ParseProcedure -> ntoskrnl.exe @ 0x8057b6b9 \Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805e6686 ParseProcedure -> ntoskrnl.exe @ 0x8057b6b9 NDIS: Realtek RTL8169/8110 Family Gigabit Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0xf826bbb0 PacketIndicateHandler -> NDIS.sys @ 0xf8278a21 SendHandler -> NDIS.sys @ 0xf825687b user & kernel MBR OK ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\kcmxr] "ImagePath"="\??\c:\windows\system32\01.tmp" . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- - - - - - - - > 'explorer.exe'(3776) c:\windows\system32\vcmgcd32.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\program files\Common Files\LightScribe\LSSrvc.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\PSIService.exe c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe c:\windows\system32\wscntfy.exe c:\windows\SOUNDMAN.EXE c:\program files\Razer\DeathAdder\razertra.exe c:\program files\Razer\DeathAdder\razerofa.exe . ************************************************************************** . Czas ukończenia: 2010-04-08 16:19:33 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2010-04-08 15:19 Przed: 6 875 754 496 bajtów wolnych Po: 9 166 655 488 bajtów wolnych WindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect - - End Of File - - A3BD7A78E8A89F85C497DC2A2567E1DC [/log] log z mbam [log] Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Wersja bazy: 3968 Windows 5.1.2600 Dodatek Service Pack 3 Internet Explorer 6.0.2900.5512 2010-04-08 17:32:46 mbam-log-2010-04-08 (17-32-46).txt Typ skanowania: Pełne skanowanie (C:\|D:\|) Przeskanowano obiektów: 265172 Upłynęło: 1 godzin(y), 4 minut(y), 38 sekund(y) Zainfekowanych procesów w pamięci: 1 Zainfekowanych modułów w pamięci: 1 Zainfekowanych kluczy rejestru: 2 Zainfekowanych wartości rejestru: 0 Zainfekowane informacje rejestru systemowego: 0 Zainfekowanych folderów: 2 Zainfekowanych plików: 50 Zainfekowanych procesów w pamięci: C:\WINDOWS\svchost.exe (Trojan.Agent) -> No action taken. Zainfekowanych modułów w pamięci: C:\WINDOWS\system32\vcmgcd32.dll (Virus.Sality) -> No action taken. Zainfekowanych kluczy rejestru: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37b85a21-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37b85a29-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> No action taken. Zainfekowanych wartości rejestru: (Nie znaleziono zagrożeń) Zainfekowane informacje rejestru systemowego: (Nie znaleziono zagrożeń) Zainfekowanych folderów: C:\Program Files\VVSN (Adware.WhenU) -> No action taken. C:\Program Files\VVSN\URL1 (Adware.WhenU) -> No action taken. Zainfekowanych plików: C:\Documents and Settings\sebek\Ustawienia lokalne\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\productinfo.dll (Adware.DoubleD) -> No action taken. C:\Program Files\Mozilla Firefox 3.6 Beta 1\plugins\NPMyGlSh.dll (Adware.MyWebSearch) -> No action taken. C:\Program Files\VVSN\VVSN.exe (Adware.WhenU) -> No action taken. C:\Qoobox\Quarantine\C\Program Files\Uninstall My Global Search Bar.dll.vir (Adware.MyWebSearch) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\system32\EXPLORER.EXE.vir (Password.Stealer) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\system32\vcmgcd32.dll.vir (Virus.Sality) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP179\A0286525.dll (Virus.Sality) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP179\A0287522.dll (Virus.Sality) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP179\A0288137.exe (Adware.WhenU) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP180\A0289497.exe (Adware.WhenU) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP180\A0290526.dll (Virus.Sality) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP180\A0290528.dll (Virus.Sality) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP180\A0290600.dll (Virus.Sality) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP180\A0290601.dll (Virus.Sality) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP180\A0290602.dll (Virus.Sality) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP180\A0290603.dll (Virus.Sality) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP180\A0291207.exe (Adware.WhenU) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP181\A0292601.dll (Virus.Sality) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP181\A0293600.dll (Virus.Sality) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP181\A0293601.dll (Virus.Sality) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP181\A0294597.dll (Virus.Sality) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP181\A0295600.dll (Virus.Sality) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP181\A0296601.dll (Virus.Sality) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP181\A0297600.dll (Virus.Sality) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP181\A0298250.exe (Adware.WhenU) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP181\A0298844.dll (Virus.Sality) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP182\A0299090.DLL (Adware.MyWebSearch) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP182\A0299096.dll (Virus.Sality) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP182\A0299157.dll (Virus.Sality) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP182\A0299775.exe (Adware.WhenU) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP182\A0300160.dll (Virus.Sality) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP182\A0300161.dll (Virus.Sality) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP182\A0300250.dll (Virus.Sality) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP182\A0300297.dll (Adware.MyWebSearch) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP182\A0300298.EXE (Password.Stealer) -> No action taken. C:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP182\A0300313.dll (Virus.Sality) -> No action taken. D:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP179\A0288760.exe (Trojan.Downloader) -> No action taken. D:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP179\A0288761.exe (Trojan.Downloader) -> No action taken. D:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP181\A0291762.exe (Trojan.Downloader) -> No action taken. D:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP181\A0291763.exe (Trojan.Downloader) -> No action taken. D:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP181\A0298801.exe (Trojan.Downloader) -> No action taken. D:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP181\A0298802.exe (Trojan.Downloader) -> No action taken. D:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP182\A0298985.exe (Trojan.Downloader) -> No action taken. D:\System Volume Information\_restore{D3506720-D09C-4803-9548-5AC6CDE164E9}\RP182\A0298986.exe (Trojan.Downloader) -> No action taken. D:\mp3\My Downloads\Sony Vegas 6.0 + Sony DVD Architect 3.0 (Incl Keygen)\Sony Vegas Video 6 keygen\Vegas 6 keygen\Vegas6.exe (Trojan.Downloader) -> No action taken. D:\mp3\My Downloads\Sony Vegas 6.0 + Sony DVD Architect 3.0 (Incl Keygen)\Sony.DVD.Architect.v3.0.Incl.Keygen-SSG\keygen.exe (Trojan.Downloader) -> No action taken. C:\Program Files\VVSN\vvsn.cfg (Adware.WhenU) -> No action taken. C:\WINDOWS\system32\vcmgcd32.dll (Virus.Sality) -> No action taken. C:\WINDOWS\system32\vcmgcd32.dl_ (Virus.Sality) -> No action taken. C:\WINDOWS\svchost.exe (Trojan.Agent) -> No action taken. [/log]
Mateusz J. komentarz 8 kwietnia 2010 komentarz 8 kwietnia 2010 Sality, kiepsko. Do notatnika wklej: [code]File:: c:\windows\system32\vcmgcd32.dll c:\program files\godfather.exe c:\windows\system32\01.tmp c:\windows\system32\02.tmp C:\Program Files\VVSN\vvsn.cfg C:\WINDOWS\system32\vcmgcd32.dll C:\WINDOWS\system32\vcmgcd32.dl_ C:\WINDOWS\svchost.exe Folder:: c:\program files\Ask.com c:\program files\BearShareTb c:\program files\BearShare Applications Registry:: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"=- [-HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"=- "{0974BA1E-64EC-11DE-B2A5-E43756D89593}"=- "{D4027C7F-154A-4066-A1AD-4243D8127440}"=- [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{D4027C7F-154A-4066-A1AD-4243D8127440}"=- "{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\ GloballyOpenPorts\List] "6444:TCP"=- Driver:: kcmxr[/code]W notatniku zakladka Plik ==> Zapisz jako ==> zapisz pod nazwą[b] CFScript.txt[/b] i zapisz go w tym katalogu co ściągnięty i zapisany został [b]combofix[/b] Na ikonę [b]ComboFix[/b] przeciągasz zrobiony plik [b]CFScript.txt[/b] Tak jak na obrazku: [img]http://img212.imageshack.us/img212/740/cfscript10uc2su5.gif[/img] Rozpocznie się usuwanie [b]i powstanie log , który pokazujesz na forum.[/b] Następnie skan programem Kaspersky Virus Removal Tool. (raport na forum)
sebus1989 komentarz 8 kwietnia 2010 Autor komentarz 8 kwietnia 2010 log po skrypcie combo [log] ComboFix 10-04-07.04 - sebek 2010-04-08 21:34:48.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.511.351 [GMT 1:00] Uruchomiony z: c:\documents and settings\sebek\Pulpit\ComboFix.exe Użyto następujących komend :: c:\documents and settings\sebek\Pulpit\CFScript.txt.txt FILE :: "c:\program files\godfather.exe" "c:\program files\VVSN\vvsn.cfg" "c:\windows\svchost.exe" "c:\windows\system32\01.tmp" "c:\windows\system32\02.tmp" "c:\windows\system32\vcmgcd32.dl_" "c:\windows\system32\vcmgcd32.dll" . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Ask.com c:\program files\Ask.com\cobrand.ico c:\program files\Ask.com\config.xml c:\program files\Ask.com\favicon.ico c:\program files\Ask.com\GenericAskToolbar.dll c:\program files\Ask.com\mupcfg.xml c:\program files\Ask.com\SaUpdate.exe c:\program files\Ask.com\UpdateTask.exe c:\program files\BearShare Applications c:\program files\BearShare Applications\BearShare\ammp3.dll c:\program files\BearShare Applications\BearShare\avcodec-51.dll c:\program files\BearShare Applications\BearShare\avformat-51.dll c:\program files\BearShare Applications\BearShare\avutil-49.dll c:\program files\BearShare Applications\BearShare\BearShare.exe c:\program files\BearShare Applications\BearShare\BearShareIEHelper.dll c:\program files\BearShare Applications\BearShare\BerkeleyLoader.dll c:\program files\BearShare Applications\BearShare\DiscoveryHelper.dll c:\program files\BearShare Applications\BearShare\FFPage.exe c:\program files\BearShare Applications\BearShare\FixAudioDriverSignature.reg c:\program files\BearShare Applications\BearShare\GIFAnimator.dll c:\program files\BearShare Applications\BearShare\HTML\error.html c:\program files\BearShare Applications\BearShare\HTML\Images\bg-top.jpg c:\program files\BearShare Applications\BearShare\HTML\loading.html c:\program files\BearShare Applications\BearShare\HTML\noInternet.html c:\program files\BearShare Applications\BearShare\HTML\offline.html c:\program files\BearShare Applications\BearShare\HTML\Recommendation_Offline.html c:\program files\BearShare Applications\BearShare\ImageUploader5.ocx c:\program files\BearShare Applications\BearShare\IMTrProgress.dll c:\program files\BearShare Applications\BearShare\IMWebControl.dll c:\program files\BearShare Applications\BearShare\INSTALL.LOG c:\program files\BearShare Applications\BearShare\InstallHelper.dll c:\program files\BearShare Applications\BearShare\Launcher.exe c:\program files\BearShare Applications\BearShare\libungif4.dll c:\program files\BearShare Applications\BearShare\lic_helper.dll c:\program files\BearShare Applications\BearShare\license.txt c:\program files\BearShare Applications\BearShare\NCTAudioCDGrabber2.dll c:\program files\BearShare Applications\BearShare\NCTAudioCDWriter2.dll c:\program files\BearShare Applications\BearShare\NCTAudioCompress3.dll c:\program files\BearShare Applications\BearShare\NCTAudioFile3.dll c:\program files\BearShare Applications\BearShare\NCTAudioFileWMA3.dll c:\program files\BearShare Applications\BearShare\NCTAudioFormatSettings3.dll c:\program files\BearShare Applications\BearShare\NCTDataCDWriter2.dll c:\program files\BearShare Applications\BearShare\ResourcesLOC.dll c:\program files\BearShare Applications\BearShare\Shw32.dll c:\program files\BearShare Applications\BearShare\Skins\Default.skn c:\program files\BearShare Applications\BearShare\Skins\Default.xml c:\program files\BearShare Applications\BearShare\Skins\Images\DefArtwork.jpg c:\program files\BearShare Applications\BearShare\Skins\Images\DefFemale.gif c:\program files\BearShare Applications\BearShare\Skins\Images\DefMale.gif c:\program files\BearShare Applications\BearShare\Skins\Images\FriendshipNotif.jpg c:\program files\BearShare Applications\BearShare\Skins\Images\SendPlaylist.jpg c:\program files\BearShare Applications\BearShare\Skins\Images\TAFLogo.PNG c:\program files\BearShare Applications\BearShare\Skins\Images\ToGoLogo.PNG c:\program files\BearShare Applications\BearShare\Skins\PS.exe c:\program files\BearShare Applications\BearShare\Skins\RemoteSkin.wmz c:\program files\BearShare Applications\BearShare\Skins\Settings.xml c:\program files\BearShare Applications\BearShare\UninstallSurvey.exe c:\program files\BearShare Applications\BearShare\UninstallUsers.exe c:\program files\BearShare Applications\BearShare\UninstBho.exe c:\program files\BearShare Applications\BearShare\UNWISE.EXE c:\program files\BearShare Applications\BearShare\UnwiseLauncher.exe c:\program files\BearShare Applications\BearShare\UpdateInst.exe c:\program files\BearShare Applications\BearShare\WMAProfiles.prx c:\program files\BearShare Applications\BearShare\WMHelper.dll c:\program files\BearShare Applications\BearShare\WMHelper.log c:\program files\BearShareTb c:\program files\BearShareTb\BearShareDx.dll c:\program files\BearShareTb\bearsharetb.dll c:\program files\BearShareTb\chrome.manifest c:\program files\BearShareTb\chrome\components\windowmediator.js c:\program files\BearShareTb\chrome\content\about.xml c:\program files\BearShareTb\chrome\content\allocine.xml c:\program files\BearShareTb\chrome\content\bearshare.js c:\program files\BearShareTb\chrome\content\bliptv.xml c:\program files\BearShareTb\chrome\content\calories.xml c:\program files\BearShareTb\chrome\content\Casino.xml c:\program files\BearShareTb\chrome\content\data\search\engines.xml c:\program files\BearShareTb\chrome\content\data\search\search.xsl c:\program files\BearShareTb\chrome\content\desktop.ini c:\program files\BearShareTb\chrome\content\Documents.lnk c:\program files\BearShareTb\chrome\content\Google.xml c:\program files\BearShareTb\chrome\content\LabPixies.xml c:\program files\BearShareTb\chrome\content\lib\dtxpanelwin.xul c:\program files\BearShareTb\chrome\content\lib\dtxprefwin.xul c:\program files\BearShareTb\chrome\content\lib\dtxwin.xul c:\program files\BearShareTb\chrome\content\lib\emailnotifierproviders.xml c:\program files\BearShareTb\chrome\content\lib\external.js c:\program files\BearShareTb\chrome\content\preferences.xml c:\program files\BearShareTb\chrome\content\Sudoku.xml c:\program files\BearShareTb\chrome\content\todo.xml c:\program files\BearShareTb\chrome\content\toolbar.htm c:\program files\BearShareTb\chrome\content\toolbar.xul c:\program files\BearShareTb\chrome\content\trio.xml c:\program files\BearShareTb\chrome\content\Unit Converter.xml c:\program files\BearShareTb\chrome\content\uwa.js c:\program files\BearShareTb\chrome\content\youtube.xml c:\program files\BearShareTb\chrome\content\youtube_.xml c:\program files\BearShareTb\chrome\skin\bearshare.css c:\program files\BearShareTb\chrome\skin\bluelite.gif c:\program files\BearShareTb\chrome\skin\bluesky.gif c:\program files\BearShareTb\chrome\skin\btn-search-over.png c:\program files\BearShareTb\chrome\skin\btn-search.png c:\program files\BearShareTb\chrome\skin\btn-settings-over.png c:\program files\BearShareTb\chrome\skin\btn-settings.png c:\program files\BearShareTb\chrome\skin\btn-widgets-over.png c:\program files\BearShareTb\chrome\skin\btn-widgets.png c:\program files\BearShareTb\chrome\skin\btn_settings.png c:\program files\BearShareTb\chrome\skin\button-down-back-ff.png c:\program files\BearShareTb\chrome\skin\button-down-back.png c:\program files\BearShareTb\chrome\skin\button-down-left.png c:\program files\BearShareTb\chrome\skin\button-down-right.png c:\program files\BearShareTb\chrome\skin\button-down-splitter.png c:\program files\BearShareTb\chrome\skin\button-drop-back.png c:\program files\BearShareTb\chrome\skin\button-drop-left.png c:\program files\BearShareTb\chrome\skin\button-drop-right.png c:\program files\BearShareTb\chrome\skin\button-drop-splitter.png c:\program files\BearShareTb\chrome\skin\button-hover-back-ff.png c:\program files\BearShareTb\chrome\skin\button-hover-back.png c:\program files\BearShareTb\chrome\skin\button-hover-left.png c:\program files\BearShareTb\chrome\skin\button-hover-right.png c:\program files\BearShareTb\chrome\skin\button-hover-splitter.png c:\program files\BearShareTb\chrome\skin\ca.png c:\program files\BearShareTb\chrome\skin\dictionary.png c:\program files\BearShareTb\chrome\skin\divider.png c:\program files\BearShareTb\chrome\skin\downloadcom.png c:\program files\BearShareTb\chrome\skin\dtxlogo.png c:\program files\BearShareTb\chrome\skin\email.png c:\program files\BearShareTb\chrome\skin\email_on.png c:\program files\BearShareTb\chrome\skin\games.png c:\program files\BearShareTb\chrome\skin\graphred0.png c:\program files\BearShareTb\chrome\skin\graphred0_5.png c:\program files\BearShareTb\chrome\skin\grey.gif c:\program files\BearShareTb\chrome\skin\headsup.png c:\program files\BearShareTb\chrome\skin\ico-shield.png c:\program files\BearShareTb\chrome\skin\images.png c:\program files\BearShareTb\chrome\skin\lib\add.png c:\program files\BearShareTb\chrome\skin\lib\aol.png c:\program files\BearShareTb\chrome\skin\lib\arrow-dn.gif c:\program files\BearShareTb\chrome\skin\lib\arrow-right.gif c:\program files\BearShareTb\chrome\skin\lib\arrow-up.gif c:\program files\BearShareTb\chrome\skin\lib\bg-btn-end.png c:\program files\BearShareTb\chrome\skin\lib\bg-btn-mdl.png c:\program files\BearShareTb\chrome\skin\lib\bg-btn-start.png c:\program files\BearShareTb\chrome\skin\lib\bg-btnover-end.png c:\program files\BearShareTb\chrome\skin\lib\bg-btnover-mdl.png c:\program files\BearShareTb\chrome\skin\lib\bg-btnover-mdl_ff.png c:\program files\BearShareTb\chrome\skin\lib\bg-btnover-start.png c:\program files\BearShareTb\chrome\skin\lib\blank.gif c:\program files\BearShareTb\chrome\skin\lib\btnback-down-vista.png c:\program files\BearShareTb\chrome\skin\lib\btnback-vista.png c:\program files\BearShareTb\chrome\skin\lib\btnleft-down-vista.png c:\program files\BearShareTb\chrome\skin\lib\btnleft-vista.png c:\program files\BearShareTb\chrome\skin\lib\btnright-down-vista.png c:\program files\BearShareTb\chrome\skin\lib\btnright-vista.png c:\program files\BearShareTb\chrome\skin\lib\button-splitter-down-vista.png c:\program files\BearShareTb\chrome\skin\lib\button-splitter-vista.png c:\program files\BearShareTb\chrome\skin\lib\checkmark.png c:\program files\BearShareTb\chrome\skin\lib\chevron.png c:\program files\BearShareTb\chrome\skin\lib\collapse.png c:\program files\BearShareTb\chrome\skin\lib\comcast.png c:\program files\BearShareTb\chrome\skin\lib\dtx.css c:\program files\BearShareTb\chrome\skin\lib\edit-back-hot.png c:\program files\BearShareTb\chrome\skin\lib\edit-back.png c:\program files\BearShareTb\chrome\skin\lib\expand.png c:\program files\BearShareTb\chrome\skin\lib\found.png c:\program files\BearShareTb\chrome\skin\lib\gmail.png c:\program files\BearShareTb\chrome\skin\lib\highlight.png c:\program files\BearShareTb\chrome\skin\lib\highlight_blue.png c:\program files\BearShareTb\chrome\skin\lib\highlight_cyan.png c:\program files\BearShareTb\chrome\skin\lib\highlight_lime.png c:\program files\BearShareTb\chrome\skin\lib\highlight_magenta.png c:\program files\BearShareTb\chrome\skin\lib\highlight_yellow.png c:\program files\BearShareTb\chrome\skin\lib\hotmail.png c:\program files\BearShareTb\chrome\skin\lib\imap.png c:\program files\BearShareTb\chrome\skin\lib\lastsearch-thumb-back.gif c:\program files\BearShareTb\chrome\skin\lib\loadingMid.gif c:\program files\BearShareTb\chrome\skin\lib\lock.png c:\program files\BearShareTb\chrome\skin\lib\mailcom.png c:\program files\BearShareTb\chrome\skin\lib\menu_bg-basic.png c:\program files\BearShareTb\chrome\skin\lib\menu_separator_bar.png c:\program files\BearShareTb\chrome\skin\lib\menu_separator_white.png c:\program files\BearShareTb\chrome\skin\lib\menuitem-splitter.png c:\program files\BearShareTb\chrome\skin\lib\menuitemback-down-vista.png c:\program files\BearShareTb\chrome\skin\lib\menuitemback-vista.png c:\program files\BearShareTb\chrome\skin\lib\menuitemleft-down-vista.png c:\program files\BearShareTb\chrome\skin\lib\menuitemleft-vista.png c:\program files\BearShareTb\chrome\skin\lib\menuitemright-down-vista.png c:\program files\BearShareTb\chrome\skin\lib\menuitemright-vista.png c:\program files\BearShareTb\chrome\skin\lib\modify.png c:\program files\BearShareTb\chrome\skin\lib\move.gif c:\program files\BearShareTb\chrome\skin\lib\movetarget.png c:\program files\BearShareTb\chrome\skin\lib\pop.png c:\program files\BearShareTb\chrome\skin\lib\radio.png c:\program files\BearShareTb\chrome\skin\lib\reload.png c:\program files\BearShareTb\chrome\skin\lib\remove.png c:\program files\BearShareTb\chrome\skin\lib\rename.gif c:\program files\BearShareTb\chrome\skin\lib\resize-box.gif c:\program files\BearShareTb\chrome\skin\lib\rss.png c:\program files\BearShareTb\chrome\skin\lib\rsschannelback.png c:\program files\BearShareTb\chrome\skin\lib\RSSLogo.png c:\program files\BearShareTb\chrome\skin\lib\rsstabdivider.gif c:\program files\BearShareTb\chrome\skin\lib\scroll-left.png c:\program files\BearShareTb\chrome\skin\lib\scroll-right.png c:\program files\BearShareTb\chrome\skin\lib\search-go.png c:\program files\BearShareTb\chrome\skin\lib\search.png c:\program files\BearShareTb\chrome\skin\lib\text-ellipsis.xml c:\program files\BearShareTb\chrome\skin\lib\toolbarsplitter.gif c:\program files\BearShareTb\chrome\skin\lib\transparent_1px.gif c:\program files\BearShareTb\chrome\skin\lib\uwa\border_02.png c:\program files\BearShareTb\chrome\skin\lib\uwa\border_03.png c:\program files\BearShareTb\chrome\skin\lib\uwa\border_04.png c:\program files\BearShareTb\chrome\skin\lib\uwa\border_06.png c:\program files\BearShareTb\chrome\skin\lib\uwa\border_07.png c:\program files\BearShareTb\chrome\skin\lib\uwa\border_08.png c:\program files\BearShareTb\chrome\skin\lib\uwa\border_09.png c:\program files\BearShareTb\chrome\skin\lib\uwa\border_10.png c:\program files\BearShareTb\chrome\skin\lib\uwa\border_11.png c:\program files\BearShareTb\chrome\skin\lib\uwa\border_12.png c:\program files\BearShareTb\chrome\skin\lib\uwa\border_13.png c:\program files\BearShareTb\chrome\skin\lib\uwa\border_14.png c:\program files\BearShareTb\chrome\skin\lib\uwa\border_15.png c:\program files\BearShareTb\chrome\skin\lib\uwa\border_16.png c:\program files\BearShareTb\chrome\skin\lib\uwa\border_18.png c:\program files\BearShareTb\chrome\skin\lib\uwa\border_19.png c:\program files\BearShareTb\chrome\skin\lib\uwa\border_20.png c:\program files\BearShareTb\chrome\skin\lib\uwa\border_21.png c:\program files\BearShareTb\chrome\skin\lib\uwa\btn-close-grey.png c:\program files\BearShareTb\chrome\skin\lib\uwa\btn-close-greyover.png c:\program files\BearShareTb\chrome\skin\lib\uwa\close-hot.png c:\program files\BearShareTb\chrome\skin\lib\uwa\close-normal.png c:\program files\BearShareTb\chrome\skin\lib\uwa\loadingMid.gif c:\program files\BearShareTb\chrome\skin\lib\uwa\proxy.html c:\program files\BearShareTb\chrome\skin\lib\uwa\template.html c:\program files\BearShareTb\chrome\skin\lib\uwa\template.xml c:\program files\BearShareTb\chrome\skin\lib\uwa\templateFF.html c:\program files\BearShareTb\chrome\skin\lib\uwa\throbber.gif c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\images\add.png c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\images\box-check.png c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\images\ico-check.png c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\images\options-weather.png c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\images\over-blue.png c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\images\over-orange.png c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\popupWeather.css c:\program files\BearShareTb\chrome\skin\lib\weatherbutton\panels\popupWeather.html c:\program files\BearShareTb\chrome\skin\lib\yahoo.png c:\program files\BearShareTb\chrome\skin\lichen.gif c:\program files\BearShareTb\chrome\skin\logo-about.jpg c:\program files\BearShareTb\chrome\skin\logo-over.png c:\program files\BearShareTb\chrome\skin\logo.png c:\program files\BearShareTb\chrome\skin\logo_old.png c:\program files\BearShareTb\chrome\skin\maps.bmp c:\program files\BearShareTb\chrome\skin\menuseparatorback.gif c:\program files\BearShareTb\chrome\skin\modify-save.png c:\program files\BearShareTb\chrome\skin\modify.png c:\program files\BearShareTb\chrome\skin\modifyhot.png c:\program files\BearShareTb\chrome\skin\music.png c:\program files\BearShareTb\chrome\skin\news.png c:\program files\BearShareTb\chrome\skin\options\options-main.png c:\program files\BearShareTb\chrome\skin\options\options-search.png c:\program files\BearShareTb\chrome\skin\options\options-weather.gif c:\program files\BearShareTb\chrome\skin\options\options-widgets.png c:\program files\BearShareTb\chrome\skin\orange.gif c:\program files\BearShareTb\chrome\skin\pixsy.png c:\program files\BearShareTb\chrome\skin\relatedlinks.png c:\program files\BearShareTb\chrome\skin\rss-collapse.png c:\program files\BearShareTb\chrome\skin\rss-delete.png c:\program files\BearShareTb\chrome\skin\rss-expand.png c:\program files\BearShareTb\chrome\skin\rss-feed.png c:\program files\BearShareTb\chrome\skin\rss-folder-remove.png c:\program files\BearShareTb\chrome\skin\rss-folder-rename.png c:\program files\BearShareTb\chrome\skin\rss-folder.png c:\program files\BearShareTb\chrome\skin\rss-found.png c:\program files\BearShareTb\chrome\skin\rss-reload.png c:\program files\BearShareTb\chrome\skin\rss-subscribe.png c:\program files\BearShareTb\chrome\skin\rss.png c:\program files\BearShareTb\chrome\skin\rssback.gif c:\program files\BearShareTb\chrome\skin\rsstopback.gif c:\program files\BearShareTb\chrome\skin\search-over.png c:\program files\BearShareTb\chrome\skin\search.png c:\program files\BearShareTb\chrome\skin\searchbar\searchbar-background-left.png c:\program files\BearShareTb\chrome\skin\searchbar\searchbar-background-middle.png c:\program files\BearShareTb\chrome\skin\searchbar\searchbar-background-right.png c:\program files\BearShareTb\chrome\skin\settings.png c:\program files\BearShareTb\chrome\skin\shopping.png c:\program files\BearShareTb\chrome\skin\siteinfo.png c:\program files\BearShareTb\chrome\skin\skin-bluelite.png c:\program files\BearShareTb\chrome\skin\skin-bluesky.png c:\program files\BearShareTb\chrome\skin\skin-grey.png c:\program files\BearShareTb\chrome\skin\skin-lichen.png c:\program files\BearShareTb\chrome\skin\skin-orange.png c:\program files\BearShareTb\chrome\skin\skin-yellow.png c:\program files\BearShareTb\chrome\skin\technorati.png c:\program files\BearShareTb\chrome\skin\throbber.gif c:\program files\BearShareTb\chrome\skin\Thumbs.db c:\program files\BearShareTb\chrome\skin\video.bmp c:\program files\BearShareTb\chrome\skin\vmn.css c:\program files\BearShareTb\chrome\skin\weather.png c:\program files\BearShareTb\chrome\skin\web.png c:\program files\BearShareTb\chrome\skin\widget_allocine.png c:\program files\BearShareTb\chrome\skin\widget_bliptv.png c:\program files\BearShareTb\chrome\skin\widget_calcal.png c:\program files\BearShareTb\chrome\skin\widget_calculator.png c:\program files\BearShareTb\chrome\skin\widget_gservices.png c:\program files\BearShareTb\chrome\skin\widget_sudoku.png c:\program files\BearShareTb\chrome\skin\widget_todo.jpg c:\program files\BearShareTb\chrome\skin\widget_todo.png c:\program files\BearShareTb\chrome\skin\widget_trio.png c:\program files\BearShareTb\chrome\skin\widget_uconverter.png c:\program files\BearShareTb\chrome\skin\widgets.png c:\program files\BearShareTb\chrome\skin\wikipedia.png c:\program files\BearShareTb\chrome\skin\yahoosearch.png c:\program files\BearShareTb\chrome\skin\yellow.gif c:\program files\BearShareTb\chrome\skin\youtube.png c:\program files\BearShareTb\chrome\skin\zoom.png c:\program files\BearShareTb\install.ico c:\program files\BearShareTb\install.rdf c:\program files\BearShareTb\manifest.xml c:\program files\BearShareTb\uninstall.exe c:\program files\godfather.exe c:\windows\svchost.exe c:\windows\system32\01.tmp c:\windows\system32\02.tmp c:\windows\system32\vcmgcd32.dl_ c:\windows\system32\vcmgcd32.dll . ((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_POWERMANAGER -------\Service_kcmxr -------\Service_PowerManager ((((((((((((((((((((((((( Pliki utworzone od 2010-03-08 do 2010-04-08 ))))))))))))))))))))))))))))))) . 2010-04-08 20:44 . 2010-04-08 20:44 36864 ------w- c:\windows\system32\vcmgcd32.dll 2010-04-08 15:24 . 2010-04-08 15:24 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\Malwarebytes 2010-04-08 15:24 . 2010-03-29 23:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-04-08 15:24 . 2010-04-08 15:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-04-08 15:24 . 2010-04-08 15:24 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Malwarebytes 2010-04-08 15:24 . 2010-03-29 23:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-04-07 12:34 . 2010-04-07 13:28 -------- d-----w- c:\program files\CCleaner 2010-03-28 20:30 . 2004-04-10 08:42 2944 ----a-w- c:\windows\system32\mbmiodrvr.sys 2010-03-28 20:30 . 2010-03-28 20:30 -------- d-----w- c:\program files\Motherboard Monitor 5 2010-03-22 18:57 . 2010-03-22 18:57 -------- d-----w- c:\program files\Common Files\Adobe 2010-03-22 18:55 . 2010-03-22 18:55 -------- d-----w- c:\windows\Cache 2010-03-21 00:47 . 2010-03-21 01:05 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\TeamViewer 2010-03-21 00:46 . 2010-03-21 00:46 -------- d-----w- c:\program files\TeamViewer 2010-03-20 22:36 . 2010-03-20 22:36 -------- d-----w- c:\program files\XLView 2010-03-15 11:06 . 2010-03-15 11:07 -------- d-----w- c:\program files\ConvertHelper 2010-03-14 16:22 . 2010-03-14 16:23 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-03-14 11:00 . 2010-03-14 11:00 -------- d-----w- c:\documents and settings\sebek\dwhelper . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-04-08 20:04 . 2010-01-19 17:58 -------- d-----w- c:\program files\Mozilla Firefox1 2010-04-08 19:28 . 2009-07-09 16:08 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\vlc 2010-04-08 16:54 . 2010-01-29 17:20 -------- d-----w- c:\program files\GameSpy Arcade 2010-04-08 16:47 . 2009-09-30 11:06 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\Free Download Manager 2010-04-07 19:21 . 2009-07-26 08:05 -------- d-----w- c:\program files\MoorHunt 2010-04-06 18:38 . 2009-07-09 13:20 -------- d-----w- c:\program files\MailShare 2010-04-06 14:17 . 2009-09-07 17:16 -------- d-----w- c:\program files\DMW Pro Client 2010-04-03 16:46 . 2009-07-10 09:33 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\dvdcss 2010-03-29 04:01 . 2010-01-08 17:14 -------- d-----w- c:\program files\Advanced LAN Scanner 2010-03-26 16:56 . 2009-11-09 15:58 -------- d-----w- c:\program files\Mozilla Firefox 3.6 Beta 1 2010-03-23 08:03 . 2009-08-01 21:30 2672 -csha-w- c:\windows\system32\KGyGaAvL.sys 2010-03-23 08:03 . 2009-08-01 21:30 88 -csh--r- c:\windows\system32\5F4C08A6CE.sys 2010-03-22 18:42 . 2009-09-30 11:07 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\Software Informer 2010-03-22 18:41 . 2009-08-01 01:08 -------- d-----w- c:\program files\EttercapNG 2010-03-22 18:39 . 2010-01-08 17:36 -------- d-----w- c:\program files\AdvancedRemoteInfo 2010-03-22 18:29 . 2009-09-08 11:10 -------- d-----w- c:\program files\IrfanView 2010-03-21 21:53 . 2009-11-16 00:24 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\TrackMania 2010-03-20 22:17 . 2010-02-07 19:01 -------- d-----w- c:\program files\TC UP 2010-03-19 19:16 . 2010-01-27 19:58 -------- d-----w- c:\program files\Gadu-Gadu 10 2010-03-16 21:03 . 2009-07-26 08:15 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\uTorrent 2010-03-15 15:28 . 2009-07-26 08:19 -------- d-----w- c:\program files\uTorrent 2010-03-12 19:21 . 2010-01-31 09:45 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\OpenFM 2010-03-12 09:24 . 2009-07-28 14:38 -------- d-----w- c:\program files\Xfire 2010-03-11 16:05 . 2010-03-05 17:54 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\HLSW 2010-03-11 01:56 . 2009-07-18 15:45 -------- d-----w- c:\program files\ygoow 2010-03-10 21:04 . 2009-07-28 14:38 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\Xfire 2010-03-08 09:41 . 2010-03-08 09:41 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\Sports Interactive 2010-03-08 09:41 . 2010-03-08 09:41 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Sports Interactive 2010-03-05 17:54 . 2010-03-05 17:54 -------- d-s---w- c:\program files\HLSW 2010-03-05 00:11 . 2010-03-05 00:11 41872 ----a-w- c:\windows\system32\xfcodec.dll 2010-03-02 17:45 . 2010-03-02 17:45 -------- d-----w- c:\program files\FreeTime 2010-03-02 13:53 . 2010-01-27 19:58 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\Gadu-Gadu 10 2010-03-02 13:52 . 2010-03-02 13:52 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Gadu-Gadu 10 2010-02-26 15:03 . 2009-11-14 08:08 -------- d-----w- c:\program files\Google 2010-02-26 15:03 . 2009-12-09 05:44 -------- d-----w- c:\program files\DVDVideoSoft 2010-02-23 16:43 . 2010-02-23 16:43 -------- d-----w- c:\program files\GiPo@Utilities 2010-02-23 16:43 . 2010-02-23 16:43 -------- d-----w- c:\program files\Common Files\Gibinsoft Shared 2010-02-20 01:50 . 2009-07-11 01:05 -------- d-----w- c:\program files\NAPI-PROJEKT 2010-02-19 21:30 . 2010-02-19 21:30 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Lite 2010-02-13 07:49 . 2010-02-13 07:49 2131336 ----a-w- c:\documents and settings\sebek\Dane aplikacji\Mozilla\Firefox\Profiles\w114i314.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe 2010-02-12 11:29 . 2010-02-12 11:29 111104 ----a-w- c:\windows\system32\uha.exe 2010-02-08 13:06 . 2010-01-08 17:10 -------- d-----w- c:\program files\Advanced IP Scanner 2010-02-05 09:01 . 2010-02-05 08:51 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll 2010-02-04 09:01 . 2010-03-07 22:49 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll 2010-02-04 09:01 . 2010-03-07 22:49 528216 ----a-w- c:\windows\system32\XAudio2_6.dll 2010-02-04 09:01 . 2010-03-07 22:49 238936 ----a-w- c:\windows\system32\xactengine3_6.dll 2010-02-04 09:01 . 2010-03-07 22:49 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll 2010-01-29 05:31 . 2009-07-09 13:28 13664 ----a-w- c:\documents and settings\sebek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2010-01-27 20:01 . 2010-01-27 20:01 1060864 ----a-w- c:\windows\system32\mfc71.dll 2010-01-27 20:01 . 2010-01-27 20:01 1700352 ----a-w- c:\windows\system32\gdiplus.dll 2010-01-20 12:05 . 2010-01-20 12:05 42088 ----a-w- c:\documents and settings\sebek\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll 2010-01-20 12:03 . 2010-01-20 12:03 11776 ----a-w- c:\documents and settings\sebek\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.2.dll . ((((((((((((((((((((((((((((( SnapShot@2010-04-08_15.15.24 ))))))))))))))))))))))))))))))))))))))))) . + 2010-04-08 20:30 . 2010-04-08 20:30 5120 c:\windows\Installer\{789289CA-F73A-4A16-A331-54D498CE069F}\Icon789289CA.exe . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 65536] "Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2009-01-31 3461120] "Gadu-Gadu"="d:\gadu-gadu1\gg.exe" [2008-03-20 2147776] "mount.exe"="c:\program files\GiPo@Utilities\FileUtilities.3\mount.exe" [2008-04-11 394752] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-03-15 309040] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-10-30 4620288] "nwiz"="nwiz.exe" [2004-10-30 942080] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-10-30 86016] "DeathAdder"="c:\program files\Razer\DeathAdder\razerhid.exe" [2009-12-15 264704] "SoundMan"="SOUNDMAN.EXE" [2004-09-16 69632] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKLM\~\startupfolder\C:^Documents and Settings^sebek^Menu Start^Programy^Autostart^hamachi.lnk] path=c:\documents and settings\sebek\Menu Start\Programy\Autostart\hamachi.lnk backup=c:\windows\pss\hamachi.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate] 2009-06-04 20:56 926720 ----a-w- c:\program files\ALLPlayer\ALLUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2009-10-30 11:57 369200 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu] 2008-03-20 10:04 2147776 ----a-w- d:\gadu-gadu1\gg.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu 10] 2010-01-20 12:05 12067432 ----a-w- c:\program files\Gadu-Gadu 10\gg.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPLA!] 2009-12-23 16:14 14137240 ----a-w- c:\program files\ipla\ipla.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 08:50 212480 ----a-w- c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2009-10-09 11:11 25623336 ----a-r- c:\program files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Software Informer] 2009-09-23 23:16 2006528 ----a-w- c:\program files\Software Informer\softinfo.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite] 2009-04-01 08:21 462336 ------w- c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2009-11-14 08:09 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] 2009-12-04 00:05 325936 ----a-w- c:\documents and settings\sebek\Moje dokumenty\Pobieranie\utorrent(4).exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "gusvc"=3 (0x3) "Hamachi2Svc"=2 (0x2) "NMSAccessU"=2 (0x2) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "d:\\Gadu-Gadu1\\gg.exe"= "c:\\Program Files\\GameSpy Arcade\\Aphex.exe"= "d:\\mohaa1.0\\MOHAA.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Xfire\\Xfire.exe"= "d:\\mohaa 1.11\\MOHAA.exe"= "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\SopCast\\SopCast.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "d:\\Counter-Strike Source\\hl2.exe"= "c:\\Documents and Settings\\sebek\\Moje dokumenty\\Pobieranie\\utorrent(3).exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Documents and Settings\\sebek\\Moje dokumenty\\Pobieranie\\utorrent(4).exe"= "c:\\Documents and Settings\\sebek\\Moje dokumenty\\Pobieranie\\utorrent(5).exe"= "c:\\Program Files\\Codemasters\\Project IGI2\\pc\\igi2.exe"= "c:\\Program Files\\Illusion Softworks\\Hidden & Dangerous 2\\hd2.exe"= "d:\\mohaa 1.11\\MOHAA_server.exe"= "c:\\Program Files\\Gadu-Gadu 10\\gg.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Documents and Settings\\sebek\\Moje dokumenty\\Pobieranie\\utorrent(8).exe"= "c:\\Program Files\\HLSW\\hlsw.exe"= "d:\\fm\\Football Manager 2009\\fm.exe"= "c:\\Program Files\\TmNationsForever\\TmForever.exe"= "c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"= "c:\\Program Files\\WinPcap\\rpcapd.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "6444:TCP"= 6444:TCP:ppqumju R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-07-27 691696] R1 VD_FileDisk;VD_FileDisk;c:\windows\system32\drivers\vd_filedisk.sys [2006-01-13 15872] R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2010-01-08 401408] R3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [2009-09-17 22784] S2 gupdate;Usługa Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-26 135664] S3 hidusbf;USB Mouse Rate Adjuster Lower Filter by SweetLow;c:\windows\system32\drivers\hidusbf.sys [2009-09-06 4544] S3 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-02-08 34064] S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [2009-08-02 89256] S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [2009-08-02 15016] S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [2009-08-02 120744] S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [2009-08-02 114216] S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [2009-08-02 25512] S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [2009-08-02 110632] S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [2009-08-02 115752] S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2009-08-02 86824] S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2009-08-02 15016] S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2009-08-02 114600] S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2009-08-02 108328] S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [2009-08-02 26024] S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [2009-08-02 104616] S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2009-08-02 109736] S4 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568] . Zawartość folderu 'Zaplanowane zadania' 2010-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-26 15:03] 2010-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-26 15:03] . . ------- Skan uzupełniający ------- . uStart Page = hxxp://search.bearshare.com/ uInternet Connection Wizard,ShellNext = iexplore IE: Funkcja Google Sidewiki - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html IE: Pobierz plik wideo we Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm IE: Pobierz w Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm IE: Pobierz wszystkie pliki w Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm IE: Pobierz zaznaczone w Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm FF - ProfilePath - c:\documents and settings\sebek\Dane aplikacji\Mozilla\Firefox\Profiles\w114i314.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=966134&p= FF - plugin: c:\documents and settings\sebek\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.2.dll FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll . - - - - USUNIĘTO PUSTE WPISY - - - - BHO-{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - (no file) MSConfigStartUp-VVSN - c:\program files\VVSN\VVSN.exe AddRemove-bearsharetb - c:\program files\BearShareTb\uninstall.exe ************************************************************************** skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: ************************************************************************** . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- - - - - - - - > 'explorer.exe'(3716) c:\windows\system32\vcmgcd32.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\program files\Common Files\LightScribe\LSSrvc.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\PSIService.exe c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe c:\windows\system32\wscntfy.exe c:\windows\SOUNDMAN.EXE c:\windows\system32\rundll32.exe c:\program files\Razer\DeathAdder\razertra.exe c:\program files\Razer\DeathAdder\razerofa.exe . ************************************************************************** . Czas ukończenia: 2010-04-08 21:47:31 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2010-04-08 20:47 ComboFix2.txt 2010-04-08 15:19 Przed: 8 564 887 552 bajtów wolnych Po: 8 472 637 440 bajtów wolnych - - End Of File - - 45CB0ED4D9158DDBB6C5D1D68F15C7BC [/log]
Mateusz J. komentarz 8 kwietnia 2010 komentarz 8 kwietnia 2010 Nowy skrypt, po wykonaniu nowy log: [code]File:: c:\windows\system32\vcmgcd32.dll c:\windows\system32\d3d9caps.dat Registry:: [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "6444:TCP"=-[/code] (Usuń spację pomiędzy standardprofile\ a GloballyOpenPorts) Jeśli po tej operacji się nie uda prawdopodobnie będziesz musiał zrobic format. Sality zabija pliki exe. Ciężko z nim wygrać. 1
sebus1989 komentarz 8 kwietnia 2010 Autor komentarz 8 kwietnia 2010 (edytowane) jesiona, ja jeszcze skanuje tym kasperskym . wir virus.win32.hidrag.a infekuje mi exe'ki kaspersky powoli je kasuje, ale watpie czy to cos pomoże, chyba ze je jakoś wylecze. zaraz Ci wrzuce screena po 3 % skanowania. http://i44.tinypic.com/2gskb2r.jpg /edit log po nowym skrypcie [log] ComboFix 10-04-07.04 - sebek 2010-04-08 23:11:11.3.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.48.1045.18.511.344 [GMT 1:00] Uruchomiony z: c:\documents and settings\sebek\Pulpit\ComboFix.exe Użyto następujących komend :: c:\documents and settings\sebek\Pulpit\CFScript.txt.txt FILE :: "c:\windows\system32\d3d9caps.dat" "c:\windows\system32\vcmgcd32.dll" . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\svchost.exe c:\windows\system32\d3d9caps.dat c:\windows\system32\vcmgcd32.dl_ c:\windows\system32\vcmgcd32.dll . ((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_POWERMANAGER -------\Service_PowerManager ((((((((((((((((((((((((( Pliki utworzone od 2010-03-08 do 2010-04-08 ))))))))))))))))))))))))))))))) . 2010-04-08 22:23 . 2010-04-08 22:23 36864 ------w- c:\windows\system32\vcmgcd32.dll 2010-04-08 20:58 . 2009-10-22 12:54 37392 ----a-w- c:\windows\system32\drivers\79218712.sys 2010-04-08 20:58 . 2009-10-09 22:31 315408 ----a-w- c:\windows\system32\drivers\7921871.sys 2010-04-08 20:58 . 2009-09-25 16:59 128016 ----a-w- c:\windows\system32\drivers\79218711.sys 2010-04-08 15:24 . 2010-04-08 15:24 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\Malwarebytes 2010-04-08 15:24 . 2010-03-29 23:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-04-08 15:24 . 2010-04-08 15:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-04-08 15:24 . 2010-04-08 15:24 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Malwarebytes 2010-04-08 15:24 . 2010-03-29 23:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-04-07 12:34 . 2010-04-07 13:28 -------- d-----w- c:\program files\CCleaner 2010-03-28 20:30 . 2004-04-10 08:42 2944 ----a-w- c:\windows\system32\mbmiodrvr.sys 2010-03-28 20:30 . 2010-03-28 20:30 -------- d-----w- c:\program files\Motherboard Monitor 5 2010-03-22 18:57 . 2010-03-22 18:57 -------- d-----w- c:\program files\Common Files\Adobe 2010-03-22 18:55 . 2010-03-22 18:55 -------- d-----w- c:\windows\Cache 2010-03-21 00:47 . 2010-03-21 01:05 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\TeamViewer 2010-03-21 00:46 . 2010-03-21 00:46 -------- d-----w- c:\program files\TeamViewer 2010-03-20 22:36 . 2010-03-20 22:36 -------- d-----w- c:\program files\XLView 2010-03-15 11:06 . 2010-03-15 11:07 -------- d-----w- c:\program files\ConvertHelper 2010-03-14 11:00 . 2010-03-14 11:00 -------- d-----w- c:\documents and settings\sebek\dwhelper . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-04-08 21:27 . 2009-07-09 16:08 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\vlc 2010-04-08 21:01 . 2009-09-30 11:06 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\Free Download Manager 2010-04-08 20:47 . 2010-01-19 17:58 -------- d-----w- c:\program files\Mozilla Firefox1 2010-04-08 16:54 . 2010-01-29 17:20 -------- d-----w- c:\program files\GameSpy Arcade 2010-04-07 19:21 . 2009-07-26 08:05 -------- d-----w- c:\program files\MoorHunt 2010-04-06 18:38 . 2009-07-09 13:20 -------- d-----w- c:\program files\MailShare 2010-04-06 14:17 . 2009-09-07 17:16 -------- d-----w- c:\program files\DMW Pro Client 2010-04-03 16:46 . 2009-07-10 09:33 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\dvdcss 2010-03-29 04:01 . 2010-01-08 17:14 -------- d-----w- c:\program files\Advanced LAN Scanner 2010-03-26 16:56 . 2009-11-09 15:58 -------- d-----w- c:\program files\Mozilla Firefox 3.6 Beta 1 2010-03-23 08:03 . 2009-08-01 21:30 2672 -csha-w- c:\windows\system32\KGyGaAvL.sys 2010-03-23 08:03 . 2009-08-01 21:30 88 -csh--r- c:\windows\system32\5F4C08A6CE.sys 2010-03-22 18:42 . 2009-09-30 11:07 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\Software Informer 2010-03-22 18:41 . 2009-08-01 01:08 -------- d-----w- c:\program files\EttercapNG 2010-03-22 18:39 . 2010-01-08 17:36 -------- d-----w- c:\program files\AdvancedRemoteInfo 2010-03-22 18:29 . 2009-09-08 11:10 -------- d-----w- c:\program files\IrfanView 2010-03-21 21:53 . 2009-11-16 00:24 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\TrackMania 2010-03-20 22:17 . 2010-02-07 19:01 -------- d-----w- c:\program files\TC UP 2010-03-19 19:16 . 2010-01-27 19:58 -------- d-----w- c:\program files\Gadu-Gadu 10 2010-03-16 21:03 . 2009-07-26 08:15 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\uTorrent 2010-03-15 15:28 . 2009-07-26 08:19 -------- d-----w- c:\program files\uTorrent 2010-03-12 19:21 . 2010-01-31 09:45 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\OpenFM 2010-03-12 09:24 . 2009-07-28 14:38 -------- d-----w- c:\program files\Xfire 2010-03-11 16:05 . 2010-03-05 17:54 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\HLSW 2010-03-11 01:56 . 2009-07-18 15:45 -------- d-----w- c:\program files\ygoow 2010-03-10 21:04 . 2009-07-28 14:38 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\Xfire 2010-03-08 09:41 . 2010-03-08 09:41 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\Sports Interactive 2010-03-08 09:41 . 2010-03-08 09:41 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Sports Interactive 2010-03-05 17:54 . 2010-03-05 17:54 -------- d-s---w- c:\program files\HLSW 2010-03-05 00:11 . 2010-03-05 00:11 41872 ----a-w- c:\windows\system32\xfcodec.dll 2010-03-02 17:45 . 2010-03-02 17:45 -------- d-----w- c:\program files\FreeTime 2010-03-02 13:53 . 2010-01-27 19:58 -------- d-----w- c:\documents and settings\sebek\Dane aplikacji\Gadu-Gadu 10 2010-03-02 13:52 . 2010-03-02 13:52 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Gadu-Gadu 10 2010-02-26 15:03 . 2009-11-14 08:08 -------- d-----w- c:\program files\Google 2010-02-26 15:03 . 2009-12-09 05:44 -------- d-----w- c:\program files\DVDVideoSoft 2010-02-23 16:43 . 2010-02-23 16:43 -------- d-----w- c:\program files\GiPo@Utilities 2010-02-23 16:43 . 2010-02-23 16:43 -------- d-----w- c:\program files\Common Files\Gibinsoft Shared 2010-02-20 01:50 . 2009-07-11 01:05 -------- d-----w- c:\program files\NAPI-PROJEKT 2010-02-19 21:30 . 2010-02-19 21:30 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\DAEMON Tools Lite 2010-02-13 07:49 . 2010-02-13 07:49 2131336 ----a-w- c:\documents and settings\sebek\Dane aplikacji\Mozilla\Firefox\Profiles\w114i314.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe 2010-02-12 11:29 . 2010-02-12 11:29 111104 ----a-w- c:\windows\system32\uha.exe 2010-02-08 13:06 . 2010-01-08 17:10 -------- d-----w- c:\program files\Advanced IP Scanner 2010-02-05 09:01 . 2010-02-05 08:51 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll 2010-02-04 09:01 . 2010-03-07 22:49 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll 2010-02-04 09:01 . 2010-03-07 22:49 528216 ----a-w- c:\windows\system32\XAudio2_6.dll 2010-02-04 09:01 . 2010-03-07 22:49 238936 ----a-w- c:\windows\system32\xactengine3_6.dll 2010-02-04 09:01 . 2010-03-07 22:49 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll 2010-01-29 05:31 . 2009-07-09 13:28 13664 ----a-w- c:\documents and settings\sebek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2010-01-27 20:01 . 2010-01-27 20:01 1060864 ----a-w- c:\windows\system32\mfc71.dll 2010-01-27 20:01 . 2010-01-27 20:01 1700352 ----a-w- c:\windows\system32\gdiplus.dll 2010-01-20 12:05 . 2010-01-20 12:05 42088 ----a-w- c:\documents and settings\sebek\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll 2010-01-20 12:03 . 2010-01-20 12:03 11776 ----a-w- c:\documents and settings\sebek\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.2.dll . ((((((((((((((((((((((((((((( SnapShot@2010-04-08_15.15.24 ))))))))))))))))))))))))))))))))))))))))) . + 2010-04-08 21:38 . 2010-04-08 21:38 5120 c:\windows\Installer\{789289CA-F73A-4A16-A331-54D498CE069F}\Icon789289CA.exe . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 65536] "Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2009-01-31 3481600] "Gadu-Gadu"="d:\gadu-gadu1\gg.exe" [2008-03-20 2147776] "mount.exe"="c:\program files\GiPo@Utilities\FileUtilities.3\mount.exe" [2008-04-11 394752] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-03-15 309040] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-10-30 4620288] "nwiz"="nwiz.exe" [2004-10-30 942080] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-10-30 86016] "DeathAdder"="c:\program files\Razer\DeathAdder\razerhid.exe" [2009-12-15 264704] "SoundMan"="SOUNDMAN.EXE" [2004-09-16 69632] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\sebek\Menu Start\Programy\Autostart\ setup_9.0.0.722_08.04.2010_23-08.lnk - c:\documents and settings\sebek\Pulpit\Virus Removal Tool\setup_9.0.0.722_08.04.2010_23-08\startup.exe [2010-4-8 72208] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKLM\~\startupfolder\C:^Documents and Settings^sebek^Menu Start^Programy^Autostart^hamachi.lnk] path=c:\documents and settings\sebek\Menu Start\Programy\Autostart\hamachi.lnk backup=c:\windows\pss\hamachi.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate] 2009-06-04 20:56 926720 ----a-w- c:\program files\ALLPlayer\ALLUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2009-10-30 11:57 369200 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu] 2008-03-20 10:04 2147776 ----a-w- d:\gadu-gadu1\gg.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu 10] 2010-01-20 12:05 12067432 ----a-w- c:\program files\Gadu-Gadu 10\gg.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPLA!] 2009-12-23 16:14 14137240 ----a-w- c:\program files\ipla\ipla.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 08:50 212480 ----a-w- c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2009-10-09 11:11 25623336 ----a-r- c:\program files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Software Informer] 2009-09-23 23:16 2006528 ----a-w- c:\program files\Software Informer\softinfo.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite] 2009-04-01 08:21 462336 ------w- c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2009-11-14 08:09 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] 2009-12-04 00:05 325936 ----a-w- c:\documents and settings\sebek\Moje dokumenty\Pobieranie\utorrent(4).exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "gusvc"=3 (0x3) "Hamachi2Svc"=2 (0x2) "NMSAccessU"=2 (0x2) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "d:\\Gadu-Gadu1\\gg.exe"= "c:\\Program Files\\GameSpy Arcade\\Aphex.exe"= "d:\\mohaa1.0\\MOHAA.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Xfire\\Xfire.exe"= "d:\\mohaa 1.11\\MOHAA.exe"= "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\SopCast\\SopCast.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "d:\\Counter-Strike Source\\hl2.exe"= "c:\\Documents and Settings\\sebek\\Moje dokumenty\\Pobieranie\\utorrent(3).exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Documents and Settings\\sebek\\Moje dokumenty\\Pobieranie\\utorrent(4).exe"= "c:\\Documents and Settings\\sebek\\Moje dokumenty\\Pobieranie\\utorrent(5).exe"= "c:\\Program Files\\Codemasters\\Project IGI2\\pc\\igi2.exe"= "c:\\Program Files\\Illusion Softworks\\Hidden & Dangerous 2\\hd2.exe"= "d:\\mohaa 1.11\\MOHAA_server.exe"= "c:\\Program Files\\Gadu-Gadu 10\\gg.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Documents and Settings\\sebek\\Moje dokumenty\\Pobieranie\\utorrent(8).exe"= "c:\\Program Files\\HLSW\\hlsw.exe"= "d:\\fm\\Football Manager 2009\\fm.exe"= "c:\\Program Files\\TmNationsForever\\TmForever.exe"= "c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"= "c:\\Program Files\\WinPcap\\rpcapd.exe"= R0 79218712;79218712 Boot Guard Driver;c:\windows\system32\drivers\79218712.sys [2010-04-08 37392] R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-07-27 691696] R1 79218711;79218711;c:\windows\system32\drivers\79218711.sys [2010-04-08 128016] R1 setup_9.0.0.722_08.04.2010_23-08drv;setup_9.0.0.722_08.04.2010_23-08drv;c:\windows\system32\drivers\7921871.sys [2010-04-08 315408] R1 VD_FileDisk;VD_FileDisk;c:\windows\system32\drivers\vd_filedisk.sys [2006-01-13 15872] R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2010-01-08 401408] R3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [2009-09-17 22784] S2 gupdate;Usługa Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-26 135664] S3 hidusbf;USB Mouse Rate Adjuster Lower Filter by SweetLow;c:\windows\system32\drivers\hidusbf.sys [2009-09-06 4544] S3 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-02-08 34064] S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [2009-08-02 89256] S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [2009-08-02 15016] S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [2009-08-02 120744] S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [2009-08-02 114216] S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [2009-08-02 25512] S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [2009-08-02 110632] S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [2009-08-02 115752] S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2009-08-02 86824] S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2009-08-02 15016] S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2009-08-02 114600] S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2009-08-02 108328] S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [2009-08-02 26024] S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [2009-08-02 104616] S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2009-08-02 109736] S4 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568] . Zawartość folderu 'Zaplanowane zadania' 2010-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-26 15:03] 2010-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-26 15:03] . . ------- Skan uzupełniający ------- . uStart Page = hxxp://search.bearshare.com/ uInternet Connection Wizard,ShellNext = iexplore IE: Funkcja Google Sidewiki - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html IE: Pobierz plik wideo we Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm IE: Pobierz w Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm IE: Pobierz wszystkie pliki w Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm IE: Pobierz zaznaczone w Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm FF - ProfilePath - c:\documents and settings\sebek\Dane aplikacji\Mozilla\Firefox\Profiles\w114i314.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=966134&p= FF - plugin: c:\documents and settings\sebek\Dane aplikacji\Gadu-Gadu 10\_userdata\npgg.2.dll FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll . ************************************************************************** skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: ************************************************************************** . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- - - - - - - - > 'explorer.exe'(2368) c:\windows\system32\vcmgcd32.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\program files\Common Files\LightScribe\LSSrvc.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\PSIService.exe c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe c:\windows\system32\wscntfy.exe c:\windows\system32\rundll32.exe c:\windows\SOUNDMAN.EXE c:\program files\Razer\DeathAdder\razertra.exe c:\program files\Razer\DeathAdder\razerofa.exe c:\documents and settings\sebek\Pulpit\Virus Removal Tool\setup_9.0.0.722_08.04.2010_23-08\setup_9.0.0.722_08.04.2010_23-08.exe . ************************************************************************** . Czas ukończenia: 2010-04-08 23:28:41 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2010-04-08 22:28 ComboFix2.txt 2010-04-08 20:47 ComboFix3.txt 2010-04-08 15:19 Przed: 8 608 960 512 bajtów wolnych Po: 8 528 261 120 bajtów wolnych - - End Of File - - 040B9645A72657B6F16276044054D4A3 [/log] po nocnym skanowaniu i leczeniu zarażonych plików poprzez Dr.Web daje raport, dr.web[log] DeathAdder_driver_v2.00_Eng.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; DeathAdder_driver_v2.01_Eng.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; DMWProClientSetup.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; FFSetup220.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; Firefox Setup 3.5.7.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; FreeYouTubeToMp3Converter.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; hamachisetup-1.0.3.0-pl(www.maxprograms.pl).exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; HamachiSetup-1.0.3.0-pl.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; hd2_patch106.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; hlsw_1_3_3_rc1_setup.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; install.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; iview425_setup(dobreprogramy.pl).exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; klcodec462f.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; MailShare(2).exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; MailShare(3).exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; MailShare.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; mbam-setup-1.45.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; Mbm5370(dobreprogramy.pl).exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; MoorHunt(2).exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; MoorHunt(3).exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; MoorHunt.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; OTL.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; P2MSetup.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; PaintShopPro1120_CZ_PL_CORELTD_ESD.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; PionOpis0.94.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; pu3mm664.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; setup_9.0.0.722_08.04.2010_23-08.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; Sony_Ericsson_PC_Suite_5.009.00_Web_PL.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; SpyHunter-Installer.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; tcup50(dobreprogramy.pl).exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; TeamViewer_Setup.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; Thps3_Patch101E.EXE;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; TmNationsForever_Fix_2009-10-09_Setup.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; utorrent(10).exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Niewyleczalny.Usunięty.; utorrent(2).exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Niewyleczalny.Usunięty.; utorrent(3).exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Niewyleczalny.Usunięty.; utorrent(4).exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Niewyleczalny.Usunięty.; utorrent(6).exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Niewyleczalny.Usunięty.; utorrent(7).exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Niewyleczalny.Usunięty.; utorrent(8).exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; utorrent(9).exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; utorrent.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Niewyleczalny.Usunięty.; WarRock_2009_08_13.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; WruSetup_X1xbXl5aXA==.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; wwdc_141_(dobreprogramy.pl).exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.Sector.28480;Wyleczony.; xfire_installer_37966.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie;Win32.HLLP.Jeefo.36352;Wyleczony.; AutoPlay.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie\autoplay\Playok;Win32.Sector.28480;Wyleczony.; rybka.exe;C:\Documents and Settings\sebek\Moje dokumenty\Pobieranie\autoplay\Playok\Engines;Win32.Sector.28480;Wyleczony.; ComboFix.exe;C:\Documents and Settings\sebek\Pulpit;Win32.HLLP.Jeefo.36352;Wyleczony.; sd4hide.exe;C:\Documents and Settings\sebek\Pulpit;Win32.HLLP.Jeefo.36352;Wyleczony.; sd4hide.exe;C:\Documents and Settings\sebek\Pulpit;Win32.Sector.28480;Wyleczony.; sd4hide.exe;C:\Documents and Settings\sebek\Pulpit;Tool.DiskHide;Usunięty.; PasswordFinder.exe;C:\Documents and Settings\sebek\Pulpit\brut;Win32.HLLP.Jeefo.36352;Wyleczony.; PasswordFinder.exe;C:\Documents and Settings\sebek\Pulpit\brut;Win32.Sector.28480;Wyleczony.; manni.exe;C:\Documents and Settings\sebek\Pulpit\kurnik;Win32.HLLP.Jeefo.36352;Wyleczony.; AutoPlay.exe;C:\Documents and Settings\sebek\Pulpit\kurnik\autoplay\Playok;Win32.Sector.28480;Wyleczony.; rybka.exe;C:\Documents and Settings\sebek\Pulpit\kurnik\autoplay\Playok\Engines;Win32.Sector.28480;Wyleczony.; start.exe;C:\Documents and Settings\sebek\Pulpit\kurnik\lof\common;Win32.HLLP.Jeefo.36352;Wyleczony.; DaileonUpdate.exe;C:\Documents and Settings\sebek\Pulpit\kurnik\lof\daileon;Win32.HLLP.Jeefo.36352;Wyleczony.; start.exe;C:\Documents and Settings\sebek\Pulpit\kurnik\lof\daileon;Win32.HLLP.Jeefo.36352;Wyleczony.; builddb3.exe;C:\Documents and Settings\sebek\Pulpit\kurnik\lof\daileon\db;Win32.Sector.28480;Wyleczony.; compressdb3.exe;C:\Documents and Settings\sebek\Pulpit\kurnik\lof\daileon\db;Win32.Sector.28480;Wyleczony.; rcrack.exe;C:\Documents and Settings\sebek\Pulpit\rainbowcrack-1.4-win;Win32.Sector.28480;Wyleczony.; rt2rtc.exe;C:\Documents and Settings\sebek\Pulpit\rainbowcrack-1.4-win;Win32.Sector.28480;Wyleczony.; rtc2rt.exe;C:\Documents and Settings\sebek\Pulpit\rainbowcrack-1.4-win;Win32.Sector.28480;Wyleczony.; rtgen.exe;C:\Documents and Settings\sebek\Pulpit\rainbowcrack-1.4-win;Win32.Sector.28480;Wyleczony.; rtsort.exe;C:\Documents and Settings\sebek\Pulpit\rainbowcrack-1.4-win;Win32.Sector.28480;Wyleczony.; PnkBstrB.exe;C:\Documents and Settings\sebek\Ustawienia lokalne\Dane aplikacji\PunkBuster\QL\pb;Win32.Sector.28480;Wyleczony.; SHSetup.exe;C:\Documents and Settings\sebek\Ustawienia lokalne\temp;Win32.HLLP.Jeefo.36352;Wyleczony.; KillBox.exe;C:\Documents and Settings\sebek\Ustawienia lokalne\temp\Rar$EX00.156;Win32.Sector.28480;Wyleczony.; SpyHunter.3.12.31.exe;C:\Documents and Settings\sebek\Ustawienia lokalne\temp\Rar$EX18.469\SpyHunter Security Suite v3.12.31;Win32.HLLP.Jeefo.36352;Wyleczony.; SpyHunter.3.12.31.exe;C:\Documents and Settings\sebek\Ustawienia lokalne\temp\Rar$EX20.016\SpyHunter Security Suite v3.12.31;Win32.HLLP.Jeefo.36352;Wyleczony.; 49n9mme.exe;C:\Documents and Settings\sebek\Ustawienia lokalne\temp\RarSFX0;Win32.HLLP.Jeefo.36352;Wyleczony.; 49n9mxp.exe;C:\Documents and Settings\sebek\Ustawienia lokalne\temp\RarSFX0;Win32.HLLP.Jeefo.36352;Wyleczony.; bcm5a5.exe;C:\Documents and Settings\sebek\Ustawienia lokalne\temp\RarSFX0;Win32.HLLP.Jeefo.36352;Wyleczony.; 49n9mme.exe;C:\Documents and Settings\sebek\Ustawienia lokalne\temp\RarSFX1;Win32.HLLP.Jeefo.36352;Wyleczony.; Firefox Setup 3.5.3.exe;C:\Downloads\Software;Win32.HLLP.Jeefo.36352;Wyleczony.; DXSETUP.exe;C:\dx;Win32.HLLP.Jeefo.36352;Wyleczony.; aports.exe;C:\Program Files\Active Ports;Win32.HLLP.Jeefo.36352;Wyleczony.; AcroRd32.exe;C:\Program Files\Adobe\Acrobat 6.0 CE\Reader;Win32.Sector.28480;Wyleczony.; AdobeUpdateManager.exe;C:\Program Files\Adobe\Acrobat 6.0 CE\Reader;Win32.Sector.28480;Wyleczony.; ConsoleApp.exe;C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\plug_ins\Printme;Win32.Sector.28480;Wyleczony.; acroaum.exe;C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\Updater;Win32.Sector.28480;Wyleczony.; uninstal.exe;C:\Program Files\Advanced IP Scanner;Win32.Sector.28480;Wyleczony.; uninstal.exe;C:\Program Files\Advanced LAN Scanner;Win32.Sector.28480;Wyleczony.; ARI.exe;C:\Program Files\AdvancedRemoteInfo;Win32.HLLP.Jeefo.36352;Wyleczony.; ARIExec.exe;C:\Program Files\AdvancedRemoteInfo;Win32.Sector.28480;Wyleczony.; ARIkill.exe;C:\Program Files\AdvancedRemoteInfo;Win32.Sector.28480;Wyleczony.; ARIkill.exe;C:\Program Files\AdvancedRemoteInfo;Tool.Prockill;Usunięty.; ARIlist.exe;C:\Program Files\AdvancedRemoteInfo;Win32.Sector.28480;Wyleczony.; ARIlist.exe;C:\Program Files\AdvancedRemoteInfo;Program.PsList.12;Usunięty.; ARIloggedon.exe;C:\Program Files\AdvancedRemoteInfo;Win32.Sector.28480;Wyleczony.; ARIReg.exe;C:\Program Files\AdvancedRemoteInfo;Win32.Sector.28480;Wyleczony.; ARIShell.exe;C:\Program Files\AdvancedRemoteInfo;Win32.Sector.28480;Wyleczony.; ARIShell.exe;C:\Program Files\AdvancedRemoteInfo;Program.Monitor.18;Usunięty.; ARIUpdate.exe;C:\Program Files\AdvancedRemoteInfo;Win32.Sector.28480;Wyleczony.; ARIWake.exe;C:\Program Files\AdvancedRemoteInfo;Win32.Sector.28480;Wyleczony.; blat.exe;C:\Program Files\AdvancedRemoteInfo;Win32.Sector.28480;Wyleczony.; DetectLockedWorkstation.exe;C:\Program Files\AdvancedRemoteInfo;Win32.Sector.28480;Wyleczony.; Down.exe;C:\Program Files\AdvancedRemoteInfo;Win32.Sector.28480;Wyleczony.; screen.exe;C:\Program Files\AdvancedRemoteInfo;Win32.Sector.28480;Wyleczony.; sqlite.exe;C:\Program Files\AdvancedRemoteInfo;Win32.Sector.28480;Wyleczony.; unins000.exe;C:\Program Files\AdvancedRemoteInfo;Win32.HLLP.Jeefo.36352;Wyleczony.; wget.exe;C:\Program Files\AdvancedRemoteInfo;Win32.Sector.28480;Wyleczony.; xpkey.exe;C:\Program Files\AdvancedRemoteInfo;Win32.Sector.28480;Wyleczony.; nmap.exe;C:\Program Files\AdvancedRemoteInfo\nmap;Win32.Sector.28480;Wyleczony.; CoverDes.exe;C:\Program Files\Ahead\CoverDesigner;Win32.HLLP.Jeefo.36352;Wyleczony.; UNNero.exe;C:\Program Files\Ahead\Nero\Uninstall;Win32.HLLP.Jeefo.36352;Wyleczony.; NBJ.exe;C:\Program Files\Ahead\Nero BackItUp;Win32.HLLP.Jeefo.36352;Wyleczony.; NBR.exe;C:\Program Files\Ahead\Nero BackItUp;Win32.HLLP.Jeefo.36352;Wyleczony.; SoundTrax.exe;C:\Program Files\Ahead\Nero SoundTrax;Win32.HLLP.Jeefo.36352;Wyleczony.; CDSpeed.exe;C:\Program Files\Ahead\Nero Toolkit;Win32.HLLP.Jeefo.36352;Wyleczony.; DMAManager.exe;C:\Program Files\Ahead\Nero Toolkit;Win32.HLLP.Jeefo.36352;Wyleczony.; DriveSpeed.exe;C:\Program Files\Ahead\Nero Toolkit;Win32.HLLP.Jeefo.36352;Wyleczony.; DXEnum.exe;C:\Program Files\Ahead\Nero Wave Editor;Win32.HLLP.Jeefo.36352;Wyleczony.; WaveEdit.exe;C:\Program Files\Ahead\Nero Wave Editor;Win32.HLLP.Jeefo.36352;Wyleczony.; WMPBurn.exe;C:\Program Files\Ahead\WMPBurn;Win32.HLLP.Jeefo.36352;Wyleczony.; ACID.exe;C:\Program Files\Alcohol Soft\Alcohol 120;Win32.Sector.28480;Wyleczony.; Alcohol.exe;C:\Program Files\Alcohol Soft\Alcohol 120;Win32.HLLP.Jeefo.36352;Niewyleczalny.Usunięty.; uninst.exe;C:\Program Files\Alcohol Soft\Alcohol 120;Win32.HLLP.Jeefo.36352;Wyleczony.; AxSrvUACHlper.exe;C:\Program Files\Alcohol Soft\Alcohol 120\Plugins\Helper;Win32.Sector.28480;Wyleczony.; UACHlper.exe;C:\Program Files\Alcohol Soft\Alcohol 120\Plugins\Helper;Win32.Sector.28480;Wyleczony.; StarWindServiceAE.exe;C:\Program Files\Alcohol Soft\Alcohol 120\StarWind;Win32.Sector.28480;Wyleczony.; ALLConverter.exe;C:\Program Files\ALLPlayer;Win32.HLLP.Jeefo.36352;Wyleczony.; ALLConverter.exe;C:\Program Files\ALLPlayer;Win32.Sector.28480;Wyleczony.; ALLPlayer.exe;C:\Program Files\ALLPlayer;Win32.Sector.28480;Wyleczony.; ALLSkinCreator.exe;C:\Program Files\ALLPlayer;Win32.HLLP.Jeefo.36352;Wyleczony.; ALLSkinCreator.exe;C:\Program Files\ALLPlayer;Win32.Sector.28480;Wyleczony.; ALLUpdate.exe;C:\Program Files\ALLPlayer;Win32.HLLP.Jeefo.36352;Wyleczony.; ALLUpdate.exe;C:\Program Files\ALLPlayer;Win32.Sector.28480;Wyleczony.; DivXMux.exe;C:\Program Files\ALLPlayer;Win32.Sector.28480;Wyleczony.; unins000.exe;C:\Program Files\ALLPlayer;Win32.HLLP.Jeefo.36352;Wyleczony.; ANASIL2.EXE;C:\Program Files\Anasil 2 DEMO;Win32.Sector.28480;Wyleczony.; smhelp.exe;C:\Program Files\Anasil 2 DEMO;Win32.Sector.28480;Wyleczony.; adag.exe;C:\Program Files\Anasil 2 DEMO\Adag;Win32.HLLP.Jeefo.36352;Wyleczony.; adag.exe;C:\Program Files\Anasil 2 DEMO\Adag;Win32.Sector.28480;Wyleczony.; adaginst.exe;C:\Program Files\Anasil 2 DEMO\Adag;Win32.Sector.28480;Wyleczony.; adagnt.exe;C:\Program Files\Anasil 2 DEMO\Adag;Win32.Sector.28480;Wyleczony.; smhelp.exe;C:\Program Files\Anasil 2 DEMO\Adag;Win32.Sector.28480;Wyleczony.; ApplicationUpdater.exe;C:\Program Files\Application Updater;Win32.Sector.28480;Wyleczony.; audacity.exe;C:\Program Files\Audacity;Win32.HLLP.Jeefo.36352;Wyleczony.; audacity.exe;C:\Program Files\Audacity;Win32.Sector.28480;Wyleczony.; unins000.exe;C:\Program Files\Audacity;Win32.HLLP.Jeefo.36352;Wyleczony.; BearShare.exe;C:\Program Files\BearShare;Win32.Sector.28480;Wyleczony.; RunMSC.dll;C:\Program Files\BearShare;Adware.SearchAid.40;Usunięty.; UNWISE.EXE;C:\Program Files\BearShare;Win32.HLLP.Jeefo.36352;Wyleczony.; Webstats.exe;C:\Program Files\BearShare;Win32.Sector.28480;Wyleczony.; uninst.exe;C:\Program Files\CCleaner;Win32.HLLP.Jeefo.36352;Wyleczony.; cdbxpp.exe;C:\Program Files\CDBurnerXP;Win32.HLLP.Jeefo.36352;Wyleczony.; unins000.exe;C:\Program Files\CDBurnerXP;Win32.HLLP.Jeefo.36352;Wyleczony.; CDex.exe;C:\Program Files\CDex_170b2;Win32.HLLP.Jeefo.36352;Wyleczony.; CDex.exe;C:\Program Files\CDex_170b2;Win32.Sector.28480;Wyleczony.; uninstall.exe;C:\Program Files\CDex_170b2;Win32.Sector.28480;Wyleczony.; ChomikBox.exe;C:\Program Files\ChomikBox;Win32.HLLP.Jeefo.36352;Wyleczony.; ChomikBoxSetup.exe;C:\Program Files\ChomikBox;Win32.HLLP.Jeefo.36352;Wyleczony.; ChomikSetup.exe;C:\Program Files\ChomikBox;Win32.HLLP.Jeefo.36352;Wyleczony.; Console.exe;C:\Program Files\Codemasters\Project IGI2\pc;Win32.Sector.28480;Wyleczony.; igi2.exe;C:\Program Files\Codemasters\Project IGI2\pc;Win32.HLLP.Jeefo.36352;Wyleczony.; specialoffer.exe;C:\Program Files\Common Files\Ahead\Lib;Win32.HLLP.Jeefo.36352;Wyleczony.; FixComponents.exe;C:\Program Files\Common Files\DVDVideoSoft;Win32.HLLP.Jeefo.36352;Wyleczony.; FixComponentsSilent.exe;C:\Program Files\Common Files\DVDVideoSoft;Win32.HLLP.Jeefo.36352;Wyleczony.; FreeStudioManager.exe;C:\Program Files\Common Files\DVDVideoSoft;Win32.HLLP.Jeefo.36352;Wyleczony.; unins000.exe;C:\Program Files\Common Files\DVDVideoSoft;Win32.HLLP.Jeefo.36352;Wyleczony.; Uninstall.exe;C:\Program Files\Common Files\DVDVideoSoft;Win32.HLLP.Jeefo.36352;Wyleczony.; ffmpeg.exe;C:\Program Files\Common Files\DVDVideoSoft\Dll;Win32.Sector.28480;Wyleczony.; IDriver.exe;C:\Program Files\Common Files\InstallShield\Driver\7\Intel 32;Win32.HLLP.Jeefo.36352;Wyleczony.; IKernel.exe;C:\Program Files\Common Files\InstallShield\engine\6\Intel 32;Win32.HLLP.Jeefo.36352;Wyleczony.; IKernel.exe;C:\Program Files\Common Files\InstallShield\engine\6\Intel 32;Win32.Sector.28480;Wyleczony.; LSLauncher.exe;C:\Program Files\Common Files\LightScribe;Win32.HLLP.Jeefo.36352;Wyleczony.; LSLauncher.exe;C:\Program Files\Common Files\LightScribe;Win32.Sector.28480;Wyleczony.; DW20.EXE;C:\Program Files\Common Files\Microsoft Shared\DW;Win32.HLLP.Jeefo.36352;Wyleczony.; ffmpeg.exe;C:\Program Files\ConvertHelper;Win32.Sector.28480;Wyleczony.; unins000.exe;C:\Program Files\ConvertHelper;Win32.HLLP.Jeefo.36352;Wyleczony.; Corel Paint Shop Pro Photo.exe;C:\Program Files\Corel\Corel Paint Shop Pro Photo XI;Win32.HLLP.Jeefo.36352;Wyleczony.; PCULoader.exe;C:\Program Files\Corel\Corel Paint Shop Pro Photo XI;Win32.HLLP.Jeefo.36352;Wyleczony.; ycomp_setup_core.exe;C:\Program Files\Corel\Corel Paint Shop Pro Photo XI;Win32.HLLP.Jeefo.36352;Wyleczony.; wininst-6.exe;C:\Program Files\Corel\Corel Paint Shop Pro Photo XI\Python Libraries\Lib\distutils\command;Win32.Sector.28480;Wyleczony.; wininst-7.1.exe;C:\Program Files\Corel\Corel Paint Shop Pro Photo XI\Python Libraries\Lib\distutils\command;Win32.Sector.28480;Wyleczony.; msi31.exe;C:\Program Files\Corel\Corel Paint Shop Pro Photo XI - Installation Files;Win32.Sector.28480;Wyleczony.; setup.exe;C:\Program Files\Corel\Corel Paint Shop Pro Photo XI - Installation Files;Win32.HLLP.Jeefo.36352;Wyleczony.; cpuz.exe;C:\Program Files\CPUID\CPU-Z;Win32.HLLP.Jeefo.36352;Wyleczony.; unins000.exe;C:\Program Files\CPUID\CPU-Z;Win32.HLLP.Jeefo.36352;Wyleczony.; hl.exe;C:\Program Files\cs16;Win32.HLLP.Jeefo.36352;Wyleczony.; hl.exe;C:\Program Files\cs16;Win32.Sector.28480;Wyleczony.; hlds.exe;C:\Program Files\cs16;Win32.HLLP.Jeefo.36352;Wyleczony.; hltv.exe;C:\Program Files\cs16;Win32.HLLP.Jeefo.36352;Wyleczony.; DTLiteHlp.exe;C:\Program Files\DAEMON Tools Lite;Win32.HLLP.Jeefo.36352;Wyleczony.; uninst.exe;C:\Program Files\DAEMON Tools Lite;Win32.HLLP.Jeefo.36352;Wyleczony.; uninst.exe;C:\Program Files\DAEMON Tools Toolbar;Win32.HLLP.Jeefo.36352;Wyleczony.; uninst.exe;C:\Program Files\DAEMON Tools Toolbar;Win32.Sector.28480;Wyleczony.; start_uac.exe;C:\Program Files\DExUS\UAC2;Win32.HLLP.Jeefo.36352;Wyleczony.; UAC.exe;C:\Program Files\DExUS\UAC2;Win32.Sector.28480;Wyleczony.; unins000.exe;C:\Program Files\DExUS\UAC2;Win32.HLLP.Jeefo.36352;Wyleczony.; DPInst.exe;C:\Program Files\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997;Win32.HLLP.Jeefo.36352;Wyleczony.; DMWProClient.exe;C:\Program Files\DMW Pro Client;Win32.HLLP.Jeefo.36352;Wyleczony.; uninst.exe;C:\Program Files\DMW Pro Client;Win32.Sector.28480;Wyleczony.; DVDVideoSoftToolbarHelper.exe;C:\Program Files\DVDVideoSoft;Win32.Sector.28480;Wyleczony.; UNWISE.EXE;C:\Program Files\DVDVideoSoft;Win32.HLLP.Jeefo.36352;Wyleczony.; FreeAudioCDBurner.exe;C:\Program Files\DVDVideoSoft\Free Audio CD Burner;Win32.HLLP.Jeefo.36352;Wyleczony.; FreeAudioCDBurner.exe;C:\Program Files\DVDVideoSoft\Free Audio CD Burner;Win32.Sector.28480;Wyleczony.; unins000.exe;C:\Program Files\DVDVideoSoft\Free Audio CD Burner;Win32.HLLP.Jeefo.36352;Wyleczony.; FreeYouTubeToMP3Converter.exe;C:\Program Files\DVDVideoSoft\Free YouTube to MP3 Converter;Win32.HLLP.Jeefo.36352;Wyleczony.; FreeYouTubeToMP3Converter.exe;C:\Program Files\DVDVideoSoft\Free YouTube to MP3 Converter;Win32.Sector.28480;Wyleczony.; unins000.exe;C:\Program Files\DVDVideoSoft\Free YouTube to MP3 Converter;Win32.HLLP.Jeefo.36352;Wyleczony.; br.exe;C:\Program Files\Enigma Software Group\SpyHunter;Win32.HLLP.Jeefo.36352;Wyleczony.; ESGRKCHK.exe;C:\Program Files\Enigma Software Group\SpyHunter;Win32.HLLP.Jeefo.36352;Wyleczony.; SpyHunter3.exe;C:\Program Files\Enigma Software Group\SpyHunter;Win32.HLLP.Jeefo.36352;Wyleczony.; Uninstall.exe;C:\Program Files\Enigma Software Group\SpyHunter;Win32.HLLP.Jeefo.36352;Wyleczony.; ettercap.exe;C:\Program Files\EttercapNG;Win32.HLLP.Jeefo.36352;Wyleczony.; save2pc_light.exe;C:\Program Files\FDRLab\save2pc;Win32.Sector.28480;Wyleczony.; unins000.exe;C:\Program Files\FDRLab\save2pc;Win32.HLLP.Jeefo.36352;Wyleczony.; xvid.exe;C:\Program Files\FDRLab\save2pc;Win32.HLLP.Jeefo.36352;Wyleczony.; fdm.exe;C:\Program Files\Free Download Manager;Win32.HLLP.Jeefo.36352;Wyleczony.; fdm.exe;C:\Program Files\Free Download Manager;Win32.Sector.28480;Wyleczony.; fdmwi.exe;C:\Program Files\Free Download Manager;Win32.Sector.28480;Wyleczony.; unins000.exe;C:\Program Files\Free Download Manager;Win32.HLLP.Jeefo.36352;Wyleczony.; Updater.exe;C:\Program Files\Free Download Manager;Win32.Sector.28480;Wyleczony.; FormatFactory.exe;C:\Program Files\FreeTime\FormatFactory;Win32.Sector.28480;Wyleczony.; ffmpeg.exe;C:\Program Files\FreeTime\FormatFactory\FFModules;Win32.Sector.28480;Wyleczony.; mencoder.exe;C:\Program Files\FreeTime\FormatFactory\FFModules;Win32.Sector.28480;Wyleczony.; mkvmerge.exe;C:\Program Files\FreeTime\FormatFactory\FFModules;Win32.Sector.28480;Wyleczony.; mplayer.exe;C:\Program Files\FreeTime\FormatFactory\FFModules;Win32.Sector.28480;Wyleczony.; RMEncoder.exe;C:\Program Files\FreeTime\FormatFactory\FFModules;Win32.Sector.28480;Wyleczony.; timidity.exe;C:\Program Files\FreeTime\FormatFactory\FFModules;Win32.Sector.28480;Wyleczony.; gg.exe;C:\Program Files\Gadu-Gadu 10;Win32.HLLP.Jeefo.36352;Wyleczony.; install_flash_player.exe;C:\Program Files\Gadu-Gadu 10;Win32.HLLP.Jeefo.36352;Wyleczony.; open-fm.exe;C:\Program Files\Gadu-Gadu 10;Win32.HLLP.Jeefo.36352;Wyleczony.; Uninstall.exe;C:\Program Files\Gadu-Gadu 10;Win32.HLLP.Jeefo.36352;Wyleczony.; Aphex.exe;C:\Program Files\GameSpy Arcade;Win32.HLLP.Jeefo.36352;Wyleczony.; Aphex.exe;C:\Program Files\GameSpy Arcade;Win32.Sector.28480;Wyleczony.; fpupdate.exe;C:\Program Files\GameSpy Arcade;Win32.Sector.28480;Wyleczony.; GSAPak.exe;C:\Program Files\GameSpy Arcade;Win32.Sector.28480;Wyleczony.; RptCrash.exe;C:\Program Files\GameSpy Arcade;Win32.HLLP.Jeefo.36352;Wyleczony.; UNWISE.EXE;C:\Program Files\GameSpy Arcade;Win32.HLLP.Jeefo.36352;Wyleczony.; RWVoice.exe;C:\Program Files\GameSpy Arcade\Services\_common;Win32.HLLP.Jeefo.36352;Wyleczony.; RWVoice.exe;C:\Program Files\GameSpy Arcade\Services\_common;Win32.Sector.28480;Wyleczony.; billiards.exe;C:\Program Files\Ganymede;Win32.HLLP.Jeefo.36352;Wyleczony.; billiards_uninstall.exe;C:\Program Files\Ganymede;Win32.HLLP.Jeefo.36352;Wyleczony.; dmon.exe;C:\Program Files\GiPo@Utilities\FileUtilities.3;Win32.HLLP.Jeefo.36352;Wyleczony.; fumgr.exe;C:\Program Files\GiPo@Utilities\FileUtilities.3;Win32.HLLP.Jeefo.36352;Wyleczony.; hlink.exe;C:\Program Files\GiPo@Utilities\FileUtilities.3;Win32.HLLP.Jeefo.36352;Wyleczony.; mboot.exe;C:\Program Files\GiPo@Utilities\FileUtilities.3;Win32.HLLP.Jeefo.36352;Wyleczony.; mount.exe;C:\Program Files\GiPo@Utilities\FileUtilities.3;Win32.HLLP.Jeefo.36352;Wyleczony.; mount.exe;C:\Program Files\GiPo@Utilities\FileUtilities.3;Win32.Sector.28480;Wyleczony.; rtest.exe;C:\Program Files\GiPo@Utilities\FileUtilities.3;Win32.HLLP.Jeefo.36352;Wyleczony.; GoogleToolbarUser_32.exe;C:\Program Files\Google\Google Toolbar;Win32.HLLP.Jeefo.36352;Wyleczony.; GoogleToolbarUser_32_7397BBD21492BAA9.exe;C:\Program Files\Google\Google Toolbar\Component;Win32.HLLP.Jeefo.36352;Wyleczony.; GoogleCrashHandler.exe;C:\Program Files\Google\Update\1.2.183.23;Win32.HLLP.Jeefo.36352;Wyleczony.; GoogleUpdate.exe;C:\Program Files\Google\Update\1.2.183.23;Win32.HLLP.Jeefo.36352;Wyleczony.; hlsw.exe;C:\Program Files\HLSW;Win32.Sector.28480;Wyleczony.; uninst.exe;C:\Program Files\HooTech\WAV_MP3;Win32.Sector.28480;Wyleczony.; WAV_MP3.exe;C:\Program Files\HooTech\WAV_MP3;Win32.HLLP.Jeefo.36352;Wyleczony.; WAV_MP3.exe;C:\Program Files\HooTech\WAV_MP3;Win32.Sector.28480;Wyleczony.; aptmp.exe;C:\Program Files\Illusion Softworks\Hidden & Dangerous 2;Win32.HLLP.Jeefo.36352;Wyleczony.; Autopatching.exe;C:\Program Files\Illusion Softworks\Hidden & Dangerous 2;Win32.HLLP.Jeefo.36352;Wyleczony.; hd2.exe;C:\Program Files\Illusion Softworks\Hidden & Dangerous 2;Win32.HLLP.Jeefo.36352;Wyleczony.; hd2.exe;C:\Program Files\Illusion Softworks\Hidden & Dangerous 2;Win32.Sector.28480;Wyleczony.; HD2DS.exe;C:\Program Files\Illusion Softworks\Hidden & Dangerous 2;Win32.HLLP.Jeefo.36352;Wyleczony.; patch-uninst.exe;C:\Program Files\Illusion Softworks\Hidden & Dangerous 2;Win32.Sector.28480;Wyleczony.; ServerLauncher.exe;C:\Program Files\Illusion Softworks\Hidden & Dangerous 2;Win32.HLLP.Jeefo.36352;Wyleczony.; setup.exe;C:\Program Files\Illusion Softworks\Hidden & Dangerous 2;Win32.HLLP.Jeefo.36352;Wyleczony.; setup.exe;C:\Program Files\Illusion Softworks\Hidden & Dangerous 2;Win32.Sector.28480;Wyleczony.; Setup.exe;C:\Program Files\InstallShield Installation Information\{0DEA94ED-915A-4834-A87E-388D012C8E02};Win32.Sector.28480;Wyleczony.; ISAdmin.exe;C:\Program Files\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387};Win32.HLLP.Jeefo.36352;Wyleczony.; ISAdmin.exe;C:\Program Files\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387};Win32.Sector.28480;Wyleczony.; setup.exe;C:\Program Files\InstallShield Installation Information\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9};Win32.HLLP.Jeefo.36352;Wyleczony.; setup.exe;C:\Program Files\InstallShield Installation Information\{AF9DF4B7-5BDE-42F5-94EF-53311B55566B};Win32.HLLP.Jeefo.36352;Wyleczony.; setup.exe;C:\Program Files\InstallShield Installation Information\{EB1B8449-CD8F-485B-ADB6-02FBCFE180D3};Win32.HLLP.Jeefo.36352;Wyleczony.; Setup.exe;C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E};Win32.HLLP.Jeefo.36352;Wyleczony.; Setup.exe;C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E};Win32.Sector.28480;Wyleczony.; ipla.exe;C:\Program Files\ipla;Win32.HLLP.Jeefo.36352;Wyleczony.; uninst.exe;C:\Program Files\ipla;Win32.HLLP.Jeefo.36352;Wyleczony.; iv_uninstall.exe;C:\Program Files\IrfanView;Win32.Sector.28480;Wyleczony.; javaw.exe;C:\Program Files\Java\jre6\bin;Win32.HLLP.Jeefo.36352;Wyleczony.; javaws.exe;C:\Program Files\Java\jre6\bin;Win32.HLLP.Jeefo.36352;Wyleczony.; jucheck.exe;C:\Program Files\Java\jre6\bin;Win32.HLLP.Jeefo.36352;Wyleczony.; jusched.exe;C:\Program Files\Java\jre6\bin;Win32.HLLP.Jeefo.36352;Wyleczony.; klist.exe;C:\Program Files\Java\jre6\bin;Win32.Sector.28480;Wyleczony.; unins000.exe;C:\Program Files\K-Lite Codec Pack;Win32.HLLP.Jeefo.36352;Wyleczony.; gdsmux.exe;C:\Program Files\K-Lite Codec Pack\Filters\Haali;Win32.HLLP.Jeefo.36352;Wyleczony.; mplayerc.exe;C:\Program Files\K-Lite Codec Pack\Media Player Classic;Win32.HLLP.Jeefo.36352;Wyleczony.; mplayerc.exe;C:\Program Files\K-Lite Codec Pack\Media Player Classic;Win32.Sector.28480;Wyleczony.; CodecTweakTool.exe;C:\Program Files\K-Lite Codec Pack\Tools;Win32.HLLP.Jeefo.36352;Wyleczony.; dsconfig.exe;C:\Program Files\K-Lite Codec Pack\Tools;Win32.HLLP.Jeefo.36352;Wyleczony.; graphstudio.exe;C:\Program Files\K-Lite Codec Pack\Tools;Win32.HLLP.Jeefo.36352;Wyleczony.; mediainfo.exe;C:\Program Files\K-Lite Codec Pack\Tools;Win32.HLLP.Jeefo.36352;Wyleczony.; StatsReader.exe;C:\Program Files\K-Lite Codec Pack\Tools;Win32.Sector.28480;Wyleczony.; VobSubStrip.exe;C:\Program Files\K-Lite Codec Pack\Tools;Win32.Sector.28480;Wyleczony.; gspot.exe;C:\Program Files\K-Lite Codec Pack\Tools\gspot;Win32.HLLP.Jeefo.36352;Wyleczony.; SMAC.exe;C:\Program Files\KLC\SMAC;Win32.HLLP.Jeefo.36352;Wyleczony.; SMAC.exe;C:\Program Files\KLC\SMAC;Win32.Sector.28480;Wyleczony.; UNWISE.EXE;C:\Program Files\KLC\SMAC;Win32.HLLP.Jeefo.36352;Wyleczony.; UNWISE.EXE;C:\Program Files\KLC\SMAC;Win32.Sector.28480;Wyleczony.; hamachi-2-ui.exe;C:\Program Files\LogMeIn Hamachi;Win32.HLLP.Jeefo.36352;Wyleczony.; MailShare.exe;C:\Program Files\MailShare;Win32.HLLP.Jeefo.36352;Wyleczony.; MailShare_update.exe;C:\Program Files\MailShare;Win32.HLLP.Jeefo.36352;Wyleczony.; unins001.exe;C:\Program Files\MailShare;Win32.HLLP.Jeefo.36352;Wyleczony.; updater.exe;C:\Program Files\MailShare;Win32.HLLP.Jeefo.36352;Wyleczony.; mbam.exe;C:\Program Files\Malwarebytes' Anti-Malware;Win32.HLLP.Jeefo.36352;Wyleczony.; mbamgui.exe;C:\Program Files\Malwarebytes' Anti-Malware;Win32.HLLP.Jeefo.36352;Wyleczony.; unins000.exe;C:\Program Files\Malwarebytes' Anti-Malware;Win32.HLLP.Jeefo.36352;Wyleczony.; age2_x1.exe;C:\Program Files\Microsoft Games\Age of Empires II;Win32.HLLP.Jeefo.36352;Wyleczony.; empires2.exe;C:\Program Files\Microsoft Games\Age of Empires II;Win32.HLLP.Jeefo.36352;Wyleczony.; mythxpak.exe;C:\Program Files\Microsoft Games\Age of Empires II;Win32.Sector.28480;Wyleczony.; SETUPREG.EXE;C:\Program Files\Microsoft Games\Age of Empires II;Win32.Sector.28480;Wyleczony.; closedpw.exe;C:\Program Files\Microsoft Games\Age of Empires II\Data;Win32.Sector.28480;Wyleczony.; sllauncher.exe;C:\Program Files\Microsoft Silverlight;Win32.HLLP.Jeefo.36352;Wyleczony.; Silverlight.Configuration.exe;C:\Program Files\Microsoft Silverlight\3.0.40624.0;Win32.HLLP.Jeefo.36352;Wyleczony.; MoorHunt.exe;C:\Program Files\MoorHunt;Win32.HLLP.Jeefo.36352;Wyleczony.; MoorHunt_setup.exe;C:\Program Files\MoorHunt;Win32.HLLP.Jeefo.36352;Wyleczony.; unins000.exe;C:\Program Files\MoorHunt;Win32.HLLP.Jeefo.36352;Wyleczony.; cap.exe;C:\Program Files\MoorHunt\components\Caps;Win32.HLLP.Jeefo.36352;Wyleczony.; convert.exe;C:\Program Files\MoorHunt\components\Caps;Win32.Sector.28480;Wyleczony.; DuriE-Me-0.3.9.2PL.exe;C:\Program Files\MoorHunt\Durie;Win32.HLLP.Jeefo.36352;Wyleczony.; MBM5.exe;C:\Program Files\Motherboard Monitor 5;Win32.HLLP.Jeefo.36352;Wyleczony.; MBMWiz.exe;C:\Program Files\Motherboard Monitor 5;Win32.Sector.28480;Wyleczony.; MBM5HU.exe;C:\Program Files\Motherboard Monitor 5\Heat up;Win32.Sector.28480;Wyleczony.; mbm5msg.exe;C:\Program Files\Motherboard Monitor 5\Misc;Win32.Sector.28480;Wyleczony.; MBM5ST.exe;C:\Program Files\Motherboard Monitor 5\Misc;Win32.Sector.28480;Wyleczony.; wm_close.exe;C:\Program Files\Motherboard Monitor 5\Misc;Win32.Sector.28480;Wyleczony.; crashreporter.exe;C:\Program Files\Mozilla Firefox;Win32.HLLP.Jeefo.36352;Wyleczony.; firefox.exe;C:\Program Files\Mozilla Firefox;Win32.HLLP.Jeefo.36352;Wyleczony.; updater.exe;C:\Program Files\Mozilla Firefox;Win32.HLLP.Jeefo.36352;Wyleczony.; helper.exe;C:\Program Files\Mozilla Firefox\uninstall;Win32.HLLP.Jeefo.36352;Wyleczony.; crashreporter.exe;C:\Program Files\Mozilla Firefox 3.6 Beta 1;Win32.HLLP.Jeefo.36352;Wyleczony.; firefox.exe;C:\Program Files\Mozilla Firefox 3.6 Beta 1;Win32.HLLP.Jeefo.36352;Wyleczony.; updater.exe;C:\Program Files\Mozilla Firefox 3.6 Beta 1;Win32.HLLP.Jeefo.36352;Wyleczony.; helper.exe;C:\Program Files\Mozilla Firefox 3.6 Beta 1\uninstall;Win32.HLLP.Jeefo.36352;Wyleczony.; crashreporter.exe;C:\Program Files\Mozilla Firefox1;Win32.HLLP.Jeefo.36352;Wyleczony.; firefox.exe;C:\Program Files\Mozilla Firefox1;Win32.HLLP.Jeefo.36352;Wyleczony.; updater.exe;C:\Program Files\Mozilla Firefox1;Win32.HLLP.Jeefo.36352;Wyleczony.; helper.exe;C:\Program Files\Mozilla Firefox1\uninstall;Win32.HLLP.Jeefo.36352;Wyleczony.; napisy.exe;C:\Program Files\NAPI-PROJEKT;Win32.Sector.28480;Wyleczony.; unins000.exe;C:\Program Files\NAPI-PROJEKT;Win32.HLLP.Jeefo.36352;Wyleczony.; 7z.exe;C:\Program Files\nLite;Win32.Sector.28480;Wyleczony.; nLite.exe;C:\Program Files\nLite;Win32.HLLP.Jeefo.36352;Wyleczony.; unins000.exe;C:\Program Files\nLite;Win32.HLLP.Jeefo.36352;Wyleczony.; Uninstall.exe;C:\Program Files\Overlook Fing 1.3;Win32.HLLP.Jeefo.36352;Wyleczony.; fing.exe;C:\Program Files\Overlook Fing 1.3\bin;Win32.Sector.28480;Wyleczony.; razercfg.exe;C:\Program Files\Razer\DeathAdder;Win32.HLLP.Jeefo.36352;Wyleczony.; razerhid.exe;C:\Program Files\Razer\DeathAdder;Win32.Sector.28480;Wyleczony.; DPInst.exe;C:\Program Files\Razer\DeathAdder\cyUSB\vista32;Win32.HLLP.Jeefo.36352;Wyleczony.; DPInst.exe;C:\Program Files\Razer\DeathAdder\cyUSB\win732;Win32.HLLP.Jeefo.36352;Wyleczony.; DPInst.exe;C:\Program Files\Razer\DeathAdder\cyUSB\xp32;Win32.HLLP.Jeefo.36352;Wyleczony.; diunins.exe;C:\Program Files\Razer\DeathAdder\Driver;Win32.Sector.28480;Wyleczony.; DPInst.exe;C:\Program Files\Razer\DeathAdder\Driver;Win32.HLLP.Jeefo.36352;Wyleczony.; DPInst.exe;C:\Program Files\Razer\DeathAdder\Driver\vista;Win32.HLLP.Jeefo.36352;Wyleczony.; DPInst.exe;C:\Program Files\Razer\DeathAdder\Driver\Win7;Win32.HLLP.Jeefo.36352;Wyleczony.; DPInst.exe;C:\Program Files\Razer\DeathAdder\DriverN;Win32.HLLP.Jeefo.36352;Wyleczony.; DPInst.exe;C:\Program Files\Razer\DeathAdder\DriverN\vista;Win32.HLLP.Jeefo.36352;Wyleczony.; DPInst.exe;C:\Program Files\Razer\DeathAdder\DriverN\Win7;Win32.HLLP.Jeefo.36352;Wyleczony.; mpclauncher.exe;C:\Program Files\Real Alternative;Win32.HLLP.Jeefo.36352;Wyleczony.; settings.exe;C:\Program Files\Real Alternative;Win32.HLLP.Jeefo.36352;Wyleczony.; unins000.exe;C:\Program Files\Real Alternative;Win32.HLLP.Jeefo.36352;Wyleczony.; mplayerc.exe;C:\Program Files\Real Alternative\Media Player Classic;Win32.HLLP.Jeefo.36352;Wyleczony.; upgrdhlp.exe;C:\Program Files\Real Alternative\Update_OB;Win32.HLLP.Jeefo.36352;Wyleczony.; SIGSPat.exe;C:\Program Files\Sierra On-Line;Win32.HLLP.Jeefo.36352;Wyleczony.; skypePM.exe;C:\Program Files\Skype\Plugin Manager;Win32.Sector.28480;Wyleczony.; SkypeNames.exe;C:\Program Files\Skype\Toolbars\Shared;Win32.HLLP.Jeefo.36352;Wyleczony.; softinfo.exe;C:\Program Files\Software Informer;Win32.HLLP.Jeefo.36352;Wyleczony.; softinfo.exe;C:\Program Files\Software Informer;Win32.Sector.28480;Wyleczony.; unins000.exe;C:\Program Files\Software Informer;Win32.HLLP.Jeefo.36352;Wyleczony.; VegSrv80.exe;C:\Program Files\Sony\Vegas Pro 8.0;Win32.HLLP.Jeefo.36352;Wyleczony.; AvqBTEnum.exe;C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite;Win32.Sector.28480;Wyleczony.; PC Suite log.exe;C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite;Win32.HLLP.Jeefo.36352;Wyleczony.; SEPCSuite.exe;C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite;Win32.HLLP.Jeefo.36352;Wyleczony.; SEPCSuite.exe;C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite;Win32.Sector.28480;Wyleczony.; TMonitor.exe;C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite;Win32.Sector.28480;Wyleczony.; DPInst.exe;C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\Drivers;Win32.HLLP.Jeefo.36352;Wyleczony.; SopCast.exe;C:\Program Files\SopCast;Win32.HLLP.Jeefo.36352;Wyleczony.; SopCast.exe;C:\Program Files\SopCast;Win32.Sector.28480;Wyleczony.; StreamServer.exe;C:\Program Files\SopCast\StreamServer;Win32.HLLP.Jeefo.36352;Wyleczony.; SopChecker.exe;C:\Program Files\SopCast\update;Win32.HLLP.Jeefo.36352;Wyleczony.; UNZIP.EXE;C:\Program Files\SopCast\update;Win32.Sector.28480;Wyleczony.; subedit.exe;C:\Program Files\SubEdit-Player;Win32.HLLP.Jeefo.36352;Wyleczony.; subedit.exe;C:\Program Files\SubEdit-Player;Win32.Sector.28480;Wyleczony.; unins000.exe;C:\Program Files\SubEdit-Player;Win32.HLLP.Jeefo.36352;Wyleczony.; TC UP.exe;C:\Program Files\TC UP;Win32.Sector.28480;Wyleczony.; TCMADMIN.EXE;C:\Program Files\TC UP;Win32.Sector.28480;Wyleczony.; TOTALCMD.EXE;C:\Program Files\TC UP;Win32.HLLP.Jeefo.36352;Wyleczony.; un_TC UP.exe;C:\Program Files\TC UP;Win32.HLLP.Jeefo.36352;Wyleczony.; WBX.exe;C:\Program Files\TC UP;Win32.Sector.28480;Wyleczony.; HxD.exe;C:\Program Files\TC UP\CONFIG\CHS\CHS;Win32.HLLP.Jeefo.36352;Wyleczony.; HxD.exe;C:\Program Files\TC UP\CONFIG\DEU\DEU;Win32.HLLP.Jeefo.36352;Wyleczony.; HxD.exe;C:\Program Files\TC UP\CONFIG\DUT\DUT;Win32.HLLP.Jeefo.36352;Wyleczony.; HxD.exe;C:\Program Files\TC UP\CONFIG\ENG\ENG;Win32.HLLP.Jeefo.36352;Wyleczony.; HxD.exe;C:\Program Files\TC UP\CONFIG\ESP\ESP;Win32.HLLP.Jeefo.36352;Wyleczony.; HxD.exe;C:\Program Files\TC UP\CONFIG\FRA\FRA;Win32.HLLP.Jeefo.36352;Wyleczony.; HxD.exe;C:\Program Files\TC UP\CONFIG\HUN\HUN;Win32.HLLP.Jeefo.36352;Wyleczony.; HxD.exe;C:\Program Files\TC UP\CONFIG\ITA\ITA;Win32.HLLP.Jeefo.36352;Wyleczony.; HxD.exe;C:\Program Files\TC UP\CONFIG\NOR\NOR;Win32.HLLP.Jeefo.36352;Wyleczony.; HxD.exe;C:\Program Files\TC UP\CONFIG\POL\POL;Win32.HLLP.Jeefo.36352;Wyleczony.; HxD.exe;C:\Program Files\TC UP\CONFIG\ROM\ROM;Win32.HLLP.Jeefo.36352;Wyleczony.; HxD.exe;C:\Program Files\TC UP\CONFIG\RUS\RUS;Win32.HLLP.Jeefo.36352;Wyleczony.; HxD.exe;C:\Program Files\TC UP\CONFIG\SVK\SVK;Win32.HLLP.Jeefo.36352;Wyleczony.; HxD.exe;C:\Program Files\TC UP\CONFIG\SWE\SWE;Win32.HLLP.Jeefo.36352;Wyleczony.; HxD.exe;C:\Program Files\TC UP\CONFIG\TUR\TUR;Win32.HLLP.Jeefo.36352;Wyleczony.; AIMP2.exe;C:\Program Files\TC UP\PLUGINS\Media\AIMP;Win32.HLLP.Jeefo.36352;Wyleczony.; AIMP2c.exe;C:\Program Files\TC UP\PLUGINS\Media\AIMP;Win32.HLLP.Jeefo.36352;Wyleczony.; AIMP2r.exe;C:\Program Files\TC UP\PLUGINS\Media\AIMP;Win32.HLLP.Jeefo.36352;Wyleczony.; AIMP2t.exe;C:\Program Files\TC UP\PLUGINS\Media\AIMP;Win32.HLLP.Jeefo.36352;Wyleczony.; faac.exe;C:\Program Files\TC UP\PLUGINS\Media\AIMP\Encoders;Win32.Sector.28480;Wyleczony.; flac.exe;C:\Program Files\TC UP\PLUGINS\Media\AIMP\Encoders;Win32.Sector.28480;Wyleczony.; lame.exe;C:\Program Files\TC UP\PLUGINS\Media\AIMP\Encoders;Win32.Sector.28480;Wyleczony.; mppenc.exe;C:\Program Files\TC UP\PLUGINS\Media\AIMP\Encoders;Win32.Sector.28480;Wyleczony.; oggenc.exe;C:\Program Files\TC UP\PLUGINS\Media\AIMP\Encoders;Win32.Sector.28480;Wyleczony.; AngelWriter.exe;C:\Program Files\TC UP\PLUGINS\Media\AngelWriter;Win32.HLLP.Jeefo.36352;Wyleczony.; AMCReport.exe;C:\Program Files\TC UP\PLUGINS\Media\AntMovieCatalog;Win32.HLLP.Jeefo.36352;Wyleczony.; MovieCatalog.exe;C:\Program Files\TC UP\PLUGINS\Media\AntMovieCatalog;Win32.HLLP.Jeefo.36352;Wyleczony.; Artweaver.exe;C:\Program Files\TC UP\PLUGINS\Media\Artweaver;Win32.Sector.28480;Wyleczony.; fdm.exe;C:\Program Files\TC UP\PLUGINS\Media\FreeDownloadManager;Win32.HLLP.Jeefo.36352;Wyleczony.; fdmwi.exe;C:\Program Files\TC UP\PLUGINS\Media\FreeDownloadManager;Win32.Sector.28480;Wyleczony.; Updater.exe;C:\Program Files\TC UP\PLUGINS\Media\FreeDownloadManager;Win32.Sector.28480;Wyleczony.; hasla.exe;C:\Program Files\TC UP\PLUGINS\Media\Hasla;Win32.HLLP.Jeefo.36352;Wyleczony.; hasla.exe;C:\Program Files\TC UP\PLUGINS\Media\Hasla;Win32.Sector.28480;Wyleczony.; HateML.exe;C:\Program Files\TC UP\PLUGINS\Media\HateML;Win32.Sector.28480;Wyleczony.; hexelon.exe;C:\Program Files\TC UP\PLUGINS\Media\HEXelon;Win32.Sector.28480;Wyleczony.; hexwork.exe;C:\Program Files\TC UP\PLUGINS\Media\HEXelon\bin;Win32.HLLP.Jeefo.36352;Wyleczony.; HxD.exe;C:\Program Files\TC UP\PLUGINS\Media\HxD;Win32.HLLP.Jeefo.36352;Wyleczony.; IcoFX.exe;C:\Program Files\TC UP\PLUGINS\Media\IcoFX;Win32.HLLP.Jeefo.36352;Wyleczony.; ckEffects.exe;C:\Program Files\TC UP\PLUGINS\Media\InfraRecorder;Win32.HLLP.Jeefo.36352;Wyleczony.; InfraRecorder.exe;C:\Program Files\TC UP\PLUGINS\Media\InfraRecorder;Win32.Sector.28480;Wyleczony.; inkscape.exe;C:\Program Files\TC UP\PLUGINS\Media\Inkscape;Win32.HLLP.Jeefo.36352;Wyleczony.; inkview.exe;C:\Program Files\TC UP\PLUGINS\Media\Inkscape;Win32.HLLP.Jeefo.36352;Wyleczony.; python.exe;C:\Program Files\TC UP\PLUGINS\Media\Inkscape\python;Win32.Sector.28480;Wyleczony.; pythonw.exe;C:\Program Files\TC UP\PLUGINS\Media\Inkscape\python;Win32.Sector.28480;Wyleczony.; wininst-6.exe;C:\Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\distutils\command;Win32.Sector.28480;Wyleczony.; wininst-7.1.exe;C:\Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\distutils\command;Win32.Sector.28480;Wyleczony.; dbtoolSA (unicode).exe;C:\Program Files\TC UP\PLUGINS\Media\MirandaIM;Win32.HLLP.Jeefo.36352;Wyleczony.; notepad++.exe;C:\Program Files\TC UP\PLUGINS\Media\Notepad++;Win32.HLLP.Jeefo.36352;Wyleczony.; OperaUSB.exe;C:\Program Files\TC UP\PLUGINS\Media\OperaUSB;Win32.HLLP.Jeefo.36352;Wyleczony.; poweroffcz.exe;C:\Program Files\TC UP\PLUGINS\Media\Poweroff;Win32.Sector.28480;Wyleczony.; poweroffen.exe;C:\Program Files\TC UP\PLUGINS\Media\Poweroff;Win32.Sector.28480;Wyleczony.; Poweroffpl.exe;C:\Program Files\TC UP\PLUGINS\Media\Poweroff;Win32.Sector.28480;Wyleczony.; poweroffsk.exe;C:\Program Files\TC UP\PLUGINS\Media\Poweroff;Win32.Sector.28480;Wyleczony.; Recuva.exe;C:\Program Files\TC UP\PLUGINS\Media\Recuva;Win32.HLLP.Jeefo.36352;Wyleczony.; siMail.exe;C:\Program Files\TC UP\PLUGINS\Media\SiMail;Win32.Sector.28480;Wyleczony.; siw.exe;C:\Program Files\TC UP\PLUGINS\Media\SIW;Win32.HLLP.Jeefo.36352;Wyleczony.; SubtitleWorkshop.exe;C:\Program Files\TC UP\PLUGINS\Media\SubtitleWorkshop;Win32.HLLP.Jeefo.36352;Wyleczony.; SumatraPDF.exe;C:\Program Files\TC UP\PLUGINS\Media\SumatraPDF;Win32.HLLP.Jeefo.36352;Wyleczony.; SystemExplorer.exe;C:\Program Files\TC UP\PLUGINS\Media\SystemExplorer;Win32.HLLP.Jeefo.36352;Wyleczony.; KMPlayer.exe;C:\Program Files\TC UP\PLUGINS\Media\TheKMPlayer;Win32.Sector.28480;Wyleczony.; UniExtract.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor;Win32.HLLP.Jeefo.36352;Wyleczony.; 7z.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; arc.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; AspackDie.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; bin2iso.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; cdirip.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; clit.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; Expander.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.HLLP.Jeefo.36352;Wyleczony.; EXTRACT.EXE;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; extractMHT.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.HLLP.Jeefo.36352;Wyleczony.; E_WISE_W.EXE;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; i3comp.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; i5comp.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; i6comp.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; IsXunpack.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; kgb_arch_decompress.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.HLLP.Jeefo.36352;Wyleczony.; lzma.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; lzop.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; msi2xml.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; nrg2iso.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; pea.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.HLLP.Jeefo.36352;Wyleczony.; PEiD.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.HLLP.Jeefo.36352;Wyleczony.; RAIU.EXE;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; tee.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; trid.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; UnRAR.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; UNUHARC06.EXE;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; unzip.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; upx.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; WUN.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; xace.exe;C:\Program Files\TC UP\PLUGINS\Media\UniversalExtractor\bin;Win32.Sector.28480;Wyleczony.; Unlocker.exe;C:\Program Files\TC UP\PLUGINS\Media\Unlocker;Win32.HLLP.Jeefo.36352;Wyleczony.; Unlocker.exe;C:\Program Files\TC UP\PLUGINS\Media\Unlocker;Win32.Sector.28480;Wyleczony.; utorrent.exe;C:\Program Files\TC UP\PLUGINS\Media\uTorrent;Win32.HLLP.Jeefo.36352;Wyleczony.; auxsetup.exe;C:\Program Files\TC UP\PLUGINS\Media\VirtualDub;Win32.Sector.28480;Wyleczony.; vdub.exe;C:\Program Files\TC UP\PLUGINS\Media\VirtualDub;Win32.Sector.28480;Wyleczony.; VirtualDub.exe;C:\Program Files\TC UP\PLUGINS\Media\VirtualDub;Win32.HLLP.Jeefo.36352;Wyleczony.; Wavosaur.exe;C:\Program Files\TC UP\PLUGINS\Media\Wavosaur;Win32.HLLP.Jeefo.36352;Wyleczony.; WinContig.exe;C:\Program Files\TC UP\PLUGINS\Media\WinContig;Win32.HLLP.Jeefo.36352;Wyleczony.; WinMergeU.exe;C:\Program Files\TC UP\PLUGINS\Media\WinMerge;Win32.Sector.28480;Wyleczony.; xnview.exe;C:\Program Files\TC UP\PLUGINS\Media\XnView;Win32.HLLP.Jeefo.36352;Wyleczony.; slide.exe;C:\Program Files\TC UP\PLUGINS\Media\XnView\Plugins;Win32.HLLP.Jeefo.36352;Wyleczony.; ColSel.exe;C:\Program Files\TC UP\PLUGINS\Tools\ColSel;Win32.Sector.28480;Wyleczony.; hfs.exe;C:\Program Files\TC UP\PLUGINS\Tools\HFS;Win32.HLLP.Jeefo.36352;Wyleczony.; OpenFileTC.exe;C:\Program Files\TC UP\PLUGINS\Tools\OpenFileTC;Win32.HLLP.Jeefo.36352;Wyleczony.; putty.exe;C:\Program Files\TC UP\PLUGINS\Tools\Putty;Win32.HLLP.Jeefo.36352;Wyleczony.; StatBar.exe;C:\Program Files\TC UP\PLUGINS\Tools\StatBar;Win32.HLLP.Jeefo.36352;Wyleczony.; Tail.exe;C:\Program Files\TC UP\PLUGINS\Tools\TailforWin32;Win32.HLLP.Jeefo.36352;Wyleczony.; Tailcz.exe;C:\Program Files\TC UP\PLUGINS\Tools\TailforWin32;Win32.HLLP.Jeefo.36352;Wyleczony.; TCUPIntegrator.exe;C:\Program Files\TC UP\PLUGINS\Tools\TCUPIntegrator;Win32.HLLP.Jeefo.36352;Wyleczony.; TCUPNew.exe;C:\Program Files\TC UP\PLUGINS\Tools\TCUPNew;Win32.HLLP.Jeefo.36352;Wyleczony.; TCUPULTIMATE.exe;C:\Program Files\TC UP\PLUGINS\Tools\TCUPULTIMATE;Win32.HLLP.Jeefo.36352;Wyleczony.; vncviewer.exe;C:\Program Files\TC UP\PLUGINS\Tools\TightVNC;Win32.HLLP.Jeefo.36352;Wyleczony.; WinVNC.exe;C:\Program Files\TC UP\PLUGINS\Tools\TightVNC;Win32.Sector.28480;Wyleczony.; XnConvert.exe;C:\Program Files\TC UP\PLUGINS\Tools\XnConvert;Win32.HLLP.Jeefo.36352;Wyleczony.; XNResourceEditor.exe;C:\Program Files\TC UP\PLUGINS\Tools\XNResourceEditor;Win32.HLLP.Jeefo.36352;Wyleczony.; AMRCon.exe;C:\Program Files\TC UP\PLUGINS\wcx\Audioconverter;Win32.Sector.28480;Wyleczony.; audioconverter.exe;C:\Program Files\TC UP\PLUGINS\wcx\Audioconverter;Win32.HLLP.Jeefo.36352;Wyleczony.; DeGlitch.exe;C:\Program Files\TC UP\PLUGINS\wcx\Audioconverter;Win32.Sector.28480;Wyleczony.; faac.exe;C:\Program Files\TC UP\PLUGINS\wcx\Audioconverter;Win32.Sector.28480;Wyleczony.; flac.exe;C:\Program Files\TC UP\PLUGINS\wcx\Audioconverter;Win32.Sector.28480;Wyleczony.; lame.exe;C:\Program Files\TC UP\PLUGINS\wcx\Audioconverter;Win32.Sector.28480;Wyleczony.; MAC.exe;C:\Program Files\TC UP\PLUGINS\wcx\Audioconverter;Win32.Sector.28480;Wyleczony.; mppenc.exe;C:\Program Files\TC UP\PLUGINS\wcx\Audioconverter;Win32.Sector.28480;Wyleczony.; neroAacEnc.exe;C:\Program Files\TC UP\PLUGINS\wcx\Audioconverter;Win32.Sector.28480;Wyleczony.; neroAacTag.exe;C:\Program Files\TC UP\PLUGINS\wcx\Audioconverter;Win32.Sector.28480;Wyleczony.; normalize.exe;C:\Program Files\TC UP\PLUGINS\wcx\Audioconverter;Win32.Sector.28480;Wyleczony.; oggenc2.exe;C:\Program Files\TC UP\PLUGINS\wcx\Audioconverter;Win32.Sector.28480;Wyleczony.; ssrc.exe;C:\Program Files\TC UP\PLUGINS\wcx\Audioconverter;Win32.Sector.28480;Wyleczony.; blat.exe;C:\Program Files\TC UP\PLUGINS\wcx\Blat;Win32.Sector.28480;Wyleczony.; CHMView.exe;C:\Program Files\TC UP\PLUGINS\wcx\CHM;Win32.Sector.28480;Wyleczony.; UnCHMw.exe;C:\Program Files\TC UP\PLUGINS\wcx\CHM;Win32.Sector.28480;Wyleczony.; wtdump.exe;C:\Program Files\TC UP\PLUGINS\wcx\CHM;Win32.Sector.28480;Wyleczony.; wtedit.exe;C:\Program Files\TC UP\PLUGINS\wcx\CHM;Win32.Sector.28480;Wyleczony.; xdc.EXE;C:\Program Files\TC UP\PLUGINS\wcx\DarkCryptTC;Win32.Sector.28480;Wyleczony.; nscopy.exe;C:\Program Files\TC UP\PLUGINS\wfx\BadCopy\nscopy;Win32.HLLP.Jeefo.36352;Wyleczony.; devcon.exe;C:\Program Files\TC UP\PLUGINS\wfx\DevMan;Win32.Sector.28480;Wyleczony.; nteview.exe;C:\Program Files\TC UP\PLUGINS\wfx\EventNT;Win32.Sector.28480;Wyleczony.; Monitor.exe;C:\Program Files\TC UP\PLUGINS\wfx\Mail;Win32.HLLP.Jeefo.36352;Wyleczony.; TCMAIL.exe;C:\Program Files\TC UP\PLUGINS\wfx\Mail;Win32.Sector.28480;Wyleczony.; Imagine.exe;C:\Program Files\TC UP\PLUGINS\wlx\Imagine;Win32.Sector.28480;Wyleczony.; TeamSpeak.exe;C:\Program Files\Teamspeak2_RC2;Win32.HLLP.Jeefo.36352;Wyleczony.; TeamSpeak.exe;C:\Program Files\Teamspeak2_RC2;Win32.Sector.28480;Wyleczony.; tsControl.exe;C:\Program Files\Teamspeak2_RC2\client_sdk;Win32.Sector.28480;Wyleczony.; install.exe;C:\Program Files\TeamViewer\Version5;Win32.Sector.28480;Wyleczony.; TeamViewer.exe;C:\Program Files\TeamViewer\Version5;Win32.HLLP.Jeefo.36352;Wyleczony.; uninstall.exe;C:\Program Files\TeamViewer\Version5;Win32.HLLP.Jeefo.36352;Wyleczony.; godfather.exe;C:\Program Files\THE GODFATHER12;Win32.HLLP.Jeefo.36352;Wyleczony.; sd4hide.exe;C:\Program Files\THE GODFATHER12;Win32.HLLP.Jeefo.36352;Wyleczony.; sd4hide.exe;C:\Program Files\THE GODFATHER12;Tool.DiskHide;Usunięty.; unins000.exe;C:\Program Files\THE GODFATHER12;Win32.HLLP.Jeefo.36352;Wyleczony.; EasyInfo.exe;C:\Program Files\THE GODFATHER12\Support;Win32.HLLP.Jeefo.36352;Wyleczony.; EReg.exe;C:\Program Files\THE GODFATHER12\Support;Win32.HLLP.Jeefo.36352;Wyleczony.; The Godfather The Game_code.exe;C:\Program Files\THE GODFATHER12\Support;Win32.HLLP.Jeefo.36352;Wyleczony.; The Godfather The Game_uninst.exe;C:\Program Files\THE GODFATHER12\Support;Win32.Sector.28480;Wyleczony.; TmForever.exe;C:\Program Files\TmNationsForever;Win32.HLLP.Jeefo.36352;Wyleczony.; TmForeverLauncher.exe;C:\Program Files\TmNationsForever;Win32.HLLP.Jeefo.36352;Wyleczony.; TmForeverLauncher.exe;C:\Program Files\TmNationsForever;Win32.Sector.28480;Wyleczony.; unins000.exe;C:\Program Files\TmNationsForever;Win32.HLLP.Jeefo.36352;Wyleczony.; SubtitleWorkshop.exe;C:\Program Files\URUSoft\Subtitle Workshop;Win32.HLLP.Jeefo.36352;Wyleczony.; SubtitleWorkshop.exe;C:\Program Files\URUSoft\Subtitle Workshop;Win32.Sector.28480;Wyleczony.; uTorrent.exe;C:\Program Files\uTorrent;Win32.HLLP.Jeefo.36352;Wyleczony.; Ventrilo.exe;C:\Program Files\Ventrilo;Win32.HLLP.Jeefo.36352;Wyleczony.; Ventrilo.exe;C:\Program Files\Ventrilo;Win32.Sector.28480;Wyleczony.; uninstall.exe;C:\Program Files\VideoLAN\VLC;Win32.HLLP.Jeefo.36352;Wyleczony.; dlimport.exe;C:\Program Files\Windows Media Player;Win32.HLLP.Jeefo.36352;Wyleczony.; dlimport.exe;C:\Program Files\Windows Media Player;Win32.Sector.28480;Wyleczony.; wmsetsdk.exe;C:\Program Files\Windows Media Player;Win32.Sector.28480;Wyleczony.; hypertrm.exe;C:\Program Files\Windows NT;Win32.Sector.28480;Wyleczony.; Rar.exe;C:\Program Files\WinRAR;Win32.Sector.28480;Wyleczony.; RarExtLoader.exe;C:\Program Files\WinRAR;Win32.Sector.28480;Wyleczony.; Uninstall.exe;C:\Program Files\WinRAR;Win32.HLLP.Jeefo.36352;Wyleczony.; Uninstall.exe;C:\Program Files\WinRAR;Win32.Sector.28480;Wyleczony.; UnRAR.exe;C:\Program Files\WinRAR;Win32.Sector.28480;Wyleczony.; WinRAR.exe;C:\Program Files\WinRAR;Win32.HLLP.Jeefo.36352;Wyleczony.; WinRAR.exe;C:\Program Files\WinRAR;Win32.Sector.28480;Wyleczony.; xfencoder.exe;C:\Program Files\Xfire;Win32.HLLP.Jeefo.36352;Wyleczony.; Xfire.exe;C:\Program Files\Xfire;Win32.HLLP.Jeefo.36352;Wyleczony.; SETUP.EXE;C:\Program Files\XLView\setup;Win32.HLLP.Jeefo.36352;Wyleczony.; Ygoow.exe;C:\Program Files\ygoow;Win32.HLLP.Jeefo.36352;Wyleczony.; FFMPEG.EXE;C:\Program Files\YouTube Downloader;Win32.Sector.28480;Wyleczony.; YouTubeDownloader.exe;C:\Program Files\YouTube Downloader;Win32.HLLP.Jeefo.36352;Wyleczony.; SaUpdate.exe.vir;C:\Qoobox\Quarantine\C\Program Files\Ask.com;Win32.HLLP.Jeefo.36352;Wyleczony.; BearShare.exe.vir;C:\Qoobox\Quarantine\C\Program Files\BearShare Applications\BearShare;Win32.HLLP.Jeefo.36352;Wyleczony.; FFPage.exe.vir;C:\Qoobox\Quarantine\C\Program Files\BearShare Applications\BearShare;Win32.HLLP.Jeefo.36352;Wyleczony.; Launcher.exe.vir;C:\Qoobox\Quarantine\C\Program Files\BearShare Applications\BearShare;Win32.HLLP.Jeefo.36352;Wyleczony.; UninstallSurvey.exe.vir;C:\Qoobox\Quarantine\C\Program Files\BearShare Applications\BearShare;Win32.HLLP.Jeefo.36352;Wyleczony.; UNWISE.EXE.vir;C:\Qoobox\Quarantine\C\Program Files\BearShare Applications\BearShare;Win32.HLLP.Jeefo.36352;Wyleczony.; UpdateInst.exe.vir;C:\Qoobox\Quarantine\C\Program Files\BearShare Applications\BearShare;Win32.HLLP.Jeefo.36352;Wyleczony.; PS.exe.vir;C:\Qoobox\Quarantine\C\Program Files\BearShare Applications\BearShare\Skins;Win32.HLLP.Jeefo.36352;Wyleczony.; uninstall.exe.vir;C:\Qoobox\Quarantine\C\Program Files\BearShareTb;Win32.HLLP.Jeefo.36352;Wyleczony.; SearchSettings.exe.vir;C:\Qoobox\Quarantine\C\Program Files\Dealio Toolbar;Win32.HLLP.Jeefo.36352;Wyleczony.; SearchSettings.exe.vir;C:\Qoobox\Quarantine\C\Program Files\Dealio Toolbar;Win32.Sector.28480;Wyleczony.; WidgiHelper.exe.vir;C:\Qoobox\Quarantine\C\Program Files\Dealio Toolbar;Win32.Sector.28480;Wyleczony.; svchost.exe.vir;C:\Qoobox\Quarantine\C\WINDOWS;Win32.HLLP.Jeefo.36352;Niewyleczalny.Usunięty.; 01.tmp.vir;C:\Qoobox\Quarantine\C\WINDOWS\system32;Win32.HLLW.Autoruner.5555;Usunięty.; 02.tmp.vir;C:\Qoobox\Quarantine\C\WINDOWS\system32;Win32.HLLW.Autoruner.5555;Usunięty.; odbcasvc.exe.vir;C:\Qoobox\Quarantine\C\WINDOWS\system32;Trojan.Uhospy;Usunięty.; vcmgcd32.dll.vir;C:\Qoobox\Quarantine\C\WINDOWS\system32;Win32.HLLP.Sector;Usunięty.; vcmgcd32.dl_.vir;C:\Qoobox\Quarantine\C\WINDOWS\system32;Win32.HLLP.Sector;Usunięty.; ALCFDRTM.EXE;C:\WINDOWS;Win32.Sector.28480;Wyleczony.; alcrmv.exe;C:\WINDOWS;Win32.HLLP.Jeefo.36352;Wyleczony.; alcrmv.exe;C:\WINDOWS;Win32.Sector.28480;Wyleczony.; alcupd.exe;C:\WINDOWS;Win32.HLLP.Jeefo.36352;Wyleczony.; alcupd.exe;C:\WINDOWS;Win32.Sector.28480;Wyleczony.; IsUninst.exe;C:\WINDOWS;Win32.HLLP.Jeefo.36352;Wyleczony.; svchost.exe;C:\WINDOWS;Win32.HLLP.Jeefo.36352;Niewyleczalny.Usunięty.; uninst.exe;C:\WINDOWS;Win32.HLLP.Jeefo.36352;Wyleczony.; uninst.exe;C:\WINDOWS;Win32.Sector.28480;Wyleczony.; unvise32.exe;C:\WINDOWS;Win32.Sector.28480;Wyleczony.; msiexec.exe;C:\WINDOWS\$MSI31Uninstall_KB893803v2$;Win32.Sector.28480;Wyleczony.; spuninst.exe;C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst;Win32.HLLP.Jeefo.36352;Wyleczony.; accwiz.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; accwiz.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; admin.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; agentsvr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; agentsvr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; ahui.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; ahui.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; alg.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; asr_fmt.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; asr_pfu.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; at.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; atmadm.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; attrib.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; auditusr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; author.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; autochk.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; autoconv.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; autofmt.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; autolfn.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; blastcln.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; bootcfg.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; cacls.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; cfgwiz.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; cfgwiz.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; cipher.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; cisvc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; cliconfg.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; clipbrd.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; clipbrd.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; clipsrv.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; cmd.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; cmdl32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; cmmon32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; cmstp.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; comrepl.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; comrereg.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; conf.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; conf.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; conime.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; cscript.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; csrss.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; ctfmon.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; davcdata.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; dcomcnfg.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; ddeshare.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; defrag.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; dfrgfat.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; dfrgfat.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; dfrgntfs.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; dfrgntfs.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; diantz.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; diskpart.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; dllhost.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; dmadmin.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; dmremote.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; dplaysvr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; dpnsvr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; dpvsetup.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; dpvsetup.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; driverquery.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; drvqry.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; dumprep.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; dvdupgrd.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; dwwin.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; dwwin.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; dxdiag.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; eudcedit.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; eudcedit.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; evcreate.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; eventcreate.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; eventtriggers.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; evntcmd.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; evntwin.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; evntwin.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; evtrig.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; explorer.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; explorer.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; extrac32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; findstr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; fltmc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; fontview.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; forcedos.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; fp98swin.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; fpadmcgi.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; fpcount.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; fpremadm.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; fsquirt.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; fsquirt.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; ftp.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; fxsclnt.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; fxsclnt.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; fxscover.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; fxscover.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; getmac.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; gpresult.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; gprslt.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; grpconv.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; help.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; helpctr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; helpctr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; helpsvc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; hh.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; hscupd.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; icwconn1.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; icwconn1.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; icwconn2.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; icwconn2.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; icwrmind.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; ie4uinit.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; iedw.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; iexplore.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; iexplore.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; iexpress.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; iexpress.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; iisrstas.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; imapi.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; inetin51.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; inetwiz.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; ipconfig.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; ipv6.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; ipxroute.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; locator.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; logagent.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; logagent.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; logman.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; logon.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; logonui.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; logonui.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; lsass.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; magnify.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; makecab.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; migload.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; migload.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; migrate.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; migrate.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; migregdb.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; migwiz.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; migwiz.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; mmc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; mmc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; mnmsrvc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; mobsync.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; mobsync.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; mofcomp.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; moviemk.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; moviemk.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; mplay32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; mplay32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; mplayer2.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; mqbkup.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; mqsvc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; mqtgsvc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; msconfig.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; msconfig.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; msdtc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; mshta.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; msiexec.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; msimn.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; msiregmv.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; msmsgs.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; msmsgs.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; msoobe.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; mspaint.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; mspaint.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; mstinit.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; mstsc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; mstsc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; mtstocom.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; narrator.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; net.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; net1.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; netdde.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; netsetup.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; netsetup.exe\data002;C:\WINDOWS\$NtServicePackUninstall$\netsetup.exe;Win32.HLLP.Sector;; netsetup.exe;C:\WINDOWS\$NtServicePackUninstall$;Kontener zawiera zainfekowane obiekty;Przeniesiony.; netsh.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; netstat.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; notepad.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; nppagent.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; nslookup.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; ntbackup.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; ntbackup.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; ntkrnlpa.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; ntoskrnl.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; ntvdm.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; odbcad32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; odbcconf.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; oemig50.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; oobebaln.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; openfiles.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; opnfiles.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; osk.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; osk.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; packager.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; perfmon.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; pinball.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; pinball.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; ping.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; pintlphr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; powercfg.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; progman.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; progman.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; proquota.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; proxycfg.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; qprocess.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; rasphone.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; rcimlby.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; rcp.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; rdpclip.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; rdsaddin.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; rdshost.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; reg.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; regedit.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; regedit.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; regsvr32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; rexec.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; rsh.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; rsnotify.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; rsnotify.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; rstrui.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; rstrui.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; rtcshare.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; rundll32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; runonce.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; savedump.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; scardsvr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; schtasks.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; scrcons.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; scrnsave.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; sctasks.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; sdbinst.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; secedit.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; services.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; sessmgr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; sethc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; setup.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; setup50.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; setup_wm.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; setup_wm.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; shmgrate.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; shrpubw.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; shtml.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; shutdown.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; sigverif.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; skeys.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; smbinst.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; smi2smir.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; smlogsvc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; smss.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; sndrec32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; sndrec32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; snmp.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; snmptrap.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; sort.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; spider.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; spider.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; spiisupd.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; spnpinst.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; spoolsv.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; ss3dfo.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; ssbezier.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; ssflwbox.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; ssmarque.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; ssmypics.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; ssmyst.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; sspipes.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; ssstars.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; sstext3d.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; stimon.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; svchost.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; sysinfo.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; sysocmgr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; sysocmgr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; systeminfo.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; taskkill.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; tasklist.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; taskmgr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; taskmgr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; tcptest.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; telnet.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; tlntadmn.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; tlntsess.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; tlntsvr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; tourstart.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; tourstart.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; tourstrt.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; tourstrt.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; tracerpt.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; tracert.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; unregmp2.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; unregmp2.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; uploadm.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; upnpcont.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; ups.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; userinit.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; utilman.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; vssvc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; wab.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; wabmig.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; wbemtest.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; wbemtest.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; wextract.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; wiaacmgr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; wiaacmgr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; winhlp32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; winhlp32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; winver.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; wmiadap.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; wmiadap.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Niewyleczalny.Usunięty.; wmiapsrv.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; wmic.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; wmiprvse.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; wmiprvse.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Niewyleczalny.Usunięty.; wmplayer.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; wordpad.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; wordpad.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; wpabaln.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; wpnpinst.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; wscntfy.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; wscript.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; wscript.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; wuauclt.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; wuauclt.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; wuauclt1.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.HLLP.Jeefo.36352;Wyleczony.; wuauclt1.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; xcopy.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Sector.28480;Wyleczony.; spuninst.exe;C:\WINDOWS\$NtServicePackUninstall$\spuninst;Win32.HLLP.Jeefo.36352;Wyleczony.; logagent.exe;C:\WINDOWS\$NtUninstallWMFDist11$;Win32.HLLP.Jeefo.36352;Wyleczony.; logagent.exe;C:\WINDOWS\$NtUninstallWMFDist11$;Win32.Sector.28480;Wyleczony.; spuninst.exe;C:\WINDOWS\$NtUninstallWMFDist11$\spuninst;Win32.HLLP.Jeefo.36352;Wyleczony.; spuninst.exe;C:\WINDOWS\$NtUninstallWudf01000$\spuninst;Win32.HLLP.Jeefo.36352;Wyleczony.; spuninst.exe;C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst;Win32.HLLP.Jeefo.36352;Wyleczony.; setup.exe;C:\WINDOWS\Cache\Adobe Reader 6.0.1\POLBIG;Win32.HLLP.Jeefo.36352;Wyleczony.; medctrro.exe;C:\WINDOWS\ehome;Win32.Sector.28480;Wyleczony.; explorer.exe;C:\WINDOWS\ERDNT\cache;Win32.HLLP.Jeefo.36352;Wyleczony.; wuauclt.exe;C:\WINDOWS\ERDNT\cache;Win32.HLLP.Jeefo.36352;Wyleczony.; ERDNT.EXE;C:\WINDOWS\ERDNT\Hiv-backup;Win32.HLLP.Jeefo.36352;Wyleczony.; ERDNT.EXE;C:\WINDOWS\ERDNT\subs;Win32.HLLP.Jeefo.36352;Wyleczony.; places.exe;C:\WINDOWS\Installer\{350C9415-3D7C-4EE8-BAA9-00BCB3D54227};Win32.Sector.28480;Wyleczony.; ARPPRODUCTICON.exe;C:\WINDOWS\Installer\{83437081-8186-4F63-BD39-4BE8A691E055};Win32.Sector.28480;Wyleczony.; NewShortcut1.exe;C:\WINDOWS\Installer\{83437081-8186-4F63-BD39-4BE8A691E055};Win32.Sector.28480;Wyleczony.; NewShortcut1_1.exe;C:\WINDOWS\Installer\{83437081-8186-4F63-BD39-4BE8A691E055};Win32.Sector.28480;Wyleczony.; ProgramMenuShortcut6.exe;C:\WINDOWS\Installer\{83437081-8186-4F63-BD39-4BE8A691E055};Win32.Sector.28480;Wyleczony.; ProgramMenuShortcut8.exe;C:\WINDOWS\Installer\{83437081-8186-4F63-BD39-4BE8A691E055};Win32.Sector.28480;Wyleczony.; ARPPRODUCTICON.exe;C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE};Win32.Sector.28480;Wyleczony.; NewShortcut1_C673DF680CDE41FC9DFBF63D31DE4F28.exe;C:\WINDOWS\Installer\{E1180142-3B31-4DCC-9D27-7AC2D37662BF};Win32.Sector.28480;Wyleczony.; NewShortcut2_C673DF680CDE41FC9DFBF63D31DE4F28.exe;C:\WINDOWS\Installer\{E1180142-3B31-4DCC-9D27-7AC2D37662BF};Win32.Sector.28480;Wyleczony.; Icon8FD64119.exe;C:\WINDOWS\Installer\{E2B64929-B616-4235-B10E-D26D686296F9};Win32.Sector.28480;Wyleczony.; Icon8FD641194.exe;C:\WINDOWS\Installer\{E2B64929-B616-4235-B10E-D26D686296F9};Win32.Sector.28480;Wyleczony.; IconD233FA331.exe;C:\WINDOWS\Installer\{E2B64929-B616-4235-B10E-D26D686296F9};Win32.Sector.28480;Wyleczony.; aspnet_compiler.exe;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;Win32.Sector.28480;Wyleczony.; aspnet_regbrowsers.exe;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;Win32.Sector.28480;Wyleczony.; aspnet_regsql.exe;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;Win32.Sector.28480;Wyleczony.; CasPol.exe;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;Win32.Sector.28480;Wyleczony.; InstallUtil.exe;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;Win32.Sector.28480;Wyleczony.; jsc.exe;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;Win32.Sector.28480;Wyleczony.; MSBuild.exe;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;Win32.Sector.28480;Wyleczony.; RegAsm.exe;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;Win32.Sector.28480;Wyleczony.; RegSvcs.exe;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;Win32.Sector.28480;Wyleczony.; ComSvcConfig.exe;C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation;Win32.Sector.28480;Wyleczony.; infocard.exe;C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation;Win32.Sector.28480;Wyleczony.; ServiceModelReg.exe;C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation;Win32.Sector.28480;Wyleczony.; SMSvcHost.exe;C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation;Win32.Sector.28480;Wyleczony.; WsatConfig.exe;C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation;Win32.Sector.28480;Wyleczony.; PresentationFontCache.exe;C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF;Win32.Sector.28480;Wyleczony.; setup.exe;C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5;Win32.HLLP.Jeefo.36352;Wyleczony.; RebootStub.exe;C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - plk;Win32.HLLP.Jeefo.36352;Wyleczony.; setup.exe;C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - plk;Win32.HLLP.Jeefo.36352;Wyleczony.; xpnetdiag.exe;C:\WINDOWS\network diagnostic;Win32.HLLP.Jeefo.36352;Wyleczony.; xpnetdiag.exe;C:\WINDOWS\network diagnostic;Win32.Sector.28480;Wyleczony.; accwiz.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; accwiz.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; admin.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; agentsvr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; agentsvr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ahui.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; ahui.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; alg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; aspnet_regiis.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; aspnet_state.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; aspnet_wp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; asr_fmt.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; asr_pfu.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; at.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; atmadm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; attrib.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; auditusr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; author.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; autochk.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; autoconv.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; autofmt.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; autolfn.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; blastcln.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; bootcfg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; cacls.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; caspol.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; cfgwiz.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; cfgwiz.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; cipher.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; cisvc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; cliconfg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; clipbrd.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; clipbrd.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; clipsrv.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; cmd.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; cmdl32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; cmmon32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; cmstp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; comrepl.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; comrereg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; comsdupd.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; conf.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; conf.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; conime.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; csc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; cscript.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; csrss.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ctfmon.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; davcdata.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; dcomcnfg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ddeshare.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; defrag.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; dfrgfat.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; dfrgfat.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; dfrgntfs.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; dfrgntfs.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; diantz.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; diskpart.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; dllhost.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; dmadmin.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; dmremote.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; dplaysvr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; dpnsvr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; dpvsetup.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; dpvsetup.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; drvqry.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; dumprep.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; dvdupgrd.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; dwwin.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; dwwin.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; dxdiag.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; eudcedit.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; eudcedit.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; evcreate.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; evntcmd.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; evntwin.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; evntwin.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; evtrig.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; explorer.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; explorer.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; extrac32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; faxpatch.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; findstr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; fltmc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; fontview.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; forcedos.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; fp98sadm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; fp98swin.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; fp98swin.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; fpadmcgi.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; fpcount.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; fpremadm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; fpsrvadm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; fsquirt.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; fsquirt.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ftp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; fxsclnt.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; fxsclnt.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; fxscover.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; fxscover.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; getmac.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; gprslt.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; grpconv.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; help.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; helpctr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; helpctr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; helpsvc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; hh.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; hscupd.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; icwconn1.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; icwconn1.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; icwconn2.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; icwconn2.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; icwrmind.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ie4uinit.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; iedw.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; iexplore.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; iexplore.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; iexpress.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; iexpress.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; iisrstas.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ilasm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; imapi.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; inetin51.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; inetwiz.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; installutil.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ipconfig.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ipv6.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ipxroute.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; irftp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; irftp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; jsc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; lhmstsc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; lhmstsc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; locator.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; logman.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; logon.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; logonui.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; logonui.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; lsass.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; magnify.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; makecab.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; migload.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; migload.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; migregdb.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; migwiz.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; migwiz.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; migwiza.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; migwiza.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; mmc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; mmcperf.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; mnmsrvc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; mobsync.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; mobsync.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; mofcomp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; moviemk.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; moviemk.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; mplay32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; mplay32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; mqbkup.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; mqsvc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; mqtgsvc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; msconfig.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; msconfig.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; msdtc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; mshta.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; msiexec.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; msimn.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; msiregmv.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; msmsgs.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; msmsgs.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; msoobe.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; mspaint.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; mspaint.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; mstinit.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; mtstocom.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; napstat.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; napstat.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; narrator.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; net.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; net1.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; netdde.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; netsetup.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; netsetup.exe\data002;C:\WINDOWS\ServicePackFiles\i386\netsetup.exe;Win32.HLLP.Sector;; netsetup.exe;C:\WINDOWS\ServicePackFiles\i386;Kontener zawiera zainfekowane obiekty;Przeniesiony.; netsh.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; netstat.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ngen.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; notepad.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; nppagent.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; nslookup.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ntbackup.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; ntbackup.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ntkrnlmp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ntkrnlpa.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ntkrpamp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ntoskrnl.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ntvdm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; odbcad32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; odbcconf.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; oemig50.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; oobebaln.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; opnfiles.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; oschoice.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; osk.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; osk.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; osloader.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; packager.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; perfmon.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; pinball.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; pinball.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ping.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; powercfg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; progman.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; progman.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; proquota.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; proxycfg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; qprocess.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; rasphone.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; rcimlby.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; rcp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; rdpclip.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; rdsaddin.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; rdshost.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; reg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; regasm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; regedit.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; regedit.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; regsvr32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; rexec.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; rsh.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; rsnotify.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; rsnotify.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; rstrui.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; rstrui.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; rtcshare.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; rundll32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; runonce.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; savedump.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; scardsvr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; scrcons.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; scrnsave.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; sctasks.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; sdbinst.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; secedit.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; services.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; sessmgr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; sethc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; setup.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; setup50.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; setupn.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; shmgrate.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; shrpubw.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; shtml.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; shutdown.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; sigverif.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; skeys.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; slrundll.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; slserv.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; smbinst.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; smi2smir.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; smlogsvc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; smss.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; sndrec32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; sndrec32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; snmp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; snmptrap.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; sort.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; spdwnwxp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; spider.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; spider.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; spiisupd.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; spnpinst.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; spoolsv.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; spupdwxp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ss3dfo.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ssbezier.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ssflwbox.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ssmarque.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ssmypics.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ssmyst.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; sspipes.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ssstars.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; sstext3d.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; stimon.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; stub_fpsrvadm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; stub_fpsrvwin.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; svchost.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; sysinfo.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; sysocmgr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; sysocmgr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; taskkill.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; tasklist.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; taskmgr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; taskmgr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; tcptest.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; telnet.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; tlntadmn.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; tlntsess.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; tlntsvr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; tourstrt.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; tourstrt.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; tp4mon.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; tp4mon.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Niewyleczalny.Usunięty.; tracerpt.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; tracert.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; tzchange.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; uploadm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; upnpcont.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; ups.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; userinit.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; utilman.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; vbc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; verclsid.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; vssvc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; wab.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; wabmig.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; wbemtest.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; wbemtest.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; wextract.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; wiaacmgr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; wiaacmgr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; winhlp32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; winhlp32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; winver.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; wmiadap.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; wmiadap.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Niewyleczalny.Usunięty.; wmiapsrv.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; wmic.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; wmiprvse.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; wmiprvse.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Niewyleczalny.Usunięty.; wordpad.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; wordpad.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; wpabaln.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; wpnpinst.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; wscntfy.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; wscript.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; wscript.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; wuauclt.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; wuauclt.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; wuauclt1.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; wuauclt1.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; xcopy.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; xpnetdg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; xpnetdg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Sector.28480;Wyleczony.; cintsetp.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.HLLP.Jeefo.36352;Wyleczony.; cintsetp.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Sector.28480;Wyleczony.; cplexe.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Sector.28480;Wyleczony.; imjpdct.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.HLLP.Jeefo.36352;Wyleczony.; imjpdct.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Sector.28480;Wyleczony.; imjpdsvr.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.HLLP.Jeefo.36352;Wyleczony.; imjpdsvr.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Sector.28480;Wyleczony.; imjpinst.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.HLLP.Jeefo.36352;Wyleczony.; imjpinst.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Sector.28480;Wyleczony.; imjpmig.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.HLLP.Jeefo.36352;Wyleczony.; imjpmig.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Sector.28480;Wyleczony.; imjprw.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.HLLP.Jeefo.36352;Wyleczony.; imjprw.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Sector.28480;Wyleczony.; imjputy.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.HLLP.Jeefo.36352;Wyleczony.; imjputy.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Sector.28480;Wyleczony.; imscinst.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Sector.28480;Wyleczony.; pintlphr.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Sector.28480;Wyleczony.; tintlphr.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Sector.28480;Wyleczony.; tintsetp.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.HLLP.Jeefo.36352;Wyleczony.; tintsetp.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Sector.28480;Wyleczony.; msmsgs.exe;C:\WINDOWS\ServicePackFiles\ServicePackCache\i386;Win32.HLLP.Jeefo.36352;Wyleczony.; msmsgs.exe;C:\WINDOWS\ServicePackFiles\ServicePackCache\i386;Win32.Sector.28480;Wyleczony.; drmupgds.exe;C:\WINDOWS\system32;Win32.HLLP.Jeefo.36352;Wyleczony.; icardagt.exe;C:\WINDOWS\system32;Win32.HLLP.Jeefo.36352;Wyleczony.; javaw.exe;C:\WINDOWS\system32;Win32.HLLP.Jeefo.36352;Wyleczony.; javaws.exe;C:\WINDOWS\system32;Win32.HLLP.Jeefo.36352;Wyleczony.; keystone.exe;C:\WINDOWS\system32;Win32.HLLP.Jeefo.36352;Wyleczony.; NeroCheck.exe;C:\WINDOWS\system32;Win32.HLLP.Jeefo.36352;Wyleczony.; nvappbar.exe;C:\WINDOWS\system32;Win32.HLLP.Jeefo.36352;Wyleczony.; nvdspsch.exe;C:\WINDOWS\system32;Win32.HLLP.Jeefo.36352;Wyleczony.; nvudisp.exe;C:\WINDOWS\system32;Win32.HLLP.Jeefo.36352;Wyleczony.; nwiz.exe;C:\WINDOWS\system32;Win32.HLLP.Jeefo.36352;Wyleczony.; pbsvc.exe;C:\WINDOWS\system32;Win32.HLLP.Jeefo.36352;Wyleczony.; PresentationHost.exe;C:\WINDOWS\system32;Win32.HLLP.Jeefo.36352;Wyleczony.; vcmgcd32.dll;C:\WINDOWS\system32;Win32.HLLP.Sector;Usunięty.; vcmgcd32.dl_;C:\WINDOWS\system32;Win32.HLLP.Sector;Usunięty.; WudfHost.exe;C:\WINDOWS\system32;Win32.HLLP.Jeefo.36352;Wyleczony.; gt.exe;C:\WINDOWS\system32\Adobe\Shockwave 11;Win32.HLLP.Jeefo.36352;Wyleczony.; SwHelper_1156606.exe;C:\WINDOWS\system32\Adobe\Shockwave 11;Win32.HLLP.Jeefo.36352;Wyleczony.; SwInit.exe;C:\WINDOWS\system32\Adobe\Shockwave 11;Win32.HLLP.Jeefo.36352;Wyleczony.; NPSWF32_FlashUtil.exe;C:\WINDOWS\system32\Macromed\Flash;Win32.HLLP.Jeefo.36352;Wyleczony.; PrintFilterPipelineSvc.exe;C:\WINDOWS\system32\spool\prtprocs\w32x86;Win32.HLLP.Jeefo.36352;Wyleczony.; migwiz_a.exe;C:\WINDOWS\system32\usmt;Win32.HLLP.Jeefo.36352;Wyleczony.; XPSViewer.exe;C:\WINDOWS\system32\XPSViewer;Win32.HLLP.Jeefo.36352;Wyleczony.; Ygoow.exe;C:\ygoow\Ygoow;Win32.HLLP.Jeefo.36352;Wyleczony.; ahpub.dll;D:\;Trojan.DownLoad.37542;Niewyleczalny.Usunięty.; ahpub.exe;D:\;Win32.HLLP.Jeefo.36352;Wyleczony.; ahpub.exe;D:\;Win32.Sector.28480;Wyleczony.; MoorHunt.exe;D:\;Win32.HLLP.Jeefo.36352;Wyleczony.; Pionopis.exe;D:\;Win32.HLLP.Jeefo.36352;Niewyleczalny.Usunięty.; RivaTuner2.20_[www.programosy.pl].exe;D:\;Win32.HLLP.Jeefo.36352;Wyleczony.; setup_scpt.part1.exe;D:\;Win32.HLLP.Jeefo.36352;Wyleczony.; DW20.EXE;D:\49a1ca2e8fd517882022;Win32.HLLP.Jeefo.36352;Wyleczony.; setup.exe;D:\49a1ca2e8fd517882022;Win32.HLLP.Jeefo.36352;Wyleczony.; 50comupd.exe;D:\Acid pro 6;Win32.HLLP.Jeefo.36352;Wyleczony.; acid60.exe;D:\Acid pro 6;Win32.Sector.28480;Wyleczony.; hhupd.exe;D:\Acid pro 6;Win32.HLLP.Jeefo.36352;Wyleczony.; Setup.exe;D:\Acid pro 6;Win32.HLLP.Jeefo.36352;Wyleczony.; Setup.exe;D:\Acid pro 6\mediamgr;Win32.HLLP.Jeefo.36352;Wyleczony.; MSDESetup.exe;D:\Acid pro 6\mediamgr\msde;Win32.HLLP.Jeefo.36352;Wyleczony.; msisetup.exe;D:\Acid pro 6\mediamgr\msde;Win32.HLLP.Jeefo.36352;Wyleczony.; Audition.exe;D:\Adobe Audition 2.0;Win32.Sector.28480;Wyleczony.; uninstal.exe;D:\Advanced IP Scanner;Win32.Sector.28480;Wyleczony.; ALLPlayer.exe;D:\ALLPlayer;Win32.HLLP.Jeefo.36352;Wyleczony.; unins000.exe;D:\ALLPlayer;Win32.HLLP.Jeefo.36352;Wyleczony.; Azureus.exe;D:\Azureus;Win32.HLLP.Jeefo.36352;Wyleczony.; AzureusUpdater.exe;D:\Azureus;Win32.HLLP.Jeefo.36352;Wyleczony.; uninstall.exe;D:\Azureus;Win32.HLLP.Jeefo.36352;Wyleczony.; setup.exe;D:\bc339bd88773cee4c4c69e2478;Win32.HLLP.Jeefo.36352;Wyleczony.; BearShare.exe;D:\bs;Win32.Sector.28480;Wyleczony.; RunMSC.dll;D:\bs;Adware.SearchAid.40;Usunięty.; UNWISE.EXE;D:\bs;Win32.HLLP.Jeefo.36352;Wyleczony.; UNWISE.EXE;D:\bs;Win32.Sector.28480;Wyleczony.; Webstats.exe;D:\bs;Win32.Sector.28480;Wyleczony.; hl2.exe;D:\Counter-Strike Source;Win32.Sector.28480;Wyleczony.; srcds.exe;D:\Counter-Strike Source;Win32.HLLP.Jeefo.36352;Wyleczony.; srcds.exe;D:\Counter-Strike Source;Win32.Sector.28480;Wyleczony.; Uninstal.exe;D:\Counter-Strike Source;Win32.HLLP.Jeefo.36352;Wyleczony.; sd4hide.exe;D:\CRACK;Win32.HLLP.Jeefo.36352;Wyleczony.; sd4hide.exe;D:\CRACK;Win32.Sector.28480;Wyleczony.; wrar311pl.exe;D:\CRACK;Win32.HLLP.Jeefo.36352;Wyleczony.; daemon347.exe;D:\CRACK\DaemonTools;Win32.HLLP.Jeefo.36352;Wyleczony.; daemon347.exe;D:\CRACK\DaemonTools;Win32.Sector.28480;Wyleczony.; MOHAA.exe;D:\crack1.0;Win32.HLLP.Jeefo.36352;Wyleczony.; hl.exe;D:\cs 1.6;Win32.HLLP.Jeefo.36352;Wyleczony.; hl.exe;D:\cs 1.6;Win32.Sector.28480;Wyleczony.; hlds.exe;D:\cs 1.6;Win32.HLLP.Jeefo.36352;Wyleczony.; hltv.exe;D:\cs 1.6;Win32.HLLP.Jeefo.36352;Wyleczony.; zm_tree_house.bsp;D:\cs 1.6\cstrike\maps;Odmiana wirusa Oxana.1419;Usunięty.; steambackup.exe;D:\cs 1.6\platform\Steam\cached;Win32.HLLP.Jeefo.36352;Wyleczony.; CSS_Patch_comprehensive_16_DZ.exe;D:\css;Win32.HLLP.Jeefo.36352;Wyleczony.; CSS_Patch_v17_04-04-2007-DZ.exe;D:\css;Win32.HLLP.Jeefo.36352;Wyleczony.; dmwclient.exe;D:\DMW Client 3;Win32.Sector.28480;Wyleczony.; uninst.exe;D:\DMW Client 3;Win32.Sector.28480;Wyleczony.; hlds.exe;D:\dod;Win32.HLLP.Jeefo.36352;Wyleczony.; hltv.exe;D:\dod;Win32.HLLP.Jeefo.36352;Wyleczony.; hltv.exe;D:\dod;Win32.Sector.28480;Wyleczony.; ET.exe;D:\ET;Win32.HLLP.Jeefo.36352;Niewyleczalny.Usunięty.; ETDED.exe;D:\ET;Win32.HLLP.Jeefo.36352;Wyleczony.; ETDED.exe;D:\ET;Win32.Sector.28480;Wyleczony.; pbweb.exe;D:\ET\pb;Win32.Sector.28480;Wyleczony.; UNWISE.EXE;D:\ET\Uninstall;Win32.HLLP.Jeefo.36352;Wyleczony.; UNWISE.EXE;D:\ET\Uninstall;Win32.Sector.28480;Wyleczony.; FarCry.exe;D:\farcry2000;Win32.Sector.28480;Wyleczony.; Splash1.exe;D:\farcry2000;Win32.HLLP.Jeefo.36352;Wyleczony.; Splash2.exe;D:\farcry2000;Win32.HLLP.Jeefo.36352;Wyleczony.; unins000.exe;D:\farcry2000;Win32.HLLP.Jeefo.36352;Wyleczony.; cgc.exe;D:\farcry2000\Bin32;Win32.Sector.28480;Wyleczony.; CgfDump.exe;D:\farcry2000\Bin32;Win32.Sector.28480;Wyleczony.; Editor.exe;D:\farcry2000\Bin32;Win32.Sector.28480;Wyleczony.; FarCry.exe;D:\farcry2000\Bin32;Win32.Sector.28480;Wyleczony.; FarCryConfigurator.exe;D:\farcry2000\Bin32;Win32.HLLP.Jeefo.36352;Wyleczony.; FarCryConfigurator.exe;D:\farcry2000\Bin32;Win32.Sector.28480;Wyleczony.; FarCry_WinSV.exe;D:\farcry2000\Bin32;Win32.Sector.28480;Wyleczony.; fxc.exe;D:\farcry2000\Bin32;Win32.Sector.28480;Wyleczony.; LuaCompiler.exe;D:\farcry2000\Bin32;Win32.Sector.28480;Wyleczony.; rc.exe;D:\farcry2000\Bin32;Win32.Sector.28480;Wyleczony.; pbweb.exe;D:\farcry2000\PB;Win32.Sector.28480;Wyleczony.; regsetup.exe;D:\farcry2000\Register;Win32.HLLP.Jeefo.36352;Wyleczony.; regsetup.exe;D:\farcry2000\Register;Win32.Sector.28480;Wyleczony.; register.exe;D:\farcry2000\Register\register;Win32.HLLP.Jeefo.36352;Wyleczony.; register.exe;D:\farcry2000\Register\register;Win32.Sector.28480;Wyleczony.; schedule.exe;D:\farcry2000\Register\register;Win32.Sector.28480;Wyleczony.; xmlinst.exe;D:\farcry2000\Register\register\dll;Win32.Sector.28480;Wyleczony.; SonyVegasPro80a-ce_enu.exe;D:\filmy;Win32.HLLP.Jeefo.36352;Wyleczony.; FL.exe;D:\fl;Win32.HLLP.Jeefo.36352;Wyleczony.; FL.exe;D:\fl;Win32.Sector.28480;Wyleczony.; Uninstall.exe;D:\fl;Win32.HLLP.Jeefo.36352;Wyleczony.; UNWISE.EXE;D:\fl;Win32.HLLP.Jeefo.36352;Wyleczony.; UNWISE.EXE;D:\fl;Win32.Sector.28480;Wyleczony.; TunnelProfiler.exe;D:\fl\Plugins\Fruity\Generators\Chrome;Win32.HLLP.Jeefo.36352;Wyleczony.; TunnelProfiler.exe;D:\fl\Plugins\Fruity\Generators\Chrome;Win32.Sector.28480;Wyleczony.; zx_bs_d.exe;D:\fl\System\Tools\BeatSlicer;Win32.HLLP.Jeefo.36352;Wyleczony.; FLDownloadManager.exe;D:\fl\System\Tools\FLInstaller;Win32.HLLP.Jeefo.36352;Wyleczony.; FLInstaller.exe;D:\fl\System\Tools\FLInstaller;Win32.HLLP.Jeefo.36352;Wyleczony.; activator.exe;D:\fm\Football Manager 2009;Win32.HLLP.Jeefo.36352;Wyleczony.; fm.exe;D:\fm\Football Manager 2009;Win32.HLLP.Jeefo.36352;Wyleczony.; fm91_t1.exe;D:\fm\Football Manager 2009;Win32.Sector.28480;Wyleczony.; DXSETUP.exe;D:\fm\Football Manager 2009\directx;Win32.HLLP.Jeefo.36352;Wyleczony.; java.exe;D:\fm\Football Manager 2009\jre\bin;Win32.Sector.28480;Wyleczony.; javacpl.exe;D:\fm\Football Manager 2009\jre\bin;Win32.Sector.28480;Wyleczony.; javaw.exe;D:\fm\Football Manager 2009\jre\bin;Win32.Sector.28480;Wyleczony.; javaws.exe;D:\fm\Football Manager 2009\jre\bin;Win32.HLLP.Jeefo.36352;Wyleczony.; javaws.exe;D:\fm\Football Manager 2009\jre\bin;Win32.Sector.28480;Wyleczony.; jucheck.exe;D:\fm\Football Manager 2009\jre\bin;Win32.HLLP.Jeefo.36352;Wyleczony.; jucheck.exe;D:\fm\Football Manager 2009\jre\bin;Win32.Sector.28480;Wyleczony.; jusched.exe;D:\fm\Football Manager 2009\jre\bin;Win32.Sector.28480;Wyleczony.; keytool.exe;D:\fm\Football Manager 2009\jre\bin;Win32.Sector.28480;Wyleczony.; kinit.exe;D:\fm\Football Manager 2009\jre\bin;Win32.Sector.28480;Wyleczony.; klist.exe;D:\fm\Football Manager 2009\jre\bin;Win32.Sector.28480;Wyleczony.; ktab.exe;D:\fm\Football Manager 2009\jre\bin;Win32.Sector.28480;Wyleczony.; orbd.exe;D:\fm\Football Manager 2009\jre\bin;Win32.Sector.28480;Wyleczony.; pack200.exe;D:\fm\Football Manager 2009\jre\bin;Win32.Sector.28480;Wyleczony.; policytool.exe;D:\fm\Football Manager 2009\jre\bin;Win32.Sector.28480;Wyleczony.; rmid.exe;D:\fm\Football Manager 2009\jre\bin;Win32.Sector.28480;Wyleczony.; rmiregistry.exe;D:\fm\Football Manager 2009\jre\bin;Win32.Sector.28480;Wyleczony.; servertool.exe;D:\fm\Football Manager 2009\jre\bin;Win32.Sector.28480;Wyleczony.; tnameserv.exe;D:\fm\Football Manager 2009\jre\bin;Win32.Sector.28480;Wyleczony.; unpack200.exe;D:\fm\Football Manager 2009\jre\bin;Win32.Sector.28480;Wyleczony.; data editor.exe;D:\fm\Football Manager 2009\tools\data editor;Win32.HLLP.Jeefo.36352;Wyleczony.; data editor.exe;D:\fm\Football Manager 2009\tools\data editor;Win32.Sector.28480;Wyleczony.; Resource Archiver.exe;D:\fm\Football Manager 2009\tools\resource archiver;Win32.HLLP.Jeefo.36352;Wyleczony.; Uninstall Football Manager 2009.exe;D:\fm\Football Manager 2009\Uninstall_Football Manager 2009;Win32.HLLP.Jeefo.36352;Wyleczony.; remove.exe;D:\fm\Football Manager 2009\Uninstall_Football Manager 2009\resource;Win32.HLLP.Jeefo.36352;Wyleczony.; ggphone.exe;D:\Gadu-Gadu\Gadu-Gadu\ggphone;Win32.HLLP.Jeefo.36352;Wyleczony.; agent.exe;D:\Gadu-Gadu1;Win32.HLLP.Jeefo.36352;Wyleczony.; cc-get-mac-address.exe;D:\getmac;Win32.Sector.28480;Wyleczony.; unins000.exe;D:\getmac;Win32.HLLP.Jeefo.36352;Wyleczony.; cs16full_v7.exe;D:\gry;Win32.HLLP.Jeefo.36352;Wyleczony.; SonyVegasPro80a-ce_enu.exe;D:\gry;Win32.HLLP.Jeefo.36352;Wyleczony.; winbraz.exe;D:\gry;Win32.HLLP.Jeefo.36352;Wyleczony.; winbraz256.exe;D:\gry;Win32.HLLP.Jeefo.36352;Wyleczony.; GettingUp.exe;D:\gry\Crack;Win32.HLLP.Jeefo.36352;Wyleczony.; RivaTuner220.exe;D:\Guru3D.com\Setup;Win32.HLLP.Jeefo.36352;Wyleczony.; appinfo.exe;D:\hardtruck;Win32.Sector.28480;Wyleczony.; autorun.exe;D:\hardtruck;Win32.HLLP.Jeefo.36352;Wyleczony.; autorun.exe;D:\hardtruck;Win32.Sector.28480;Wyleczony.; dxsetup.exe;D:\hardtruck;Win32.HLLP.Jeefo.36352;Wyleczony.; dxsetup.exe;D:\hardtruck;Win32.Sector.28480;Wyleczony.; htruck2.exe;D:\hardtruck;Win32.HLLP.Jeefo.36352;Wyleczony.; htruck2.exe;D:\hardtruck;Win32.Sector.28480;Wyleczony.; install.exe;D:\hardtruck;Win32.HLLP.Jeefo.36352;Wyleczony.; install.exe;D:\hardtruck;Win32.Sector.28480;Wyleczony.; uninst.exe;D:\hardtruck;Win32.Sector.28480;Wyleczony.; Configure.exe;D:\mohaa 1.11;Win32.HLLP.Jeefo.36352;Wyleczony.; Configure.exe;D:\mohaa 1.11;Win32.Sector.28480;Wyleczony.; MOHAA.exe;D:\mohaa 1.11;Win32.HLLP.Jeefo.36352;Wyleczony.; MOHAA.exe;D:\mohaa 1.11;Win32.Sector.28480;Wyleczony.; MOHAA_server.exe;D:\mohaa 1.11;Win32.HLLP.Jeefo.36352;Wyleczony.; MOHAA_server.exe;D:\mohaa 1.11;Win32.Sector.28480;Wyleczony.; go_EZ.exe;D:\mohaa 1.11\eReg;Win32.Sector.28480;Wyleczony.; Medal of Honor Allied Assault_Code.exe;D:\mohaa 1.11\eReg;Win32.HLLP.Jeefo.36352;Wyleczony.; Medal of Honor Allied Assault_Code.exe;D:\mohaa 1.11\eReg;Win32.Sector.28480;Wyleczony.; Medal of Honor Allied Assault_eReg.exe;D:\mohaa 1.11\eReg;Win32.HLLP.Jeefo.36352;Wyleczony.; Medal of Honor Allied Assault_eReg.exe;D:\mohaa 1.11\eReg;Win32.Sector.28480;Wyleczony.; Medal of Honor Allied Assault_EZ.exe;D:\mohaa 1.11\eReg;Win32.HLLP.Jeefo.36352;Wyleczony.; Medal of Honor Allied Assault_EZ.exe;D:\mohaa 1.11\eReg;Win32.Sector.28480;Wyleczony.; Medal of Honor Allied Assault_uninst.exe;D:\mohaa 1.11\eReg;Win32.HLLP.Jeefo.36352;Wyleczony.; Medal of Honor Allied Assault_uninst.exe;D:\mohaa 1.11\eReg;Win32.Sector.28480;Wyleczony.; Configure.exe;D:\mohaa1.0;Win32.Sector.28480;Wyleczony.; MOHAA.exe;D:\mohaa1.0;Win32.Sector.28480;Wyleczony.; go_EZ.exe;D:\mohaa1.0\eReg;Win32.Sector.28480;Wyleczony.; Medal of Honor Allied Assault_Code.exe;D:\mohaa1.0\eReg;Win32.HLLP.Jeefo.36352;Wyleczony.; Medal of Honor Allied Assault_Code.exe;D:\mohaa1.0\eReg;Win32.Sector.28480;Wyleczony.; Medal of Honor Allied Assault_eReg.exe;D:\mohaa1.0\eReg;Win32.HLLP.Jeefo.36352;Wyleczony.; Medal of Honor Allied Assault_eReg.exe;D:\mohaa1.0\eReg;Win32.Sector.28480;Wyleczony.; Medal of Honor Allied Assault_EZ.exe;D:\mohaa1.0\eReg;Win32.HLLP.Jeefo.36352;Wyleczony.; Medal of Honor Allied Assault_EZ.exe;D:\mohaa1.0\eReg;Win32.Sector.28480;Wyleczony.; Medal of Honor Allied Assault_uninst.exe;D:\mohaa1.0\eReg;Win32.HLLP.Jeefo.36352;Wyleczony.; Medal of Honor Allied Assault_uninst.exe;D:\mohaa1.0\eReg;Win32.Sector.28480;Wyleczony.; 50comupd.exe;D:\mp3\My Downloads\Sony Vegas 6.0 + Sony DVD Architect 3.0 (Incl Keygen)\Sony Vegas Video 6 keygen;Win32.HLLP.Jeefo.36352;Wyleczony.; hhupd.exe;D:\mp3\My Downloads\Sony Vegas 6.0 + Sony DVD Architect 3.0 (Incl Keygen)\Sony Vegas Video 6 keygen;Win32.HLLP.Jeefo.36352;Wyleczony.; Setup.exe;D:\mp3\My Downloads\Sony Vegas 6.0 + Sony DVD Architect 3.0 (Incl Keygen)\Sony Vegas Video 6 keygen;Win32.HLLP.Jeefo.36352;Wyleczony.; Setup.exe;D:\mp3\My Downloads\Sony Vegas 6.0 + Sony DVD Architect 3.0 (Incl Keygen)\Sony Vegas Video 6 keygen;Win32.Sector.28480;Wyleczony.; Setup.exe;D:\mp3\My Downloads\Sony Vegas 6.0 + Sony DVD Architect 3.0 (Incl Keygen)\Sony Vegas Video 6 keygen\mediamgr;Win32.HLLP.Jeefo.36352;Wyleczony.; MSDESetup.exe;D:\mp3\My Downloads\Sony Vegas 6.0 + Sony DVD Architect 3.0 (Incl Keygen)\Sony Vegas Video 6 keygen\mediamgr\msde;Win32.HLLP.Jeefo.36352;Wyleczony.; msisetup.exe;D:\mp3\My Downloads\Sony Vegas 6.0 + Sony DVD Architect 3.0 (Incl Keygen)\Sony Vegas Video 6 keygen\mediamgr\msde;Win32.HLLP.Jeefo.36352;Wyleczony.; dvdarchitect30.exe;D:\mp3\My Downloads\Sony Vegas 6.0 + Sony DVD Architect 3.0 (Incl Keygen)\Sony.DVD.Architect.v3.0.Incl.Keygen-SSG;Win32.HLLP.Jeefo.36352;Wyleczony.; Setup.exe;D:\photosop\Photoshop;Win32.Sector.28480;Wyleczony.; _ISDel.exe;D:\photosop\Photoshop;Win32.Sector.28480;Wyleczony.; BearShare.exe;D:\Program Files\BearShare;Win32.Sector.28480;Wyleczony.; RunMSC.dll;D:\Program Files\BearShare;Adware.SearchAid.40;Usunięty.; UNWISE.EXE;D:\Program Files\BearShare;Win32.HLLP.Jeefo.36352;Wyleczony.; Webstats.exe;D:\Program Files\BearShare;Win32.Sector.28480;Wyleczony.; Uninstall.exe;D:\Program Files\Metropolis Software\Skoki Narciarskie 2006;Win32.HLLP.Jeefo.36352;Wyleczony.; Uninstall.exe;D:\Program Files\Metropolis Software\Skoki Narciarskie 2006;Win32.Sector.28480;Wyleczony.; game.exe;D:\Program Files\Metropolis Software\Skoki Narciarskie 2006\bin;Win32.HLLP.Jeefo.36352;Wyleczony.; game.exe;D:\Program Files\Metropolis Software\Skoki Narciarskie 2006\bin;Win32.Sector.28480;Wyleczony.; SafeMode.exe;D:\Program Files\Metropolis Software\Skoki Narciarskie 2006\bin;Win32.Sector.28480;Wyleczony.; uninstal.exe;D:\Program Files\winbraz;Win32.Sector.28480;Wyleczony.; Winbraz.exe;D:\Program Files\winbraz;Win32.HLLP.Jeefo.36352;Wyleczony.; Adobe_Audition_2_0_Tryout.exe;D:\programy;Win32.HLLP.Jeefo.36352;Wyleczony.; Instalator.exe;D:\programy;Win32.HLLP.Jeefo.36352;Wyleczony.; Setup.exe;D:\programy;Win32.HLLP.Jeefo.36352;Wyleczony.; virtualdj_trial.exe;D:\programy;Win32.HLLP.Jeefo.36352;Wyleczony.; wrar360b4pl.exe;D:\programy;Win32.HLLP.Jeefo.36352;Wyleczony.; odtwarzacz.exe;D:\programy\Szkoła Hakerów - Odtwarzacz filmów instruktażowych;Win32.HLLP.Jeefo.36352;Wyleczony.; odtwarzacz.exe;D:\programy\Szkoła Hakerów - Odtwarzacz filmów instruktażowych;Win32.Sector.28480;Wyleczony.; Shareaza.exe;D:\Shareaza;Win32.Sector.28480;Wyleczony.; skin.exe;D:\Shareaza;Win32.HLLP.Jeefo.36352;Wyleczony.; skin.exe;D:\Shareaza;Win32.Sector.28480;Wyleczony.; setup.exe;D:\Shareaza\Uninstall;Win32.HLLP.Jeefo.36352;Wyleczony.; unins000.exe;D:\Shareaza\Uninstall;Win32.HLLP.Jeefo.36352;Wyleczony.; ApplicationRegistration.exe;D:\sony vegas 9.0;Win32.HLLP.Jeefo.36352;Wyleczony.; Setup.exe;D:\sony vegas 9.0;Win32.HLLP.Jeefo.36352;Wyleczony.; vcredist_x86.exe;D:\sony vegas 9.0;Win32.Sector.28480;Wyleczony.; A0309358.exe;D:\System Volume Information\_restore{9C98A17D-438C-4DFA-A3C0-6B9D18A350D7}\RP314;Win32.HLLP.Jeefo.36352;Wyleczony.; A0309362.exe;D:\System Volume Information\_restore{9C98A17D-438C-4DFA-A3C0-6B9D18A350D7}\RP314;Win32.HLLP.Jeefo.36352;Wyleczony.; A0309407.exe;D:\System Volume Information\_restore{9C98A17D-438C-4DFA-A3C0-6B9D18A350D7}\RP314;Win32.HLLP.Jeefo.36352;Wyleczony.; A0309937.exe;D:\System Volume Information\_restore{9C98A17D-438C-4DFA-A3C0-6B9D18A350D7}\RP317;Win32.HLLP.Jeefo.36352;Niewyleczalny.Usunięty.; A0309938.exe;D:\System Volume Information\_restore{9C98A17D-438C-4DFA-A3C0-6B9D18A350D7}\RP317;Win32.HLLP.Jeefo.36352;Niewyleczalny.Usunięty.; Iniuria CSS Release D.exe;D:\Teksty\RazeM\Iniuria CSS Release D;Win32.Sector.28480;Wyleczony.; eye.exe;D:\The All-Seeing Eye;Win32.HLLP.Jeefo.36352;Niewyleczalny.Usunięty.; Kopia eye.exe;D:\The All-Seeing Eye;Win32.HLLP.Jeefo.36352;Niewyleczalny.Usunięty.; movenrun.exe;D:\The All-Seeing Eye;Win32.Sector.28480;Wyleczony.; [/log] anti-malware log[log] Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Wersja bazy: 3968 Windows 5.1.2600 Dodatek Service Pack 3 Internet Explorer 6.0.2900.5512 2010-04-09 16:38:29 mbam-log-2010-04-09 (16-38-29).txt Typ skanowania: Szybkie skanowanie Przeskanowano obiektów: 99346 Upłynęło: 8 minut(y), 58 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 1 Zainfekowanych kluczy rejestru: 0 Zainfekowanych wartości rejestru: 0 Zainfekowane informacje rejestru systemowego: 0 Zainfekowanych folderów: 0 Zainfekowanych plików: 2 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: C:\WINDOWS\system32\vcmgcd32.dll (Virus.Sality) -> Delete on reboot. Zainfekowanych kluczy rejestru: (Nie znaleziono zagrożeń) Zainfekowanych wartości rejestru: (Nie znaleziono zagrożeń) Zainfekowane informacje rejestru systemowego: (Nie znaleziono zagrożeń) Zainfekowanych folderów: (Nie znaleziono zagrożeń) Zainfekowanych plików: C:\WINDOWS\system32\vcmgcd32.dll (Virus.Sality) -> Delete on reboot. C:\WINDOWS\system32\vcmgcd32.dl_ (Virus.Sality) -> Quarantined and deleted successfully. [/log]
Mateusz J. komentarz 9 kwietnia 2010 komentarz 9 kwietnia 2010 Skrypt do ComboFix: [code]File:: c:\windows\system32\vcmgcd32.dll c:\windows\system32\drivers\79218712.sys c:\windows\system32\drivers\7921871.sys c:\windows\system32\drivers\79218711.sys[/code] Jeśli po tej operacji infekcja wróci niestety pozostanie format.
sebus1989 komentarz 9 kwietnia 2010 Autor komentarz 9 kwietnia 2010 (edytowane) Napewno wroci, bo nic sobie nie daje rady z tym shitem. Postaram sie wykminic cos z livecd /edit a teraz mam cos takiego //i43.tinypic.com/nbxixf.jpg a najlepsze ze format raczej nie wchodzi w grę...
Mateusz J. komentarz 10 kwietnia 2010 komentarz 10 kwietnia 2010 LiveCD. Nic innego nie wchodzi w grę. Najlepiej przez LiveCD przeskanuj paroma programami. Na pewno dr.web + Kaspersky removal tool.
sebus1989 komentarz 12 kwietnia 2010 Autor komentarz 12 kwietnia 2010 spox, dzieki za pomoc. Napisze jak cos sie poprawi. zdraviamDalem rade
Mateusz J. komentarz 12 kwietnia 2010 komentarz 12 kwietnia 2010 Mógłbyś opisać jak się pozbyłeś wirusa? Pomoże to w przyszłości innym użytkownikom.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.